Credentials

Credentials consist of a user name and password pair. They are used to access specified target machines in order to perform scans and push any necessary files. You can define new scan credentials, locate existing credentials, share credentials and delete credentials.

You can also add session credentials for the current user. This is required to initialize the Security Controls credential store. It also eliminates the need for delegation when performing patch scan and patch deployment operations remotely via the REST API.

Here are some important notes about session credentials:

If you manage user credentials remotely, you must initialize a session credential.

The session credential password must be the same as the Windows user account that is used to authenticate to the REST API.

There is no session credential timeout.

It is safe to initialize the session credential multiple times. If it already exists, the REST API will respond with a 409 Conflict response status code. This can safely be ignored.

To reset the session credential you must delete it and then add it back.

Finally, you can find and view service credentials. This is a credential that is available to all administrators and is used to access service components within Security Controls. A service credential is created whenever you enable the Enable for background services check box on the Share Credential dialog within Security Controls.

Base URLs

        https://<consoleFQDN:port>/st/console/api/v1.0/credentials
        https://<consoleFQDN:port>/st/console/api/v1.0/sessioncredentials
        https://<consoleFQDN:port>/st/console/api/v1.0/servicecredentials

Servicecredentials requests will be deprecated in a future release.

Supported Requests

Method URL Input Return

DELETE

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}

 

Success code

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}/share

Share Body Success code

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}/sharewithservice

NOTE: The sharewithservice function will be deprecated in a future release. That capability has been rolled into the share function.

  Success code

https://<consoleFQDN:port>/st/console/api/v1.0/sessioncredentials

  Success code

GET

https://<consoleFQDN:port>/st/console/api/v1.0/credentials

URL Parameters

User credential list

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}

 

UserCredential

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}/share

 

User name list

https://<consoleFQDN:port>/st/console/api/v1.0/servicecredentials

 

ServiceCredential

https://<consoleFQDN:port>/st/console/api/v1.0/servicecredentials/{servicecredential id}

 

ServiceCredential

POST

https://<consoleFQDN:port>/st/console/api/v1.0/credentials

Credentials Body

UserCredential

https://<consoleFQDN:port>/st/console/api/v1.0/sessioncredentials

Session Body  

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}/share

NOTE: Only users who have previously logged on to the Security Controls console machine are eligible to be assigned a shared credential.

Share Body UserCredential

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}/sharewithservice

NOTE: The sharewithservice function will be deprecated in a future release. That capability has been rolled into the share function.

  Success code

PUT

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}

Credentials Body

Success code

https://<consoleFQDN:port>/st/console/api/v1.0/credentials/{credential id}/share

NOTE: Only users who have previously logged on to the Security Controls console machine are eligible to be assigned a shared credential.

Share Body Success code

Input Models

Example with Sample Response

Find all credentials created by the current user

GET Request

https://<consoleFQDN:port>/st/console/api/v1.0/credentials

Sample Response

{

"count": 1,

"value": [

{

"id": "01234567-89AB-CDEF-0123-456789ABCDEF",

"links": {

"self": {

"href": "https://device-name.fakedomain.com:3121/st/console/api/v1.0/credentials/01234567-89AB-CDEF-0123-456789ABCDEF"

},

"sharewithservice": {

"href": "https://device-name.fakedomain.com:3121/st/console/api/v1.0/credentials/01234567-89AB-CDEF-0123-456789ABCDEF/sharewithservice"

},

"share": {

"href": "https://device-name.fakedomain.com:3121/st/console/api/v1.0/credentials/01234567-89AB-CDEF-0123-456789ABCDEF/share"

}

"servicecredential": {

"href": "https://device-name.fakedomain.com:3121/st/console/api/v1.0/servicecredentials/87654321-89AB-CDEF-0123-987654ABCDEF"

}

},

"name": "JoesCreds",

"ownerName": "Sample\\Administrator",

"sharedWith": [

"Sample\\win1",

"Sample\\Administrator",

"NT AUTHORITY\\SYSTEM"

],

"sharedWithService": true,

"userName": "joe.coder"

}

]

}

Other Request Examples

Output Models