Connectors & Credentials
Access Control
Control which agents can access which connectors and credentials — per-agent permission management.
Access control determines which agents can use which connectors and credentials. This ensures sensitive integrations are only available to agents that need them.
How Access Control Works
Each connector and credential has a list of authorized agents. Only agents on the list can access the resource. Unauthorized agents cannot see or use the connector.
Granting Access
- Go to Settings → Connectors (or Credentials)
- Click on the connector/credential
- Open the Access tab
- Select which agents should have access
- Set the permission level:
| Level | Can Do |
|---|
| Read | Read credential values, use the connector |
| Write | Read + update credential values |
| Admin | Full control including deletion |
Best Practices
- Least privilege — Give agents only the access they need
- Role-based — Group access by agent role (e.g., only the Developer agent gets database credentials)
- Review regularly — Audit access lists when adding new agents or connectors
- Separate environments — Use different credentials for production vs staging
Audit Logging
Every credential access is logged:
- Who — Which agent accessed it
- When — Timestamp of access
- What — Which credential was retrieved
- Context — The session where access occurred
Review audit logs in the connector/credential details page.