Skip to main content


Credentials are secrets that are used by commands to access authenticated content. For example, you may create an oauth secret, which contains the configuration required to retrieve an OAuth token before making an authenticated API request.

Using Credentials

Credentials can be used by certain commands (for example auth, oauth) using the --credential flags. See also the $CREDENTIALS.[custom credential name]$ internal token name to embed a secret into a query.

Supported Credential Types

Currently the following secret types are supported; splunk, oauth, okta, gcp, aws4, openai, pinecone, and custom.

Custom Credentials

Often, you'll need a simple key, value pair as a credential. A good example is an Authentication bearer token for an API. We can use the custom credential type to give our credential a name (ex. twitter_bearer) and a secret value. We can then access this credential using the $CREDENTIALS.[custom credential name]$ syntax.

api get ""
--headers '{"Authorization": "Bearer $CREDENTIALS.twitter_bearer$"}'