We never let developers touch users’ login details.
For Packs that require user authorization credentials, Coda handles credentials on behalf of the Pack, stores them encrypted at rest, and applies them to outgoing requests such that neither Pack code, Pack makers, nor other users of a doc ever have access to them.