Skip to main content
When your vault is connected, you select which credentials TinyFish uses for each run. The AI agent handles navigation and identifies login forms. TinyFish fills in the actual credentials securely, without the agent ever seeing your passwords.

Using the Playground

1

Open the vault selector

Click the lock icon in the playground toolbar.Playground toolbar with vault lock icon in gray state
2

Select credentials

Check the credentials you want to use for the run. Items are grouped by provider and vault name, and you can use Select all or Deselect all.Vault access popover with credentials grouped by provider and checkboxes
3

Run your automation

Write your goal, then click Run. TinyFish handles login during the run when a matching site requires it.Playground with vault icon showing credential count badge and goal filled in
Your credential selections persist across sessions.

Using the API

from tinyfish import TinyFish

client = TinyFish()

# Use all vault credentials for the run
response = client.agent.run(
    url="https://www.linkedin.com",
    goal="Log in and capture the latest 3 posts from the feed",
    use_vault=True,
)

# Scope the run to specific credentials only
scoped = client.agent.run(
    url="https://www.linkedin.com",
    goal="Log in and capture the latest 3 posts from the feed",
    use_vault=True,
    credential_item_ids=[
        "cred:conn-abc:Work:item-123",
        "cred:conn-def:Personal:item-456",
    ],
)
import { TinyFish } from "@tiny-fish/sdk";

const client = new TinyFish();

// Use all vault credentials for the run
const response = await client.agent.run({
  url: "https://www.linkedin.com",
  goal: "Log in and capture the latest 3 posts from the feed",
  use_vault: true,
});

// Scope the run to specific credentials only
const scoped = await client.agent.run({
  url: "https://www.linkedin.com",
  goal: "Log in and capture the latest 3 posts from the feed",
  use_vault: true,
  credential_item_ids: [
    "cred:conn-abc:Work:item-123",
    "cred:conn-def:Personal:item-456",
  ],
});
# Use all vault credentials for the run
curl -X POST https://agent.tinyfish.ai/v1/automation/run \
  -H "X-API-Key: $TINYFISH_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://www.linkedin.com",
    "goal": "Log in and capture the latest 3 posts from the feed",
    "use_vault": true
  }'

# Scope the run to specific credentials only
curl -X POST https://agent.tinyfish.ai/v1/automation/run \
  -H "X-API-Key: $TINYFISH_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://www.linkedin.com",
    "goal": "Log in and capture the latest 3 posts from the feed",
    "use_vault": true,
    "credential_item_ids": [
      "cred:conn-abc:Work:item-123",
      "cred:conn-def:Personal:item-456"
    ]
  }'
# Vault credentials support in the CLI is coming soon.

Parameters

ParameterTypeRequiredDefaultDescription
use_vaultbooleanNofalseEnable vault credentials for this run
credential_item_idsstring[]NoAll synced itemsScope to specific credential URIs from GET /v1/vault/items. Requires use_vault: true

Domain Matching

Credentials are matched by domain. For example, a credential with linkedin.com in its URL will be available when the agent navigates to www.linkedin.com or login.linkedin.com. Credentials are not available on unrelated domains. If you have multiple credentials for the same domain, TinyFish uses the ones you selected for that run.

Security

What the AI agent sees

Labels and field names only. Never actual values. The agent tells TinyFish where to type, and TinyFish handles what to type.

What we don’t do

Credentials never appear in agent prompts, run logs, screenshots, or streaming output. We do not rely on visual obfuscation as a security measure.

Credential lifecycle

Credentials are resolved at the browser automation layer, not the AI planning layer. Values exist in memory only for the duration of the input action, then are discarded.

Per-run access

Each run only gets the credentials you explicitly selected. The default is no vault access with use_vault: false.

Encryption

Vault provider tokens are encrypted at rest and never stored in plaintext. You can revoke access by disconnecting the vault or rotating the token.

Limitations

LimitationNotes
MFA / TOTPSupported for time-based codes if the vault item has a TOTP field. Hardware keys and push notifications are not supported
Anti-botSome sites block automated login even with correct credentials. Use stealth mode and a proxy
Account lockoutFailed attempts count against normal lockout policies
OAuth / SSORedirect-based flows may not work for all providers
For logged-in workflows, combine vault credentials with Browser Context Profiles. Browser Context Profiles maintain session state; Vault can repair it when a matching credential is available. For bot protection, also use Proxies.

Troubleshooting

Add use_vault: true to the request body.
Verify the credential domain matches the target site.
Connect a vault first in Settings → Vault.
Use credential_item_ids to scope the run to the exact credential you want.
Pair Vault with Browser Context Profiles. Browser Context Profiles keep the browser logged in; if the session goes stale and a matching vault credential is available, TinyFish can use the credential to repair the session. For bot challenges, also add browser_profile: "stealth" and proxy_config: { enabled: true }.
Connect a vault first in Settings → Vault.

FAQ

No. Values are only accessed at the moment of typing, and the AI agent never sees them.
No. Credentials are not captured in screenshots, streaming output, or logs.
Click Sync in Settings → Vault. The next run uses the updated credential.
TinyFish retries with available credentials for that domain. After multiple failures, the run continues without login.
Runs use the credential state from when they started. Sync before starting a new run.

Connect Your Vault

Set up 1Password or Bitwarden

Runs

Parameters, lifecycle, and result handling

Browser Context Profiles

Reuse Browser Context Profile state across runs