> ## Documentation Index
> Fetch the complete documentation index at: https://docs.deck.co/llms.txt
> Use this file to discover all available pages before exploring further.

# List credentials

> Returns a paginated list of credentials. Supports filtering by source, status, and external ID.



## OpenAPI

````yaml /api-reference/v2.json get /credentials
openapi: 3.1.1
info:
  title: Deck API
  version: 2.0.0
servers:
  - url: https://api.deck.co/v2
    description: Production
security:
  - BearerAuth: []
tags:
  - name: Agents
  - name: Components
  - name: Credentials
  - name: Event Destinations
  - name: Events
  - name: Sessions
  - name: Sources
  - name: Storage
  - name: Task Runs
  - name: Tasks
  - name: Test
paths:
  /credentials:
    get:
      tags:
        - Credentials
      summary: List credentials
      description: >-
        Returns a paginated list of credentials. Supports filtering by source,
        status, and external ID.
      operationId: listCredentials
      parameters:
        - name: limit
          in: query
          description: Maximum number of items to return (1-100, default 20)
          schema:
            pattern: ^-?(?:0|[1-9]\d*)$
            type:
              - integer
              - string
            format: int32
        - name: cursor
          in: query
          schema:
            type: string
          description: Cursor from a previous response for pagination.
        - name: source_id
          in: query
          schema:
            type: array
            items:
              type: string
          description: Unique identifier for the source (prefixed with `src_`).
        - name: status
          in: query
          schema:
            type: array
            items:
              type: string
          description: 'Filter by credential status: unverified, verified, invalid, deleted.'
        - name: external_id
          in: query
          schema:
            type: string
          description: Filter by the external ID assigned when creating the credential.
      responses:
        '200':
          description: OK
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/PaginatedResponseOfListCredentialData'
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedResponseOfListCredentialData'
            text/json:
              schema:
                $ref: '#/components/schemas/PaginatedResponseOfListCredentialData'
        '400':
          description: Bad request — validation error or malformed input.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ValidationErrorResponse'
        '401':
          description: Unauthorized.
        '403':
          description: Forbidden.
        '404':
          description: Not found — the requested resource does not exist.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '409':
          description: >-
            Conflict — the request is valid but cannot be completed in the
            current state.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '422':
          description: >-
            Unprocessable content — the request body is understood but contains
            invalid values.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '500':
          description: Internal server error.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
components:
  schemas:
    PaginatedResponseOfListCredentialData:
      type: object
      properties:
        data:
          type: array
          items:
            $ref: '#/components/schemas/ListCredentialData'
          description: Array of resource objects for the current page.
        has_more:
          type: boolean
          description: '`true` if there are more results beyond this page.'
        next_cursor:
          type:
            - 'null'
            - string
          description: >-
            Opaque cursor string to pass as the `cursor` query parameter on the
            next request. `null` when there are no more pages.
        request_id:
          type:
            - 'null'
            - string
          description: Unique identifier for the API request.
    ValidationErrorResponse:
      required:
        - errors
      type: object
      properties:
        type:
          type:
            - 'null'
            - string
          description: RFC 9110 problem type URI.
        title:
          type:
            - 'null'
            - string
          description: Short summary of the validation failure.
        status:
          type:
            - 'null'
            - integer
          description: HTTP status code.
          format: int32
        errors:
          type: object
          additionalProperties:
            type: array
            items:
              type: string
          description: Validation errors grouped by field name.
        traceId:
          type:
            - 'null'
            - string
          description: Request trace identifier.
      description: Validation error returned for malformed requests (HTTP 400).
    ErrorResponse:
      required:
        - errors
        - request_id
      type: object
      properties:
        errors:
          type: array
          items:
            $ref: '#/components/schemas/TaskRunError'
          description: One or more errors that describe what went wrong.
        request_id:
          type: string
          description: Unique identifier for this request, useful for tracing.
      description: Standard error response.
    ListCredentialData:
      required:
        - id
        - object
        - status
        - external_id
        - source_id
        - auth_method
        - auth_credentials
        - created_at
        - updated_at
      type: object
      properties:
        id:
          type: string
          description: Unique identifier for the credential, prefixed with `cred_`.
        object:
          type: string
          description: Always `credential`.
        status:
          type: string
          description: >-
            Credential status: `unverified`, `verified`, `invalid`, or
            `deleted`.
        external_id:
          type:
            - 'null'
            - string
          description: External identifier from your system, if set.
        source_id:
          type: string
          description: >-
            The source this credential authenticates against. Prefixed with
            `src_`.
        auth_method:
          type: string
          description: 'Authentication method: `username_password` or `none`.'
        auth_credentials:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/AuthCredentialsSummary'
          description: Summary of stored credentials. Sensitive values are not returned.
        created_at:
          type: string
          format: date-time
          description: ISO 8601 timestamp of when the resource was created.
        updated_at:
          type: string
          format: date-time
          description: ISO 8601 timestamp of when the resource was last updated.
    TaskRunError:
      required:
        - type
        - code
        - message
      type: object
      properties:
        type:
          type: string
          description: >-
            Error category (e.g. `source`, `auth`, `task`, `rate_limit`).
            Determines the class of failure.
        code:
          type: string
          description: Machine-readable error code. Use this for programmatic handling.
        message:
          type: string
          description: >-
            Human-readable explanation. Do not rely on this for logic — it may
            change.
        field:
          type:
            - 'null'
            - string
          description: The input field that caused the error, when applicable.
      description: Error details for a failed task run. Same structure as API-level errors.
    AuthCredentialsSummary:
      type: object
      properties:
        username:
          type:
            - 'null'
            - string
          description: The username associated with this credential, if applicable.
        source_fields:
          type: object
          additionalProperties:
            type: string
          description: >-
            Non-tokenized `source_fields` returned as key/value pairs in the
            clear (for example, `{ "company_id": "ACME-4412" }`). Tokenized
            source fields are dropped from this map and named in `tokenized`
            instead. Omitted when empty.
        tokenized:
          type: array
          items:
            type: string
          description: >-
            Names of the source fields whose values were vaulted. Their values
            never appear in `source_fields` and cannot be read back through the
            API. Omitted when nothing was tokenized.
      description: >-
        Summary of stored authentication credentials. Secret values such as
        `password` are encrypted at rest and never returned. Non-tokenized
        `source_fields` are returned in the clear; fields named in `tokenized`
        are vaulted and omitted from the map.
  securitySchemes:
    BearerAuth:
      type: http
      description: Secret key (sk_live_...)
      scheme: bearer
      bearerFormat: JWT

````