Versions Compared

Old Version 4

changes.mady.by.user Stonebranch

Saved on

compared with

New Version 5

changes.mady.by.user Stonebranch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Field Name

Description

Details

This section contains detailed information about the credential.

Name

Include Page
IL:Name - Credential
IL:Name - Credential

Version

System-supplied; version number of the current record, which is incremented by Universal Controller every time a user updates a record. Click on the Versions tab to view previous versions. For details, see Record Versioning.

Description

Include Page
IL:Summary
IL:Summary

Member of Business Services

Include Page
IL:Member of Business Services
IL:Member of Business Services

Anchor
Type
Type
Type

Type of Credential.
 
Options:

  • Standard (default)
  • Resolvable
  • Web Service
  • Email
Note
titleNote

Only Resolvable Credentials can be embedded in a Universal Template script.


Provider

Specifies Provider. 

Options:

Default is Universal Controller. 

Provider Parameters 

When switching the Provider option, the default Provider Parameters for each provider will be populated.

When switching to the Universal Controller provider, the Provider Parameters  will not be displayed.

Runtime User

Include Page
IL:Runtime User - 6.8.0.0
IL:Runtime User - 6.8.0.0

Runtime Password

Include Page
IL:Runtime Password - 6.4.4.0
IL:Runtime Password - 6.4.4.0

Key Location
(SFTP only)

Include Page
IL:Key Location
IL:Key Location

Passphrase
(SFTP only)

Include Page
IL:Pass Phrase
IL:Pass Phrase

Token

Include Page
IL:Token
IL:Token

Metadata

This section contains Metadata information about this record.

UUID

Universally Unique Identifier of this record.

Updated By

Name of the user that last updated this record.

Updated

Date and time that this record was last updated.

Created By

Name of the user that created this record.

Created

Date and time that this record was created.

Buttons

This section identifies the buttons displayed above and below the Credential Details that let you perform various actions.

Save

Saves a new Credential record in the Controller database.

Save & New

Saves a new record in the Controller database and redisplays empty Details so that you can create another new record.

Save & View

Saves a new record in the Controller database and continues to display that record.

New

Displays empty (except for default values) Details for creating a new record.

Update

Include Page
IL:Update button
IL:Update button

Test ProviderFor providers other than Universal Controller.

Test Provider button will be available for validating the configured Provider Parameters.

Convert...

Allows you to convert the current Credential Type to a new type and define a new password for the Credential (see Converting Credential Types).

Delete

Include Page
IL:Delete button
IL:Delete button

Refresh

Refreshes any dynamic data displayed in the Details.

Close

For pop-up view only; closes the pop-up view of this credential.

Tabs

This section identifies the tabs across the top of the Credential Details that provide access to additional information about the credential.

Anchor
Versions
Versions
Versions

Include Page
IL:Versions tab
IL:Versions tab

Anchor
Provider Parameters
Provider Parameters

Provider Parameters 

When switching the Provider option, the default Provider Parameters for each provider will be populated.

...

Provider Parameter

Required

Description

HOST

true

The hostname of the Central Credential Provider.

PORT

true

The port of the Central Credential Provider.

APPLICATION_ID

true

The unique ID of the application issuing the password request.

SAFE

true

The name of the Safe where the password is stored.

FOLDER

true

The name of the folder where the password is stored.

OBJECT

true

The name of the password object to retrieve.

KEYSTORE

true

The path of the keystore containing the client certificate used for authenticating.

KEYSTORE_PASSWORD

false

The password used to unlock the keystore.

KEYSTORE_TYPE

false

The type of keystore. (default PKCS12)

  • JKS

    • The proprietary keystore implementation provided by the SUN provider.

  • PKCS12

    • The transfer syntax for personal identity information as defined in PKCS #12.

KEYSTORE_ALIAS

false

The name of a specific entry in the keystore to use.

CACHE_TTL

false

The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5 seconds)

Anchor
Hashicorp
Hashicorp

HashiCorp Vault Provider

Provider ParameterRequiredDescription

ADDRESS

Yes

The address of the Vault server (e.g. http://127.0.0.1:8200)

TOKEN


The Vault token for use with Vault’s token auth method.

ROLE_ID


The Role ID of the AppRole for use with Vault’s AppRole auth method.

SECRET_ID


The Secret ID belonging to the AppRole for use with Vault’s AppRole auth method.

  • Required if the ROLE_ID is specified.

JWT


The signed JSON Web Token (JWT) for use with Vault’s JWT auth method.

ROLE


The Role name for use with Vault’s JWT auth method.

  • Required, but not enforced, if the JWT auth method backend does not have a default role.

KEYSTORE


The path to the keystore containing the client certificate and private key for use with Vault’s TLS Certificates auth method.

KEYSTORE_PASSWORD


The password used to unlock the keystore.

KEYSTORE_TYPE


The type of keystore. (default PKCS12)

  • JKS

    • The proprietary keystore implementation provided by the SUN provider.

  • PKCS12

    • The transfer syntax for personal identity information as defined in PKCS #12.

CLIENT_CERTIFICATE


The path to the X.509 certificate, in PEM format, for use with Vault’s TLS certificates auth method.

CLIENT_KEY


The path to the unencrypted RSA private key, in PEM format, for use with Vault’s TLS certificates auth method.

  • Required if the CLIENT_CERTIFICATE is specified.

AUTH_MOUNT_PATH

No

Specifies the path where the auth method backend is mounted.

MOUNT_PATH

No

Specifies the path where the KV backend is mounted.

  • If not specified, the SECRET_PATH parameter will be interpreted as the combined mount path and secret path, with /data/ automatically inserted for KV Version 1 secrets.

SECRET_PATH

Yes

The path to the KV secret.

DATA_PASSWORD_KEY

No

Specifies the key for the password in the secret data.

DATA_PASSPHRASE_KEY

No

Specifies the key for the password in the secret data.

DATA_TOKEN_KEY

No

Specifies the key for the password in the secret data.

CACHE_TTL

No

The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 300 seconds / 5 minutes)

If the secret has a TTL, then it will be used to set the expiration time (KV Version 1 only).

Anchor
Deleting a Credential
Deleting a Credential

...