Determine Settings for a Credential Type

Credential settings vary based on credential type. As a result, you must use the credential type to determine the appropriate attributes of each settings object you use when creating or updating a scan-specific, policy-specific, or managed credential.

For example, compare the example settings objects below. In both cases, the credential type is Windows. However, the authentication methods—and therefore the settings attributes—differ.

Managed Credential Example 1: Windows Password Authentication

{
    "type": "Windows",
    "settings": {
        "domain": "",
        "username": "[email protected]",
        "auth_method": "Password",
        "password": "aJ^deq34Rc"
    }
}

Managed Credential Example 2: BeyondTrust Authentication

{
    "type": "Windows",
    "settings": {
      "auth_method": "BeyondTrust",
      "username": "administrator",
      "beyondtrust_host": "192.0.2.57",
      "beyondtrust_port": 443,
      "beyondtrust_api_user": "[email protected]",
      "beyondtrust_api_key": "********",
      "beyondtrust_duration" : "30",
      "beyondtrust_use_ssl": "yes",
      "beyondtrust_verify_ssl": "yes"
    }
}

To determine the settings you need for a specific credential type:

List settings for all credentials types, using the GET /credentials/types endpoint.
In the returned data, locate the configuration object for a specific credential.

👍
Example
Determine Windows Password Credentials

Configuration Object Attributes

The credentials[].types[].configuration object for an individual credential can include any of the following attributes:

Attribute	Type	Description
type	string	The parameter input type. This attribute reflects how the user interface prompts for parameter input. Possible values include: password—Prompts for input via text box. text—Prompts for input via text box. select—Prompts for input via selectable options. file—Prompts user to upload file of input data. If the setting is this type, you must upload the related file to Vulnerability Management to support the setting. For scan-specific credentials, use the POST /file/upload endpoint. For managed credentials, use the POST /credentials/files endpoint. toggle—Prompts user to toggle an option on or off. checkbox—Prompts user to select options via checkboxes. Checkboxes can represent enabling a single option or can allow users to select from multiple, mutually-exclusive options.
name	string	The display name for the credential configuration in the user interface.
required	boolean	A value specifying whether the configuration parameter is required (`true`) or optional (`false`). If this attribute is absent, the parameter is optional.
id	string	The system name for the credential parameter. Use this value as the parameter name in request messages configuring credentials.
placeholder	string	An example of the parameter value. This value appears as example text in the user interface. This attribute is only present for credential parameters that require text input in the user interface.
options	array	The supported options for the credential parameter.
options[].name	string	The display name of the option in the user interface.
options[].id	string	The system name for the option.
options[].inputs	array	The additional inputs that are required if the user selects this option in the user interface. If the inputs parameter is empty (`\\[\\]`), selecting the option does not require additional user input.
options[].inputs.type	string	The type of input prompt in the user interface. Possible values include: password—Prompts for input via text box. text—Prompts for input via text box. select—Prompts for input via selectable options. file—Prompts user to upload file of input data. toggle—Prompts user to select one of two mutually-exclusive options in toggle format. checkbox—Prompts user to select options via checkboxes. Checkboxes can represent enabling a single option or can allow users to select from multiple, mutually-exclusive options. key-value— Prompts for text entry of a key-value pair via two text boxes.
options[].inputs.name	string	The display name of the option in the user interface.
options[].inputs.required	boolean	A value specifying whether the input is required (`true`) or optional (`false`).
options[].inputs.placeholder	string	An example of the input value. This value appears as example text in the user interface. This attribute is only present for credential parameters that require text input in the interface. In cases where the input type is `key-value`, this attribute can be an array of strings.
options[].inputs.regex	string	A regular expression defining the valid input for the parameter in the user interface.
options[].inputs.hint	string	Helpful information about the input required, for example, "PEM formatted certificate". Hints appear in the user interface, but can contain information that is relevant to API requests.
options[].inputs.callback	string	Not supported as a parameter in managed credentials.
options[].inputs.default-row-count	integer	The number of text box rows that appear by default when the input type is `key-value`.
options[].inputs.hide-values	boolean	A value specifying whether the user interface hides the value by default when the input type is `key-value`. If `true`, dots appear instead of characters as you type the value in the user interface.
options[].inputs.id	string	The system name for the input. Use this value as the input name in request messages when configuring credentials.
options[].default	string	The option that appears as selected by default in the user interface.
options[].alt_ids	string	Not supported as a parameter in managed credentials.
options[].preferences	array	Not supported as a parameter in managed credentials.

👍Example

Configuration Object Attributes

👍
Example