...
Standard | Runtime user name and runtime password of a user. |
---|---|
Resolvable | Runtime user name and runtime password of a user that you can embed into a task or script without exposing the password in clear text. |
Web Service | Runtime user name and runtime password of a user running a Web Service task. |
Runtime user name and runtime password of a user connecting to an incoming mail server (IMAP). |
...
Note | ||
---|---|---|
| ||
Unless Credentials must be embedded, we recommend defining Standard Credentials. If required, you can always convert a Standard Credential to a Resolvable Credential at a future time. |
...
You can convert a Credential from any type to any type.
To convert a Credential type from Standard to Resolvable, Web Service, or Email, the Resolvable Credentials Permitted, Web Service Credentials Permitted, or Email Credentials Permitted Universal Controller system property, respectively, must be set to true.
...
- Click the Convert... button in the Credentials#Credential Credential Details.
- Select Convert... in the Credentials Details action menu.
- Select Convert... for a specific Credential in the Credentials List action menu.
...
Resolvable Credentials are meant to be used with scripts and commands specified in tasks, and resolved when the script or command is executed. They provide the script or command with access to Credentials (user name and password) without having to hard-code the Credentials in the script, command, or parameters itself.
...
Step 1 | From the Automation Center navigation pane, select Other > Credentials. The Credentials list displays a list of all currently defined Credentials. |
---|---|
Step 2 | Enter/select Details for a new Credential, using the field descriptions below as a guide. As a best practice, use an alias in the Name field, as you may have several identical user names for different systems all having different passwords.
To display more of the Details fields on the screen, you can either:
|
Step 3 | Click a Save button. The Credential is added to the database, and all buttons and tabs in the Credential Details are enabled. |
...
Note | ||
---|---|---|
| ||
To open an existing record on the list, either:
|
...
The following Credential Details is for an existing credential. See the field descriptions, below, for a description of all fields that display in the Credential Details.
For information on how to access additional details - such as Metadata and complete database Details - for Credentials (or any type of record), see Records.
...
Field Name | Description | |||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Details | This section contains detailed information about the credential. | |||||||||||||||||||||||||||||||
Name |
| |||||||||||||||||||||||||||||||
Version | System-supplied; version number of the current record, which is incremented by Universal Controller every time a user updates a record. Click on the Credentials#Versions Versions tab to view previous versions. For details, see Record Versioning. | |||||||||||||||||||||||||||||||
Description |
| |||||||||||||||||||||||||||||||
Member of Business Services |
| |||||||||||||||||||||||||||||||
| Type of Credential.
| Runtime User | ||||||||||||||||||||||||||||||
Include Page | UC69:Runtime User - 6.8.0.0 | UC69:Runtime User - 6.8.0.0 | Runtime Password | |||||||||||||||||||||||||||||
Include Page | UC69:Runtime Password - 6.4.4.0 | UC69:Runtime Password - 6.4.4.0 | Key Location | |||||||||||||||||||||||||||||
Include Page | UC69:Key Location | UC69:Key Location | Passphrase | |||||||||||||||||||||||||||||
Include Page | UC69:Pass Phrase | UC69:Pass Phrase | Token | |||||||||||||||||||||||||||||
Include Page | UC71x:Token | UC71x:Token | ||||||||||||||||||||||||||||||
Metadata | This section contains Metadata information about this record. | |||||||||||||||||||||||||||||||
UUID | Universally Unique Identifier of this record. | |||||||||||||||||||||||||||||||
Updated By | Name of the user that last updated this record. | |||||||||||||||||||||||||||||||
Updated | Date and time that this record was last updated. | |||||||||||||||||||||||||||||||
Created By | Name of the user that created this record. | |||||||||||||||||||||||||||||||
Created | Date and time that this record was created. | |||||||||||||||||||||||||||||||
Buttons | This section identifies the buttons displayed above and below the Credential Details that let you perform various actions. | |||||||||||||||||||||||||||||||
Save | Saves a new Credential record in the Controller database. | |||||||||||||||||||||||||||||||
Save & New | Saves a new record in the Controller database and redisplays empty Details so that you can create another new record. | |||||||||||||||||||||||||||||||
Save & View | Saves a new record in the Controller database and continues to display that record. | |||||||||||||||||||||||||||||||
New | Displays empty (except for default values) Details for creating a new record. | Update | ||||||||||||||||||||||||||||||
Include Page | UC69:Update button | UC69:Update button | ||||||||||||||||||||||||||||||
Convert... | Allows you to convert the current Credential Credentials#Type to a new type and define a new password for the Credential (see Credentials#Converting Credential Types). | Delete | ||||||||||||||||||||||||||||||
Include Page | UC69:Delete button | UC69:Delete button | ||||||||||||||||||||||||||||||
Refresh | Refreshes any dynamic data displayed in the Details. | |||||||||||||||||||||||||||||||
Close | For pop-up view only; closes the pop-up view of this credential. | |||||||||||||||||||||||||||||||
Tabs | This section identifies the tabs across the top of the Credential Details that provide access to additional information about the credential. | |||||||||||||||||||||||||||||||
Anchor | Versions | Versions | Versions||||||||||||||||||||||||||||||
Include Page | UC69:Versions tab | UC69:Versions tabProvider | Specifies Provider. Options:
Default is Universal Controller. | |||||||||||||||||||||||||||||
Provider Parameters | When switching the Provider option, the default Provider Parameters for each provider will be populated. When switching to the Universal Controller provider, the Provider Parameters will not be displayed. | |||||||||||||||||||||||||||||||
Runtime User |
| |||||||||||||||||||||||||||||||
Runtime Password |
| |||||||||||||||||||||||||||||||
Key Location |
| |||||||||||||||||||||||||||||||
Passphrase |
| |||||||||||||||||||||||||||||||
Token |
| |||||||||||||||||||||||||||||||
Metadata | This section contains Metadata information about this record. | |||||||||||||||||||||||||||||||
UUID | Universally Unique Identifier of this record. | |||||||||||||||||||||||||||||||
Updated By | Name of the user that last updated this record. | |||||||||||||||||||||||||||||||
Updated | Date and time that this record was last updated. | |||||||||||||||||||||||||||||||
Created By | Name of the user that created this record. | |||||||||||||||||||||||||||||||
Created | Date and time that this record was created. | |||||||||||||||||||||||||||||||
Buttons | This section identifies the buttons displayed above and below the Credential Details that let you perform various actions. | |||||||||||||||||||||||||||||||
Save | Saves a new Credential record in the Controller database. | |||||||||||||||||||||||||||||||
Save & New | Saves a new record in the Controller database and redisplays empty Details so that you can create another new record. | |||||||||||||||||||||||||||||||
Save & View | Saves a new record in the Controller database and continues to display that record. | |||||||||||||||||||||||||||||||
New | Displays empty (except for default values) Details for creating a new record. | |||||||||||||||||||||||||||||||
Update |
| |||||||||||||||||||||||||||||||
Test Provider | For providers other than Universal Controller. Test Provider button will be available for validating the configured Provider Parameters. | |||||||||||||||||||||||||||||||
Convert... | Allows you to convert the current Credential Type to a new type and define a new password for the Credential (see Converting Credential Types). | |||||||||||||||||||||||||||||||
Delete |
| |||||||||||||||||||||||||||||||
Refresh | Refreshes any dynamic data displayed in the Details. | |||||||||||||||||||||||||||||||
Close | For pop-up view only; closes the pop-up view of this credential. | |||||||||||||||||||||||||||||||
Tabs | This section identifies the tabs across the top of the Credential Details that provide access to additional information about the credential. | |||||||||||||||||||||||||||||||
|
|
Anchor | ||||
---|---|---|---|---|
|
When switching the Provider option, the default Provider Parameters for each provider will be populated.
When switching to the Universal Controller provider, the Provider Parameters will not be displayed.
If a provider parameter is sensitive, value input will be masked in the client, and encrypted in the database. When viewing existing credentials, sensitive provider parameter values are never sent to the client.
Anchor | ||||
---|---|---|---|---|
|
Provider Parameter | Required | Description |
---|---|---|
ACCESS_KEY_ID | true | The AWS access key, used to identify the user interacting with AWS. |
SECRET_ACCESS_KEY | true | The AWS secret access key, used to authenticate the user interacting with AWS. |
REGION | true | The region name (e.g., us-east-1). |
SECRET_ID | true | The ARN or name of the secret to retrieve. |
SECRET_PASSWORD_KEY | false | If this secret was created by using the console, then Secrets Manager stores the information as a JSON structure of key/value pairs. Specifies the key for the password in the JSON structure.
|
SECRET_PASSPHRASE_KEY | false | Specifies the key for the passphrase in the JSON structure.
|
SECRET_TOKEN_KEY | false | Specifies the key for the token in the JSON structure.
|
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 3600 seconds / 1 hour) |
Anchor | ||||
---|---|---|---|---|
|
Provider Parameter | Required | Description |
---|---|---|
KEY_VAULT_NAME | true | The name of the Key Vault used to build the vault URL to send HTTP requests to.
|
SECRET_NAME | true | The name of the secret. |
CLIENT_ID | true | The client (application) ID. |
TENANT_ID | true | The Azure Active Directory tenant (directory) Id. |
CLIENT_SECRET | The client secret used to authenticate.
| |
CLIENT_ASSERTION | The client assertion used to authenticate.
| |
PEM_CERTIFICATE | The path of the PEM certificate used for authenticating.
| |
PFX_CERTIFICATE | The path of the PFX certificate used for authenticating.
| |
PFX_CERTIFICATE_PASSWORD | The password for the PFX certificate.
| |
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 28800 seconds / 8 hours) |
Anchor | ||||
---|---|---|---|---|
|
Provider Parameter | Required | Description |
---|---|---|
APPLICATION_ID | true | The unique ID of the application issuing the password request. |
SAFE | true | The name of the Safe where the password is stored. |
FOLDER | true | The name of the folder where the password is stored. |
OBJECT | true | The name of the password object to retrieve. |
REASON | false | The reason for retrieving the password. |
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5) |
Anchor | ||||
---|---|---|---|---|
|
Provider Parameter | Required | Description |
---|---|---|
HOST | true | The hostname of the Central Credential Provider. |
PORT | true | The port of the Central Credential Provider. |
APPLICATION_ID | true | The unique ID of the application issuing the password request. |
SAFE | true | The name of the Safe where the password is stored. |
FOLDER | true | The name of the folder where the password is stored. |
OBJECT | true | The name of the password object to retrieve. |
KEYSTORE | true | The path of the keystore containing the client certificate used for authenticating. |
KEYSTORE_PASSWORD | false | The password used to unlock the keystore. |
KEYSTORE_TYPE | false | The type of keystore. (default PKCS12)
|
KEYSTORE_ALIAS | false | The name of a specific entry in the keystore to use. |
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5 seconds) |
Anchor | ||||
---|---|---|---|---|
|
...