Connections
Save credentials for external services and use them in your patterns.
What is a connection?
A connection is a saved set of credentials for an external service. When your patterns need to interact with third-party platforms — GitHub, Slack, cloud providers, or any API — connections store the authentication details securely so you do not have to enter them every time.
How connections work
DRAGOPS stores connection credentials using AES-256-GCM encryption. Your tokens and keys are encrypted at rest and only decrypted at the moment a node needs them during execution.
A connection stores the credentials needed to authenticate with an external service. Different services require different credentials:
- API key — a single secret key (for example, VirusTotal, SendGrid)
- OAuth — tokens obtained through an OAuth authorization flow (for example, GitHub, Slack)
- Multi-field credentials — multiple values such as an email address, API token, and instance URL (for example, Jira, ServiceNow)
Setting up a connection
OAuth connections
For services that support OAuth (like GitHub and Slack):
- Go to the Connections page in the dashboard
- Select the service you want to connect
- Authorize DRAGOPS in the service's OAuth flow
- DRAGOPS stores the encrypted access token automatically
The OAuth flow handles the full authorization exchange. You do not need to manually copy tokens.
API key connections
For services that use API keys:
- Go to the Connections page in the dashboard
- Select the service and enter your API key
- DRAGOPS encrypts and stores the key
Multi-field credential connections
Some services require more than a single API key. For example, Jira Cloud needs an email address, an API token, and your instance URL. When you set up a connection for these services, DRAGOPS displays a form with fields for each required credential. All fields are stored together as a single encrypted connection.
Multi-field connections are common with integration packs. Each pack defines the credential fields its service requires, and DRAGOPS renders the connection form automatically from that definition.
Using connections in patterns
Nodes that interact with external services reference a connection by name. When the node executes, the execution engine retrieves the decrypted credentials and uses them to authenticate the API call.
For example, a node that posts a message to Slack references your Slack connection. You select which connection to use when configuring the node in the Inspector Panel.
Secrets
Secrets are a related concept for storing sensitive values that are not tied to a specific service provider. Use secrets for:
- API keys for services without a built-in connection type
- Tokens for custom integrations
- Configuration values that should not be stored in the pattern graph
Secrets are scoped to environments, so you can have different values for development and production. They are encrypted with the same AES-256-GCM encryption as connections.
You manage secrets on the Secrets page in the dashboard. Each secret has a name and an encrypted value per environment.
Connections vs secrets
| Connections | Secrets | |
|---|---|---|
| Best for | OAuth services, managed integrations | API keys, custom tokens, config values |
| Setup | OAuth flow or provider-specific form | Name and value per environment |
| Scope | User-level | Environment-level |
| Used by | Service-specific nodes | Any node via secret reference |
Security
- All credentials are encrypted at rest using AES-256-GCM
- Credentials are decrypted only during execution, never stored in pattern graphs
- OAuth tokens are refreshed automatically when possible
- You can revoke a connection at any time from the dashboard
Related concepts
- Patterns — where connections are used
- Deployments — deployed patterns resolve connections at runtime
- Nodes and pins — service nodes reference connections
- Integration packs — pre-built nodes that use connections automatically