--- title: Credentials subtitle: Store and manage authentication credentials securely slug: sdk-reference/credentials --- Credentials let you store login information (username/password, TOTP secrets) securely in Skyvern's vault. Reference them by ID in tasks and workflows instead of passing secrets in your code. --- ## `create_credential` Store a new credential. ```python credential = await client.create_credential( name="my-app-login", credential_type="password", credential={ "username": "demo@example.com", "password": "s3cur3-p4ss", }, ) print(credential.credential_id) ``` ### Parameters | Parameter | Type | Required | Description | |-----------|------|----------|-------------| | `name` | `str` | Yes | Display name for the credential. | | `credential_type` | `CredentialType` | Yes | Type of credential. | | `credential` | `CreateCredentialRequestCredential` | Yes | The credential data. Shape depends on `credential_type`. | ### Returns `CredentialResponse` --- ## `get_credentials` List all credentials. Credential values are never returned — only metadata. ```python creds = await client.get_credentials() for c in creds: print(f"{c.name} ({c.credential_id})") ``` ### Parameters | Parameter | Type | Required | Default | Description | |-----------|------|----------|---------|-------------| | `page` | `int` | No | `None` | Page number. | | `page_size` | `int` | No | `None` | Results per page. | ### Returns `list[CredentialResponse]` --- ## `get_credential` Get a single credential's metadata by ID. ```python cred = await client.get_credential("cred_abc123") print(cred.name, cred.credential_type) ``` ### Parameters | Parameter | Type | Required | Description | |-----------|------|----------|-------------| | `credential_id` | `str` | Yes | The credential ID. | ### Returns `CredentialResponse` --- ## `delete_credential` Delete a credential. ```python await client.delete_credential("cred_abc123") ``` ### Parameters | Parameter | Type | Required | Description | |-----------|------|----------|-------------| | `credential_id` | `str` | Yes | The credential ID to delete. | --- ## `send_totp_code` Send a TOTP (time-based one-time password) code to Skyvern during a run that requires 2FA. Call this when your webhook or polling detects that Skyvern is waiting for a TOTP code. ```python await client.send_totp_code( totp_identifier="demo@example.com", content="123456", ) ``` ### Parameters | Parameter | Type | Required | Description | |-----------|------|----------|-------------| | `totp_identifier` | `str` | Yes | The identifier matching the `totp_identifier` used in the task/workflow. | | `content` | `str` | Yes | The TOTP code value. | | `task_id` | `str` | No | Associate with a specific task run. | | `workflow_id` | `str` | No | Associate with a specific workflow. | | `workflow_run_id` | `str` | No | Associate with a specific workflow run. | | `source` | `str` | No | Source of the TOTP code. | | `expired_at` | `datetime` | No | When this code expires. | | `type` | `OtpType` | No | OTP type. | ### Returns `TotpCode`