Skip to main content

External Apps

Build standalone applications that interact with NoClick workflows using the TypeScript or Python SDK. Authenticate with API keys and connect via WebSocket (Socket.IO).

Authentication

External apps authenticate with API keys. Keys are scoped to a user and optionally to a specific workflow.

Creating an API Key

Create keys in the dashboard under SettingsDeveloper: name the key, optionally scope it to one workflow, and click Create. The key looks like nk_live_a1b2c3d4... and is shown once, so copy it immediately. See API keys for permissions, scoping, revocation, and the REST management endpoints.

Key Format

PartExampleDescription
Prefixnk_live_Identifies NoClick API keys
Secreta1b2c3d4e5f6...64 hex characters (32 bytes)

Permissions

PermissionAllows
readnodes.getOutput, nodes.list, state.get, dataset.getRows, resources.list
executeexecution.runNodesAndGetOutput, execution.runNodesInBackground
writenodes.setConfig, state.set, dataset.appendRows, resources.upload

TypeScript SDK

Installation

Connection

Reading Data

Running Nodes

State Management

Real-time Subscriptions

Subscribe to node output changes from any source (cron, webhooks, manual runs):

Python SDK

Installation

Or install from source:

Connection

Reading Data

Running Nodes

State Management

Credentials

Resources (File Storage)

Dataset CRUD

Real-time Subscriptions


Security

  • API keys are hashed (SHA-256) in the database. Raw keys are never stored.
  • Workflow scoping: keys can be limited to a single workflow.
  • Permission model: read, execute, write permissions control what operations are allowed.
  • Key revocation: keys can be revoked instantly.
  • Expiration: keys can have an optional expiry date.
  • Socket.IO transport: encrypted WebSocket connection. Same auth context as the browser frontend.