Remove Credentials from a Scan
If you remove scan-specific credentials from a scan, Tenable Vulnerability Management deletes the credentials record.
If you remove managed credentials from a scan, Vulnerability Management deletes the association between the managed credentials record and the scan, but retains the managed credentials.
To remove a credential from a scan:
- Use the GET /editor/scan/{scan_id} endpoint to view configuration details for the scan.
- Find the object for the credential type. For example, search on "Windows" to locate the Windows credentials.
- In the object for that credential type, find the
instances
array. - In the
instances
array, note theid
value for the object representing the credential you want to remove:- For scan-specific credentials, the ID is an integer that uniquely identifies the credential instance (for example,
264
). - For managed credentials, the ID is a string specifying the UUID of the managed credential (for example,
fc6c273e-1439-40ca-89b2-97f6d6efab9f
).
- For scan-specific credentials, the ID is an integer that uniquely identifies the credential instance (for example,
- Use the
id
value in thecredentials[].delete
object in a PUT /scans/{scan_id} endpoint request.
For scan-specific credentials, the credentials[].delete
object has the following format:
{
"credentials": {
"delete": [
000
]
}
}
where 000
represents the id
integer.
For managed credentials, the credentials[].delete
object has the following format:
{
"credentials": {
"delete": [
"{id}"
]
}
}
where {id}
represents the id
string.
Example Assessment Scan: Scan-Specific Credentials
This example request body deletes scan-specific credentials from an existing Malware scan. This example also uses a target group, instead of listing individual targets.
{
"uuid": "50874b78-a0e3-4cd6-a03e-75409443a95fa918400c42a035f7",
"settings": {
"name": "northern-region-assets",
"target_groups": [
2,
8,
12
]
},
"credentials": {
"delete": [
264
]
}
}
Example Assessment Scan: Managed Credentials
This example request body deletes scan-specific credentials from an existing Malware scan. This example also uses a target group, instead of listing individual targets.
{
"uuid": "50874b78-a0e3-4cd6-a03e-75409443a95fa918400c42a035f7",
"settings": {
"name": "northern-region-assets",
"target_groups": [
2,
8,
12
]
},
"credentials": {
"delete": [
"fc6c273e-1439-40ca-89b2-97f6d6efab9f"
]
}
}
Updated about 2 months ago