Determine Settings for a Credential Type

Credential settings vary based on credential type. As a result, you must use the credential type to determine the appropriate attributes of each settings object you use when creating or updating a scan-specific, policy-specific, or managed credential.

For example, compare the example settings objects below. In both cases, the credential type is Windows. However, the authentication methods—and therefore the settings attributes—differ.

Managed Credential Example 1: Windows Password Authentication

{
    "type": "Windows",
    "settings": {
        "domain": "",
        "username": "[email protected]",
        "auth_method": "Password",
        "password": "aJ^deq34Rc"
    }
}

Managed Credential Example 2: BeyondTrust Authentication

{
    "type": "Windows",
    "settings": {
      "auth_method": "BeyondTrust",
      "username": "administrator",
      "beyondtrust_host": "192.0.2.57",
      "beyondtrust_port": 443,
      "beyondtrust_api_user": "[email protected]",
      "beyondtrust_api_key": "********",
      "beyondtrust_duration" : "30",
      "beyondtrust_use_ssl": "yes",
      "beyondtrust_verify_ssl": "yes"
    }
}

To determine the settings you need for a specific credential type:

  1. List settings for all credentials types, using the GET /credentials/types endpoint.
  2. In the returned data, locate the configuration object for a specific credential.

👍

Example

Determine Windows Password Credentials

Configuration Object Attributes

The credentials[].types[].configuration object for an individual credential can include any of the following attributes:

AttributeTypeDescription
typestringThe parameter input type. This attribute reflects how the user interface prompts for parameter input. Possible values include:
  • password—Prompts for input via text box.
  • text—Prompts for input via text box.
  • select—Prompts for input via selectable options.
  • file—Prompts user to upload file of input data. If the setting is this type, you must upload the related file to Vulnerability Management to support the setting. For scan-specific credentials, use the POST /file/upload endpoint. For managed credentials, use the POST /credentials/files endpoint.
  • toggle—Prompts user to toggle an option on or off.
  • checkbox—Prompts user to select options via checkboxes. Checkboxes can represent enabling a single option or can allow users to select from multiple, mutually-exclusive options.
namestringThe display name for the credential configuration in the user interface.
requiredbooleanA value specifying whether the configuration parameter is required (true) or optional (false). If this attribute is absent, the parameter is optional.
idstringThe system name for the credential parameter. Use this value as the parameter name in request messages configuring credentials.
placeholderstringAn example of the parameter value. This value appears as example text in the user interface.
This attribute is only present for credential parameters that require text input in the user interface.
optionsarrayThe supported options for the credential parameter.
options[].namestringThe display name of the option in the user interface.
options[].idstringThe system name for the option.
options[].inputsarrayThe additional inputs that are required if the user selects this option in the user interface. If the inputs parameter is empty (\\[\\]), selecting the option does not require additional user input.
options[].inputs.typestringThe type of input prompt in the user interface. Possible values include:
  • password—Prompts for input via text box.
  • text—Prompts for input via text box.
  • select—Prompts for input via selectable options.
  • file—Prompts user to upload file of input data.
  • toggle—Prompts user to select one of two mutually-exclusive options in toggle format.
  • checkbox—Prompts user to select options via checkboxes. Checkboxes can represent enabling a single option or can allow users to select from multiple, mutually-exclusive options.
  • key-value— Prompts for text entry of a key-value pair via two text boxes.
options[].inputs.namestringThe display name of the option in the user interface.
options[].inputs.requiredbooleanA value specifying whether the input is required (true) or optional (false).
options[].inputs.placeholderstringAn example of the input value. This value appears as example text in the user interface.
This attribute is only present for credential parameters that require text input in the interface.
In cases where the input type is key-value, this attribute can be an array of strings.
options[].inputs.regexstringA regular expression defining the valid input for the parameter in the user interface.
options[].inputs.hintstringHelpful information about the input required, for example, "PEM formatted certificate". Hints appear in the user interface, but can contain information that is relevant to API requests.
options[].inputs.callbackstringNot supported as a parameter in managed credentials.
options[].inputs.default-row-countintegerThe number of text box rows that appear by default when the input type is key-value.
options[].inputs.hide-valuesbooleanA value specifying whether the user interface hides the value by default when the input type is key-value. If true, dots appear instead of characters as you type the value in the user interface.
options[].inputs.idstringThe system name for the input. Use this value as the input name in request messages when configuring credentials.
options[].defaultstringThe option that appears as selected by default in the user interface.
options[].alt_idsstringNot supported as a parameter in managed credentials.
options[].preferencesarrayNot supported as a parameter in managed credentials.