...
Standard | Runtime user name and runtime password of a user. |
---|---|
Resolvable | Runtime user name and runtime password of a user that you can embed into a task or script without exposing the password in clear text. |
Web Service | Runtime user name and runtime password of a user running a Web Service task. |
Runtime user name and runtime password of a user connecting to an incoming mail server (IMAP). | |
SAP | Runtime user name and runtime password of a user connecting to an SAP server. |
Note | ||
---|---|---|
| ||
Unless Credentials must be embedded, we recommend defining Standard Credentials. If required, you can always convert a Standard Credential to a Resolvable Credential at a future time. |
...
Field Name | Description | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Details | This section contains detailed information about the credential. | ||||||||||||
Name |
| ||||||||||||
Version | System-supplied; version number of the current record, which is incremented by Universal Controller every time a user updates a record. Click on the Versions tab to view previous versions. For details, see Record Versioning. | ||||||||||||
Description |
| ||||||||||||
Member of Business Services |
| ||||||||||||
| Type of Credential.
| ||||||||||||
Provider | Specifies Provider. Options:
Default is Universal Controller. | ||||||||||||
Provider Parameters | When switching the Provider option, the default Provider Parameters for each provider will be populated. When switching to the Universal Controller provider, the Provider Parameters will not be displayed. | ||||||||||||
Runtime User |
| ||||||||||||
Runtime Password |
| ||||||||||||
Key Location |
| ||||||||||||
Passphrase |
| ||||||||||||
Token |
| ||||||||||||
Metadata | This section contains Metadata information about this record. | ||||||||||||
UUID | Universally Unique Identifier of this record. | ||||||||||||
Updated By | Name of the user that last updated this record. | ||||||||||||
Updated | Date and time that this record was last updated. | ||||||||||||
Created By | Name of the user that created this record. | ||||||||||||
Created | Date and time that this record was created. | ||||||||||||
Buttons | This section identifies the buttons displayed above and below the Credential Details that let you perform various actions. | ||||||||||||
Save | Saves a new Credential record in the Controller database. | ||||||||||||
Save & New | Saves a new record in the Controller database and redisplays empty Details so that you can create another new record. | ||||||||||||
Save & View | Saves a new record in the Controller database and continues to display that record. | ||||||||||||
New | Displays empty (except for default values) Details for creating a new record. | ||||||||||||
Update |
| ||||||||||||
Test Provider | For providers other than Universal Controller. Test Provider button will be available for validating the configured Provider Parameters. | ||||||||||||
Convert... | Allows you to convert the current Credential Type to a new type and define a new password for the Credential (see Converting Credential Types). | ||||||||||||
Delete |
| ||||||||||||
Refresh | Refreshes any dynamic data displayed in the Details. | ||||||||||||
Close | For pop-up view only; closes the pop-up view of this credential. | ||||||||||||
Tabs | This section identifies the tabs across the top of the Credential Details that provide access to additional information about the credential. | ||||||||||||
|
|
...
Provider Parameter | Required | Description |
---|---|---|
HOST | true | The hostname of the Central Credential Provider. |
PORT | true | The port of the Central Credential Provider. |
APPLICATION_ID | true | The unique ID of the application issuing the password request. |
SAFE | true | The name of the Safe where the password is stored. |
FOLDER | true | The name of the folder where the password is stored. |
OBJECT | true | The name of the password object to retrieve. |
KEYSTORE | true | The path of the keystore containing the client certificate used for authenticating. |
KEYSTORE_PASSWORD | false | The password used to unlock the keystore. |
KEYSTORE_TYPE | false | The type of keystore. (default PKCS12)
|
KEYSTORE_ALIAS | false | The name of a specific entry in the keystore to use. |
CACHE_TTL | false | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 5 seconds) |
Anchor | ||||
---|---|---|---|---|
|
HashiCorp Vault
...
Provider Parameter | Required | Description |
---|---|---|
ADDRESS | Yestrue | The address of the Vault server (e.g. http://127.0.0.1:8200). |
TOKEN | The Vault token for use with Vault’s token auth method. | |
ROLE_ID | The Role ID of the AppRole for use with Vault’s AppRole auth method. | |
SECRET_ID | The Secret ID belonging to the AppRole for use with Vault’s AppRole auth method.
| |
JWT | The signed JSON Web Token (JWT) for use with Vault’s JWT auth method. | |
ROLE | The Role name for use with Vault’s JWT auth method.
| |
KEYSTORE | The path to the keystore containing the client certificate and private key for use with Vault’s TLS Certificates auth method. | |
KEYSTORE_PASSWORD | The password used to unlock the keystore. | |
KEYSTORE_TYPE | The type of keystore. (default Default is PKCS12).
| |
CLIENT_CERTIFICATE | The path to the X.509 certificate, in PEM format, for use with Vault’s TLS certificates auth method. | |
CLIENT_KEY | The path to the unencrypted RSA private key, in PEM format, for use with Vault’s TLS certificates auth method.
| |
AUTH_MOUNT_PATH | Nofalse | Specifies the path where the auth method backend is mounted. |
MOUNT_PATH | Nofalse | Specifies the path where the KV backend is mounted.
|
SECRET_PATH | Yestrue | The path to the KV secret. |
DATA_PASSWORD_KEY | Nofalse | Specifies the key for the password in the secret data. |
DATA_PASSPHRASE_KEY | Nofalse | Specifies the key for the password passphrase in the secret data. |
DATA_TOKEN_KEY | Nofalse | Specifies the key for the password token in the secret data. |
CACHE_TTL | Nofalse | The TTL (Time To Live), in seconds, for the cached secret before a new request to the provider is made. (default 300 seconds / 5 minutes) If the secret has a TTL, then it will be used to set the expiration time (KV Version 1 only). |
...
Credential Type | Record Type |
---|---|
Resolvable |
|
| |
Web Service |
|
SAP |
|
Standard |
|
...
Note | ||
---|---|---|
| ||
Resolvable, Email, and Web Service, and SAP Credentials can be used anywhere that a Standard Credential can be specified. |
...