Skip to main content
The Indices platform can perform actions on authenticated endpoints, including those with multi-factor authentication (MFA) or OAuth flows.

Creating secrets

On the Secrets page, you can store credentials on the platform. You can create:
  • Login secrets: username and password, with optional TOTP 2FA
  • Value secrets: API keys, tokens, and other credential values

Setting up 2FA

When registering a new 2FA device in a service’s dashboard, you’ll typically see both a QR code and a text key like CLAH6OEOV52XVYTKHGKBERP42IUZHY4D. If only the QR code is visible, use a QR code reader to view the URL, which looks like: 
otpauth://totp/Service%20Name:[email protected]?secret=CLAH6OEOV52XVYTKHGKBERP42IUZHY4D&issuer=Example%20Service
Copy the secret value and paste it into the Indices dashboard. With this secret, the platform can generate 2FA codes to authenticate on your behalf.

Best practices

  • If the service supports multiple 2FA devices, register an additional device alongside your existing one
  • If only one device is allowed, store the secret in your password manager as well. Multiple applications can use the same secret key
Note on 2FA types: Indices supports TOTP (Time-based One-Time Password), the most common 2FA method. Setup flows for “Google Authenticator”, “Microsoft Authenticator” and similar apps all use TOTP and will work with Indices. We do not support SMS 2FA.

Using secrets in tasks

During task creation

When creating a task, simply add the secrets needed to perform the task. For example, if your task is “Retrieve a list of checked-in customers from the hotel management system”, you would select the login secret for that system during creation.

During runs

After task creation, you can view which secrets the task uses. Each secret is assigned a descriptive slot name (e.g. MANAGEMENT_LOGIN). When running a task, you can change which credentials to use by binding a different secret to this slot:
  • In the API: Use the secret_bindings parameter when creating a run
  • In the dashboard: You’ll be prompted to select which secret to use in the “Run” dialog
This allows you to reuse the same task with different credentials across runs.
Example: You create a task to retrieve checked-in customers from your Hotel Management System and provide your credentials during creation.After creation, you see the task uses a slot named MANAGEMENT_LOGIN. At runtime, you can switch to different credentials by updating the secret bindings:
{
  "secret_bindings": {
    "MANAGEMENT_LOGIN": "01705c81-f7e1-4fa6-b8c6-bc525b8885f3"
  }
}

Security

Secrets are encrypted at rest and in transit.