A credential is a securely stored API token that workspace admins can make available to apps running inside Giraffe.
Many of the apps you run in Giraffe need to call external services — an AI model, a data provider, a mapping API — and those services require an API token to authenticate. Normally, this means the app builder has to hardcode a token into the app, share it over Slack, or ask each user to bring their own. None of these are great options.
With credentials, an admin stores the token once in Giraffe, sets who in the workspace can use it, and the app retrieves it automatically at runtime. The token value is never visible to end users and is never stored in the browser — it's resolved server-side each time an app loads.
Why use credentials?
Centralised control. One token, managed in one place. If it needs to be rotated or revoked, the admin does it once and every app picks up the change immediately.
No secret sprawl. Tokens don't end up in source code, Slack messages, or browser storage.
Spend control stays with the admin. Because the token is shared from a single provisioned credential, usage flows through one account the admin controls — rather than each user running up costs on their own keys.
Credentials are part of the AI Package. Reach out to sales to get access.