Currently when connecting to external systems using HTTP actions that require server credentials, you store the credentials in the flow in the HTTP action. This means the password is visible in plain text, and can't be shared easily between flows. If we add a Credential Store for the Tenant, then we could supply a number of types, and ensure you can't see the password afterwards, and later on we could even provide some form of security over where the credentials could be used. The Credential could then be accessed (like a variable) from within a project flow.
