SWIRLS_
Connections

Connections

How your system talks to the outside world safely. Secrets hold values, auth blocks describe credentials, and connections broker OAuth with no keys at all.

What it is. Everything your workflows and agents need to call external services: API keys, OAuth credentials, and brokered integrations.

Use it when your workflow calls any API, sends email, posts to Slack, or reads from a service that needs credentials. That is most workflows.

Swirls gives you three levels, in increasing order of how much it manages for you:

  1. Secrets: you hold the value. Declare the variable names in the file, set the values in the vault, and nodes read exactly the keys they declared.
  2. Auth blocks: you describe the credential shape. OAuth client credentials, API keys, basic, or bearer, applied to HTTP requests by the runtime.
  3. Connections: Swirls brokers the OAuth. You declare a provider slot in the file, a human authorizes it once in the Portal, and short-lived tokens are issued at run time. No credentials exist in the file or the vault.

Prefer the highest level the target service supports. A connection beats an auth block because there is no key to leak or rotate; an auth block beats hand-built headers because the runtime applies it consistently.

These blocks are about your system reaching out. For controlling who can reach in to your agents and workflows, see Access.

Postgres

Declare PostgreSQL connections and table schemas for use in workflow nodes.

Secrets

Top-level secret blocks, node-level secret wiring, and the vendor keys the runtime resolves for you.