Oracle Platform Security Services (OPSS) uses the Credential Store Framework (CSF) to manage credentials in a secure form. You can view and manage credentials in the store using REST.
Section | Method | Resource Path |
---|---|---|
POST Credentials Method | POST |
/opss/v2/credentials |
GET Credentials Using Map and Key Method | GET |
/opss/v2/credentials |
GET Credentials Using Map Method | GET |
/opss/v2/credentials |
GET Credentials Using Resource ID | GET |
/opss/v2/credentials |
PUT Credential Method | PUT |
/opss/v2/credentials |
Use the POST method to create new credentials in the credential store.
Media Types: | application/json |
The request body contains the details of the create request:
Table 3-1 Credentials Attributes
Attribute | Description | Required |
---|---|---|
|
Username for the credentials |
Yes |
|
Password for the credentials |
Yes |
|
A description for the credentials |
Yes |
|
The expiration date for the credentials formatted as |
Yes |
|
The type of the credentials |
Yes |
|
a unique name for the credential namespace |
Yes |
|
A unique name that identifies the credential |
Yes |
The following example shows how to create a credential in the credential store by submitting a POST request on the REST resource using cURL
curl -i -X POST -u username:password --data @createcred.json -H Content-Type:application/json https://myhost:7001/opss/v2/credentials
Example of Request Body
The following shows an example of the request body in JSON format.
{ "userName": "myUser3", "password": "mypass123", "description": "mydescription", "expiration": " 5000-07-04T12:08:56.235-0700", "type": "PasswordCredential" "namespace: "MyMap", "name":"myKey" }
Use the GET method to search the entire CSF for a credential given its map and key name.
Media Types: | application/json |
The response body contains attributes for the credential. For details about credential attributes, see Table 3-1.
The following example shows how to view credentials in a credential store by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password https://myhost:7001/idaas/platform/ admin/v1/credentials/?filter="map=mymap,key=mykey"
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see "HTTP Status Codes for HTTP Methods."
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{ "id": "1234567890" "userName": "myUser3", "password": "mypass123", "description": "mydescription", "expiration": "5000-07-04T12:08:56.235-0700", "type": "PasswordCredential" }
Use the GET method to search the entire CSF for a list of credentials given a map
name.
Note:
: if a map contains generic credentials, then it will not be present in the list.Media Types: | application/json |
The response body contains attributes for the credentials. For details about credential attributes, see Table 3-1.
The following example shows how to view credentials in a credential store by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password https://myhost:7001/opss/v2/credentials/? filter="map=mymap"
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see "HTTP Status Codes for HTTP Methods."
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{ "credentials": [ { "id": "1234567890", "userName": "myUser", "password": "mypass123", "description": "mydescription", "expiration": "5000-07-04T12:08:56.235-0700", "type": "PasswordCredential" }, { "id": "1234567890", "user Name": "myUser2", "password": "mypass123", "description": "mydescription", "expiration": "5000-07-04T12:08:56.235-0700", "type": "PasswordCredential" } ] }
Use the GET method to search the entire CSF for a credential given its Resource ID.
Media Types: | application/json |
The response body contains attributes for the credential. For details about credential attributes, see Table 3-1.
The following example shows how to view credentials in a credential store by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password https://myhost:7001/opss/v2/credentials/ 1234567890
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see "HTTP Status Codes for HTTP Methods."
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{ "id": "1234567890" "userName": "myUser3", "password": "mypass123", "description": "mydescription", "expiration": "5000-07-04T12:08:56.235-0700", "type": "PasswordCredential" }
Use the PUT method to replace an existing credential in the credential store. The entry must exist for the operation to succeed.
Media Types: | application/json |
The request body contains attributes for the credential. For details about credential attributes, see Table 3-1.
The following example shows how to replace an existing credential in the credential store by submitting a PUT request on the REST resource using cURL.
curl -i -X POST -u username:password --data @replacecred.json -H Content-Type:application/json https://myhost:7001/opss/v2/credentials
Example of Request Body
The following shows an example of the request body in JSON format.
{ "id": "1234567890" "userName": "myUser3", "password": "mypass123", "description": "mydescription", "expiration": " 5000-07-04T12:08:56.235-0700", "type": "PasswordCredential" "namespace: "MyMap", "name":"myKey" }