Description
Use a HTTP POST request to update a credential.
Request
HTTP Method: PUT
| Parameter | Description |
|---|---|
| mode | Describes the type of credential (TEXT, JWT, OAUTH, AWS, MTLS, HTTP_REQUEST_AGENT, MULTI_REQUEST). |
| name | Optional Name of the credential. |
| folder_id | Optional ID of folder to which the credential will be located |
| read_access | Optional Control where this credential can be used (TEAM, GLOBAL, SPECIFIC_TEAMS). default: TEAM. (SPECIFIC_TEAMS is a premium feature. Reach out to find out more.) |
| shared_team_slugs | Optional List of teams' slugs where this credential can be used. Required to set read_access to SPECIFIC_TEAMS. default: [] (empty array). |
| description | Optional Description of the credential. default: "" (empty string). |
| metadata | Optional Key/value metadata for use in HTTP requests alongside the credential value |
| allowed_hosts | Optional Array of domains where this credential can only be used in HTTP requests. Domain matching supports wildcards. |
| test_credential_enabled | Optional A boolean value stating if the credential is enabled for using a test credential |
| is_test | Optional Boolean value stating if the test credential should be updated. test_credential_enabled must be set to TRUE to successfully update a test credential. |
TEXT Options
| Parameter | Description |
|---|---|
| value | Value of the credential. |
OAUTH Options
| Parameter | Description |
|---|---|
| oauth_url | Your app oauth url |
| oauth_token_url | Your app oauth token url |
| oauth_client_id | The client ID for your app |
| oauth_client_secret | The client secret for your app |
| oauth_scope | Enter one or more scope values indicating which parts of the user’s account you wish to access |
| oauth_grant_type | Tines supports client_credentials and authorization_code grants. |
| oauthPkceCodeChallengeMethod | PKCE challenge method (S256, plain). default: NULL (None). |
MTLS Options
| Parameter | Description |
|---|---|
| mtls_client_certificate | The certificate file issued by the CA for this client |
| mtls_client_private_key | The private key file for the client certificate |
| mtls_root_certificate | The root certificate file for the certificate authority (CA) responsible for signatures |
JWT Options
| Parameter | Description |
|---|---|
| jwt_algorithm | The algorithm to be used when computing the JWT |
| jwt_payload | The payload to be included in the JWT |
| jwt_auto_generate_time_claims | Auto generate ‘iat’ & ‘exp’ claims |
| jwt_private_key | The private key to be used to sign the JWT |
HTTP_REQUEST_AGENT Options
| Parameter | Description |
|---|---|
| http_request_options | JSON string representing the Agents::HTTPRequestAgent Options (required) |
| http_request_location_of_token | Location of token from response (required) |
| http_request_secret | Secret value to save in an http request. This can be referenced as secret in the HTTP request options builder. |
| http_request_ttl | Time to live (TTL) in seconds. |
MULTI_REQUEST Options
| Parameter | Description |
|---|---|
| http_request_location_of_token | Location of token from response (required) |
| credential_requests | List of requests to run to fetch the credential values (required). |
| http_request_ttl | Time to live (TTL) in seconds. |
AWS Options
| Parameter | Description |
|---|---|
| aws_authentication_type | The authentication method with AWS, key-based-access or role-based-access(KEY, ROLE, INSTANCE_PROFILE) |
| aws_access_key | The access key from your AWS Security Credentials |
| aws_secret_key | The access secret from your AWS Security Credentials |
| aws_assumed_role_arn | Required for role-based-access The ARN of the role you wish to assume, e.g.: arn:aws:iam::123456789012:role/write-access-role |
Sample request
curl -X PUT \
https://<<META.tenant.domain>>/api/v1/user_credentials/<<credential_id>> \
-H 'content-type: application/json' \
-H 'Authorization: Bearer <<CREDENTIAL.tines_api_key>>' \
-d '{
"name": "Updated credential name",
"value": "Updated secret value",
"mode": "TEXT",
"metadata": { "account_domain": "https://updatedmetadataexample.com" }
}'
Response
A successful request will return a JSON object describing the created credential.
Field description
| Parameter | Description |
|---|---|
| id | credential ID. |
| name | Name of the credential. |
| mode | Describes the type of credential (TEXT, JWT, OAUTH, AWS, MTLS, HTTP_REQUEST_AGENT, MULTI_REQUEST). |
| team_id | ID of team to which the credential belongs. |
| folder_id | ID of folder to which the credential belongs. |
| read_access | Control where this credential can be used (TEAM, GLOBAL, SPECIFIC_TEAMS). |
| shared_team_slugs | List of teams' slugs where this credential can be used when read_access is SPECIFIC_TEAMS, otherwise empty. |
| description | Description of the credential. |
| slug | An underscored representation of the credential name |
| created_at | ISO 8601 Timestamp representing date and time the credential was created. |
| updated_at | ISO 8601 Timestamp representing date and time the credential was last updated. |
| allowed_hosts | Array of domains where this credential can only be used in HTTP requests. |
| metadata | Key/value metadata for use in HTTP requests alongside the credential value. |
| test_credential_enabled | A boolean value stating if the credential is enabled for using a test credential |
| test_credential | The test credential |
Sample response
{
"id": 1,
"name": "tines_api_credential",
"mode": "TEXT",
"team_id": 2,
"folder_id": 1,
"read_access": "TEAM",
"shared_team_slugs": [],
"slug": "tines_api_credential",
"created_at": "2021-03-26T12:34:16.540Z",
"updated_at": "2021-03-26T12:34:16.540Z",
"description": "",
"allowed_hosts": [],
"metadata": { "account_domain": "https://example.com" },
"test_credential_enabled": false
}