3 Manage Credentials in the Credential Store

Oracle Web Services Manager (WSM) uses the Credential Store Framework (CSF) to manage the credentials in a secure form.

Before using the REST API to view and manage the credential store, you need to understand how to access the REST resources and other important concepts. See "About the REST API".

For more information about credential store management, see "Configuring the Credential Store" in Administering Web Services.

This chapter includes the following sections:

• View and Manage the Credential Store Using REST Resources

• POST Credential Method

• GET Credential Method

• PUT Credential Method

• DELETE Credential Method

View and Manage the Credential Store Using REST Resources

Representational state transfer (REST) resources enable you to view and manage the credential store.

You can view and manage the credential store using a set of representational state transfer (REST) resources, as summarized below.

---

Section	Method	Resource Path
POST Credential Method	POST	/idaas/platform/admin/v1/credential
GET Credential Method	GET	/idaas/platform/admin/v1/credential
PUT Credential Method	PUT	/idaas/platform/admin/v1/credential
DELETE Credential Method	DELETE	/idaas/platform/admin/v1/credential

---

POST Credential Method

Use the POST method to create a new credential in the domain credential store.

REST Request

POST /idaas/platform/admin/v1/credential

Request Body

---

Media Types:

application/json

---

The request body contains the details of the create request:

---

Attribute	Description	Required
"credential"	Password for the credential.	Yes
"key"	Name of the key.	Yes
"map"	Name of the map (folder).	Yes
"username"	Username for the credential.	Yes

---

Response Body

---

Media Types:

application/json

---

The response body returns the status of the create operation, including:

---

Attribute	Description
"ERROR_CODE"	If "STATUS" is set to "Failed", provides the error code.
"ERROR_MSG"	If "STATUS" is set to "Failed", provides the contents of the error message.
"STATUS"	Status of operation. For example, "Succeeded" or "Failed".

---

cURL Example

The following example shows how to create a credential in the credential store by submitting a POST request on the REST resource using cURL

TESTED

curl -i -X POST -u username:password --data @createcred.json -H Content-Type:application/json http://myhost:7001/idaas/platform/admin/v1/credential

Example of Request Body

The following shows an example of the request body in JSON format.

{
    "username" : "username",
    "credential" : "credential",
    "key" : "mykey",
    "map" : "oracle.wsm.security"
}

Example of Response Header

The following shows an example of the response header. For more about the HTTP status codes, see HTTP Status Codes for HTTP Methods

HTTP/1.1 200 OK

Example of Response Body

The following shows an example of the response body in JSON format.

{
    "STATUS": "Succeeded"
}

GET Credential Method

Use the GET method to view all credentials in the domain credential store.

REST Request

GET /idaas/platform/admin/v1/credential

Response Body

Media types for the request or response body: application/json

The response body contains information about all credentials in the credential store, including:

---

Attribute	Description
"CSF_MAP_NAME"	Name of the credential store map.
"default"	List of keys in the default credential map.
"oracle.wsm.security"	List of keys in the Oracle Web Services Manager (Oracle WSM) security credential map.

---

cURL Example

The following example shows how to view all credentials in a credential store by submitting a GET request on the REST resource using cURL.

TESTED

curl -i -X GET -u username:password http://myhost:7001/idaas/platform/admin/v1/credential

Example of Response Header

The following shows an example of the response header. For more about the HTTP status codes, see HTTP Status Codes for HTTP Methods

HTTP/1.1 200 OK

Example of Response Body

The following shows an example of the response body in JSON format.

{
    "CSF_MAP_NAME": "CSF_KEY_NAME",
    "default": "systemuser",
    "oracle.wsm.security": [
        "sign-csf-key",
        "jwt-sign-csf-key",
        "owsmtest.credentials",
        "basic.client.credentials",
        "weblogic-csf-key",
        "enc-csf-key",
        "mykey",
        "dummy-pwd-csf-key",
        "weblogic-kerberos-csf-key",
        "keystore-csf-key",
        "weblogic-windowsdomain-csf-key",
        "oratest-csf-key",
        "csr-csf-key",
        "invalid-csf-key",
        "ca-signed-sign-csf-key"
    ]
}

PUT Credential Method

Use the PUT method to update a credential in the domain credential store.

REST Request

PUT /idaas/platform/admin/v1/credential

Request Body

---

Media Types:

application/json

---

The request body contains the details of the update request:

---

Attribute	Description	Required
"credential"	Updated password for the key in the keystore.	Yes
"key"	Name of the key that you want to modify. The key must exist.	Yes
"map"	Name of the map (folder) that you want to modify.	Yes
"username"	Username for the key in the keystore.	Yes

---

Response Body

---

Media Types:

application/json

---

The response body returns the status of the update operation, including:

---

Attribute	Description
"ERROR_CODE"	If "STATUS" is set to "Failed", provides the error code.
"ERROR_MSG"	If "STATUS" is set to "Failed", provides the contents of the error message.
"STATUS"	Status of operation. For example, "Succeeded" or "Failed".

---

cURL Example

The following example shows how to update a credential in the credential store by submitting a PUT request on the REST resource using cURL.

TESTED

curl -i -X PUT -u username:password --data @updatecred.json -H Content-Type:application/json http://myhost:7001/idaas/patform/admin/v1/credential

Example of Request Body

The following shows an example of the request body in JSON format.

{
    "username" : "username",
    "credential" : "myNewPwd",
    "key" : "mykey",
    "map" : "oracle.wsm.security"
}

Example of Response Header

The following shows an example of the response header. For more about the HTTP status codes, see HTTP Status Codes for HTTP Methods

HTTP/1.1 200 OK

Example of Response Body

The following shows an example of the response body in JSON format.

{
    "STATUS": "Succeeded"
}

DELETE Credential Method

Use the Delete method to delete a credential from the domain credential store.

REST Request

DELETE /idaas/platform/admin/v1/credential

Parameters

The following table summarizes the DELETE request parameters.

---

Name	Description	Type
"key"	Name of the key for the credential that you want to delete.	Query
"map"	Name of the map (folder) for the credential that you want to delete.	Query

---

Response Body

---

Media Types:

application/json

---

The response body returns the status of the delete operation, including:

---

Attribute	Description
"ERROR_CODE"	If "STATUS" is set to "Failed", provides the error code.
"ERROR_MSG"	If "STATUS" is set to "Failed", provides the contents of the error message.
"STATUS"	Status of operation. For example, "Succeeded" or "Failed".

---

cURL Example

The following example shows how to delete a credential from the credential store by submitting a DELETE request on the REST resource using cURL.

TESTED

curl -i -X DELETE -u username:password http://myhost:7001/idaas/platform/admin/v1/credential?"key=mykey&map=oracle.wsm.security"

Example of Response Header

The following shows an example of the response header. For more about the HTTP status codes, see HTTP Status Codes for HTTP Methods

HTTP/1.1 200 OK

Example of Response Body

The following shows an example of the response body in JSON format.

{
    "STATUS": "Succeeded"
}