Determine Settings for a Credential Type
Credential settings vary based on credential type. As a result, you must use the credential type to determine the appropriate attributes of each settings
object you use when creating or updating a scan-specific, policy-specific, or managed credential.
For example, compare the example settings
objects below. In both cases, the credential type is Windows
. However, the authentication methods—and therefore the settings
attributes—differ.
Managed Credential Example 1: Windows Password Authentication
{
"type": "Windows",
"settings": {
"domain": "",
"username": "[email protected]",
"auth_method": "Password",
"password": "aJ^deq34Rc"
}
}
Managed Credential Example 2: BeyondTrust Authentication
{
"type": "Windows",
"settings": {
"auth_method": "BeyondTrust",
"username": "administrator",
"beyondtrust_host": "192.0.2.57",
"beyondtrust_port": 443,
"beyondtrust_api_user": "[email protected]",
"beyondtrust_api_key": "********",
"beyondtrust_duration" : "30",
"beyondtrust_use_ssl": "yes",
"beyondtrust_verify_ssl": "yes"
}
}
To determine the settings you need for a specific credential type:
- List settings for all credentials types, using the GET /credentials/types endpoint.
- In the returned data, locate the
configuration
object for a specific credential.
Example
Configuration Object Attributes
The credentials[].types[].configuration
object for an individual credential can include any of the following attributes:
Attribute | Type | Description |
---|---|---|
type | string | The parameter input type. This attribute reflects how the user interface prompts for parameter input. Possible values include:
|
name | string | The display name for the credential configuration in the user interface. |
required | boolean | A value specifying whether the configuration parameter is required (true ) or optional (false ). If this attribute is absent, the parameter is optional. |
id | string | The system name for the credential parameter. Use this value as the parameter name in request messages configuring credentials. |
placeholder | string | An example of the parameter value. This value appears as example text in the user interface. This attribute is only present for credential parameters that require text input in the user interface. |
options | array | The supported options for the credential parameter. |
options[].name | string | The display name of the option in the user interface. |
options[].id | string | The system name for the option. |
options[].inputs | array | The additional inputs that are required if the user selects this option in the user interface. If the inputs parameter is empty (\\[\\] ), selecting the option does not require additional user input. |
options[].inputs.type | string | The type of input prompt in the user interface. Possible values include:
|
options[].inputs.name | string | The display name of the option in the user interface. |
options[].inputs.required | boolean | A value specifying whether the input is required (true ) or optional (false ). |
options[].inputs.placeholder | string | An example of the input value. This value appears as example text in the user interface. This attribute is only present for credential parameters that require text input in the interface. In cases where the input type is key-value , this attribute can be an array of strings. |
options[].inputs.regex | string | A regular expression defining the valid input for the parameter in the user interface. |
options[].inputs.hint | string | Helpful information about the input required, for example, "PEM formatted certificate". Hints appear in the user interface, but can contain information that is relevant to API requests. |
options[].inputs.callback | string | Not supported as a parameter in managed credentials. |
options[].inputs.default-row-count | integer | The number of text box rows that appear by default when the input type is key-value . |
options[].inputs.hide-values | boolean | A value specifying whether the user interface hides the value by default when the input type is key-value . If true , dots appear instead of characters as you type the value in the user interface. |
options[].inputs.id | string | The system name for the input. Use this value as the input name in request messages when configuring credentials. |
options[].default | string | The option that appears as selected by default in the user interface. |
options[].alt_ids | string | Not supported as a parameter in managed credentials. |
options[].preferences | array | Not supported as a parameter in managed credentials. |
Updated 3 days ago