- Introdução
- Introdução
- Conectores
- Conexões
- Use credential assets for connections
- Gatilhos
- Geração de logs
- Disponibilidade de funcionalidades do Integration Service
- Notificações
- Licenciamento
- Solução de problemas
- Construtor de Conector
- Sobre o Construtor de Conector
- Criação do primeiro conector
- Como criar seu conector a partir de uma definição de API
- Configuração da autenticação
- Uso de variáveis no Construtor do Conector
- Designer de atividades
- Criação de um gatilho
- Lista de verificação do Construtor de Conector
- Introdução
- Exemplo A: criar um conector a partir de uma tela em branco com autenticação do Token de Acesso Pessoal
- Exemplo B: criar um conector de uma tela em branco com autenticação de chave de API
- Exemplo C: criar um conector a partir de uma especificação de API com autenticação de credenciais do cliente OAuth 2.0
- Act! 365
- ActiveCampaign
- Active Directory - Visualização
- Adobe Acrobat Sign
- Adobe PDF Services
- Amazon Bedrock
- Amazon Connect
- Amazon Polly
- Amazon SES
- Amazon Transcribe
- Amazon Web Services
- Anthropic Claude
- Asana
- AWeber
- Azure AI Document Intelligence
- Azure Defender for Cloud
- Azure Maps
- BambooHR
- Box
- Brevo
- Calendly
- Campaign Monitor
- Cisco Webex Teams
- Citrix Hypervisor
- Citrix ShareFile
- Clearbit
- Confluence Cloud
- Constant Contact
- Coupa
- CrewAI – Pré-visualização
- Customer.io
- Database Hub - Pré-visualização
- Agente do Databricks
- Datadog
- Pesquisa Profunda
- Deputy
- Discord - Visualização
- DocuSign
- Gota
- Dropbox
- Dropbox Business
- Egnyte
- Eventbrite
- Taxas de câmbio
- Exchange Server - Pré-visualização
- Expensify
- Facebook
- Freshbooks
- Freshdesk
- Freshsales
- Freshservice
- GetResponse
- GitHub
- Gmail
- Google Cloud Platform
- Documentos Google
- Google Drive
- Formulários Google - Pré-visualização
- Google Maps
- Planilhas Google
- Google Speech-to-Text
- Text-to-Speach do Google
- Google Tasks - Visualização
- Google Vertex
- Google Vision
- Google Workspace
- GoToWebinar
- Greenhouse
- Hootsuite
- Http
- Webhook HTTP
- Hubspot CRM
- HubSpot Marketing
- HyperV - Pré-visualização
- Icertis
- iContact
- Insightly CRM
- Intercom
- Jina.ai
- Jira
- Keap
- Klaviyo
- LinkedIn
- Email
- Mailchimp
- Mailgun
- Mailjet
- MailerLite
- Marketo
- Microsoft 365
- Microsoft Azure
- Microsoft Azure Active Directory
- Microsoft Azure AI Foundry
- Microsoft Azure OpenAI
- Microsoft Azure Sentinel
- Microsoft Dynamics 365 CRM
- Microsoft OneDrive & SharePoint
- Microsoft Outlook 365
- Microsoft Power Automate – Prévia
- Microsoft Sentiment
- Microsoft Sentinel Threat Intelligence
- Microsoft Teams
- Microsoft Translator
- Microsoft Vision
- Miro
- NetIQ eDirectory
- Nvidia NIM — Prévia
- OKTA
- OpenAI
- LLM em conformidade com OpenAI V1
- Oracle Eloqua
- Oracle NetSuite
- PagerDuty
- Paypal
- PDFMonkey
- Perplexity
- Pinecone
- Pipedrive
- QuickBooksOnline
- Quip
- Salesforce
- Salesforce AgentForce e fluxos – Visualização
- Salesforce Marketing Cloud
- SAP BAPI
- SAP Cloud for Customer
- SAP Concur
- SAP OData
- SendGrid
- ServiceNow
- Shopify
- Slack
- SmartRecruiters
- Smartsheet
- Snowflake
- Snowflake Cortex
- Stripe
- Sugar Enterprise
- Sugar Professional
- Sugar Sell
- Sugar Serve
- System Center - Pré-visualização
- TangoCard
- Todoist
- Trello
- Twilio
- UiPath Apps - Preview
- UiPath Data Fabric – Visualização
- Atividades da UiPath GenAI
- UiPath Orchestrator
- X (anteriormente Twitter)
- Xero
- watsonx.ai
- WhatsApp Business
- UiPath Marketplace
- Funcional
- Workday
- Workday REST
- VMware ESXi vSphere
- YouTube
- Zendesk
- Zoho Campaigns
- Zoho Desk
- Zoho Mail
- Zoom
- ZoomInfo
Guia do usuário do Integration Service
Instead of entering credentials directly when creating connections, you can reference an Orchestrator credential asset linked to an external vault. Integration Service resolves the credential at runtime through Orchestrator and never stores it in the Integration Service database.
This feature is designed for organizations with centralized credential management requirements or strict security and compliance policies.
Como funciona
When a connection uses a credential asset, Integration Service calls the Orchestrator credential asset, which in turn retrieves the secret from the linked external vault. The resolved value is cached in memory (encrypted) for one hour to reduce repeated vault API calls.
If a credential becomes invalid before the cache expires — for example, because it was rotated — Integration Service automatically fetches a fresh value from the vault and retries the failed step. All communication between Integration Service and Orchestrator or the external vault is encrypted using HTTPS/TLS.
This feature applies to secret-type fields on the connection screen (such as passwords, API keys, and client secrets). OAuth 2.0 access and refresh tokens are still stored in Integration Service after the initial authorization flow, because the OAuth protocol requires more than a client secret to authenticate. You can use a credential asset for the client secret field in BYOA (Bring your own OAuth 2.0 app) authentication types, but not for the resulting OAuth tokens.
Pré-requisitos
- O Integration Service é habilitado e provisionado para seu tenant.
- At least one credential store is configured in Orchestrator. Supported external vaults include CyberArk, HashiCorp Vault, and all others supported by Orchestrator's credential store integrations.
- A credential asset of type Credential exists in an Orchestrator folder that references the vault secret. Assets of type Text, Integer, or Boolean are not supported.
Step 1: Configure the credential store in Orchestrator
Set up a credential store in Orchestrator that connects to your external vault.
For instructions, see About credential stores in the Orchestrator user guide.
Step 2: Create a credential asset in Orchestrator
In an Orchestrator folder, create an asset of type Credential and link it to the secret in the credential store.
For instructions, see Managing assets in Orchestrator in the Orchestrator user guide.
Step 3: Reference the credential asset when creating a connection
-
In Orchestrator, select a folder and navigate to the Connections tab.
-
Select Add connection and choose the connector.
-
On the connection creation page, locate a secret-type field (for example, Password, API Key, or Client Secret).
-
Select the menu icon next to the field and select Use credential asset.
-
Select the credential asset you want to use. You can select assets from any Orchestrator folder you have access to.
-
Complete any remaining fields and select Connect.
Perguntas frequentes
Are credentials fetched from the vault on every request?
No. Credentials are cached in memory (encrypted) for one hour to reduce repeated vault API calls and improve runtime efficiency. The cache duration cannot be configured.
What happens when a credential is rotated before the cache expires?
If a request fails because the cached credential has become invalid, Integration Service automatically fetches a fresh value from the vault and retries the failed step.
Are credentials stored in Integration Service?
No. Credentials are not written to the Integration Service database. They are held in memory in an encrypted state for the one-hour cache duration only.
Does this work for all connectors?
Yes. This feature works with all connectors. Any connector that has secret-type input fields on its connection form (such as API Key, Password, or Client Secret) supports credential asset references, regardless of authentication type.
Does this apply to all fields on the connection form?
Currently, only secret-type fields are supported (such as passwords, API keys, and client secrets). Support for additional field types is planned.
Which Orchestrator asset types are supported?
Only assets of type Credential are supported. Text, Boolean, and Integer assets cannot be used.
Which external vaults are supported?
All credential store types supported by Orchestrator are supported. For the full list, see About credential stores.
Is proxy supported?
Yes. Both connected and disconnected proxy configurations are supported.
Can I use a credential asset for OAuth tokens?
No. OAuth 2.0 access and refresh tokens are always stored in Integration Service after the initial authorization flow. Only secret-type input fields on the connection screen (such as Client Secret in BYOA authentication) can reference a credential asset.