Oracle Platform Security Services (OPSS) uses the Credential Store Framework (CSF) to manage credentials in a secure form. You can view and manage credentials in the store using REST.
| Section | Method | Resource Path |
|---|---|---|
| POST Credentials Method | POST |
/opss/v2/credentials |
| GET Credentials Using Map and Key Method | GET |
/opss/v2/credentials |
| GET Credentials Using Map Method | GET |
/opss/v2/credentials |
| GET Credentials Using Resource ID | GET |
/opss/v2/credentials |
| PUT Credential Method | PUT |
/opss/v2/credentials |
Use the POST method to create new credentials in the credential store.
| Media Types: | application/json |
The request body contains the details of the create request:
Table 3-1 Credentials Attributes
| Attribute | Description | Required |
|---|---|---|
|
|
Username for the credentials |
Yes |
|
|
Password for the credentials |
Yes |
|
|
A description for the credentials |
Yes |
|
|
The expiration date for the credentials formatted as |
Yes |
|
|
The type of the credentials |
Yes |
|
|
a unique name for the credential namespace |
Yes |
|
|
A unique name that identifies the credential |
Yes |
The following example shows how to create a credential in the credential store by submitting a POST request on the REST resource using cURL
curl -i -X POST -u username:password --data @createcred.json -H Content-Type:application/json https://myhost:7001/opss/v2/credentials
Example of Request Body
The following shows an example of the request body in JSON format.
{
"userName": "myUser3",
"password": "mypass123",
"description": "mydescription",
"expiration": " 5000-07-04T12:08:56.235-0700",
"type": "PasswordCredential"
"namespace: "MyMap",
"name":"myKey"
}
Use the GET method to search the entire CSF for a credential given its map and key name.
| Media Types: | application/json |
The response body contains attributes for the credential. For details about credential attributes, see Table 3-1.
The following example shows how to view credentials in a credential store by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password https://myhost:7001/idaas/platform/ admin/v1/credentials/?filter="map=mymap,key=mykey"
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see "HTTP Status Codes for HTTP Methods."
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"id": "1234567890"
"userName": "myUser3",
"password": "mypass123",
"description": "mydescription",
"expiration": "5000-07-04T12:08:56.235-0700",
"type": "PasswordCredential"
}
Use the GET method to search the entire CSF for a list of credentials given a map name.
Note:
: if a map contains generic credentials, then it will not be present in the list.| Media Types: | application/json |
The response body contains attributes for the credentials. For details about credential attributes, see Table 3-1.
The following example shows how to view credentials in a credential store by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password https://myhost:7001/opss/v2/credentials/? filter="map=mymap"
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see "HTTP Status Codes for HTTP Methods."
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"credentials": [
{
"id": "1234567890",
"userName": "myUser",
"password": "mypass123",
"description": "mydescription",
"expiration": "5000-07-04T12:08:56.235-0700",
"type": "PasswordCredential"
},
{
"id": "1234567890",
"user Name": "myUser2",
"password": "mypass123",
"description": "mydescription",
"expiration": "5000-07-04T12:08:56.235-0700",
"type": "PasswordCredential"
}
]
}
Use the GET method to search the entire CSF for a credential given its Resource ID.
| Media Types: | application/json |
The response body contains attributes for the credential. For details about credential attributes, see Table 3-1.
The following example shows how to view credentials in a credential store by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password https://myhost:7001/opss/v2/credentials/ 1234567890
Example of Response Header
The following shows an example of the response header. For more about the HTTP status codes, see "HTTP Status Codes for HTTP Methods."
HTTP/1.1 200 OK
Example of Response Body
The following shows an example of the response body in JSON format.
{
"id": "1234567890"
"userName": "myUser3",
"password": "mypass123",
"description": "mydescription",
"expiration": "5000-07-04T12:08:56.235-0700",
"type": "PasswordCredential"
}
Use the PUT method to replace an existing credential in the credential store. The entry must exist for the operation to succeed.
| Media Types: | application/json |
The request body contains attributes for the credential. For details about credential attributes, see Table 3-1.
The following example shows how to replace an existing credential in the credential store by submitting a PUT request on the REST resource using cURL.
curl -i -X POST -u username:password --data @replacecred.json -H Content-Type:application/json https://myhost:7001/opss/v2/credentials
Example of Request Body
The following shows an example of the request body in JSON format.
{
"id": "1234567890"
"userName": "myUser3",
"password": "mypass123",
"description": "mydescription",
"expiration": " 5000-07-04T12:08:56.235-0700",
"type": "PasswordCredential"
"namespace: "MyMap",
"name":"myKey"
}