Credentials

Credentials store the access keys and tokens for your compute environments, Git hosting services, and container registries in Seqera Platform.

Container registry credentials are used by the Wave container service to authenticate to private and public container registries like Docker Hub, Google Artifact Registry, Quay, etc.

Path and query parameters

Name	Type	Location	Req/Opt	Description
workspaceId	integer	query	Optional	Workspace numeric identifier
platformId	string	query	Optional	Platform string identifier
useExternalId	boolean	query	Optional	If true, generates a Platform-managed External ID for AWS credentials configured with an IAM role ARN.
name	string	query	Optional	Credentials name to validate
credentialsId	string	path	Required	Credentials string identifier
checked	boolean	query	Optional	If set credentials deletion will be blocked by running jobs that depend on them
pairingId	string	query	Optional	Encryption key string identifier for encrypting the returned credentials.

Request body parameters

Name	Type	Req/Opt	Description
CreateCredentials			Create credentials
credentials	object	Optional	Cloud provider or service credentials for authentication. Used to connect compute environments, access storage, and integrate with external services.
credentials.id	string	Optional	Credentials string identifier.
credentials.name	string	Required	Unique name for the credentials. Must be 1-100 alphanumeric, dash, or underscore characters.
credentials.description	string	Optional	Optional description of the credentials and their intended use.
credentials.provider	string	Required
credentials.baseUrl	string	Optional	Base URL for the container registry server. Required for container registry credentials — defaults to docker.io).
credentials.category	string	Optional	Credential category used to group providers by purpose, for example cloud-compute, scm-host, or container-reg.
credentials.deleted	boolean	Optional	If true, the credential record has been soft-deleted and is retained only for internal reference.
credentials.lastUsed	string	Optional	Timestamp when the credentials were last used by Seqera Platform.
credentials.dateCreated	string	Optional	Timestamp when the credential record was created.
credentials.lastUpdated	string	Optional	Timestamp when the credential record was last updated.
credentials.keys	object	Optional
credentials.keys.discriminator	string	Optional	Read-only provider discriminator for the concrete credentials payload. This value identifies which keys schema applies and matches the parent provider field.
UpdateCredentials			Update credentials
credentials	object	Optional	Cloud provider or service credentials for authentication. Used to connect compute environments, access storage, and integrate with external services.
credentials.id	string	Optional	Credentials string identifier.
credentials.name	string	Required	Unique name for the credentials. Must be 1-100 alphanumeric, dash, or underscore characters.
credentials.description	string	Optional	Optional description of the credentials and their intended use.
credentials.provider	string	Required
credentials.baseUrl	string	Optional	Base URL for the container registry server. Required for container registry credentials — defaults to docker.io).
credentials.category	string	Optional	Credential category used to group providers by purpose, for example cloud-compute, scm-host, or container-reg.
credentials.deleted	boolean	Optional	If true, the credential record has been soft-deleted and is retained only for internal reference.
credentials.lastUsed	string	Optional	Timestamp when the credentials were last used by Seqera Platform.
credentials.dateCreated	string	Optional	Timestamp when the credential record was created.
credentials.lastUpdated	string	Optional	Timestamp when the credential record was last updated.
credentials.keys	object	Optional
credentials.keys.discriminator	string	Optional	Read-only provider discriminator for the concrete credentials payload. This value identifies which keys schema applies and matches the parent provider field.