Credentials API
Predominant token scope: Security
The Credentials interface stores information about credentials for use in requesting certificates and other activities. Trust Protection Platform only stores the credentials you create. Any remote credentials remain only under the management of the parent. For example, a vault or safe manages its own secrets.
What is the difference between Credentials, Permissions, and Identity?
-
Credentials endpoints manage certificate and other activities. For more information, see Credentials API.
-
Identity endpoints manage Venafi users. For more information, see Identity API.
-
Permissions endpoints grant principals (users and groups) privileges to objects within Trust Protection Platform. For more information, see Permissions API.
Many ways to create a credential in Trust Protection Platform
|
I need this credential ... |
Example |
|---|---|
| Adaptable credential |
Requires setup. Only call POST Credentials/Adaptable/Create. |
| AWS ADFS | Example 2: AWS ADFS credential. |
| AWS from EC2 role | Example 3: AWS credential from an EC2 assigned role. |
| AWS Static | Example 1: Amazon Local credentials. |
| Certificate | Example 4: Certificate credential. |
| CyberArk safe | Requires setup. For CyberArk Password credential and CyberArk Username and Password credential, only call POST Credentials/CyberArk/Create. |
|
Digicert |
|
|
Generic |
Set the credential and Create Store value in the UI. |
| Google Cloud Private CA | Example 5: Google Cloud Private CA credential. |
|
HashiCorp vault |
Requires setup. Only call POST Credentials/Adaptable/Create. |
|
Generic Password |
Depending on the CA, requires either a password or an API key. Example 6: Password credential. |
| Private key | Example 7: Private key credential. |
| Username and Password | Example 8: Username credential. |