3.1.5.2 credentials

The credentials resource contains the credential information needed to connect to a southbound device with the appropriate permissions to manage the device. This resource is referenced by one or more southbound device resources combining the credential information with the connection information, therefore allowing the Network Controller to connect to and configure a device in the network.

A credentials resource can be referenced by one or more resources. Credentials resources are stored in encrypted form. Encryption is done using the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificate provisioned on the Network Controller nodes, as specified in [RFC2818] and [X509]. If the credential type is usernamePassword, the credentials value (password) is not provided in the GET response. If a credentials resource is referenced by one or more devices and is deleted, the reference will be removed from all devices.

It is invoked through the following URI.

 https://<url>/networking/v1/credentials/{resourceId}

url: The address or name of the REST server of the Network Controller.

resourceId: The identifier for the specific descendant resource within the resource type. See section 2.2.3.4 for more details.

Note  The server MAY support additional versions, v1 or later, in the URI.

The following HTTP methods can be performed on this resource.

HTTP method	Section	Description
PUT	3.1.5.2.1.1	Create a new credentials resource or update an existing credentials resource.
GET	3.1.5.2.1.2	Get one credentials resource.
GET ALL	3.1.5.2.1.3	List all credentials resources in the Network Controller.
DELETE	3.1.5.2.1.4	Delete a credentials resource.

The following property elements are valid.

Element name	Type	Description
etag	Read-only	Specified in Common JSON Elements, section 2.2.2.
provisioningState	Read-only	Specified in Common JSON Elements, section 2.2.2.
type	Required	Indicates the type of the credential.  Valid values are: usernamePassword X509Certificate SnmpCommunityString GroupManagedServiceAccount X509CertificateSubjectName (URI version v6.1 and later)
userName	Optional	If the credentials resource is of type usernamePassword, then this username used for the credential. If the credential resource is of type GroupManagedServiceAccount, this contains the name of the account. For all other types, this field will be ignored.
value	Required	Indicates the value of the credentials resources type. The actual value will depend on the type field: usernamePassword: This element represents the password. X509Certificate: This element represents the certificate thumbprint. SnmpCommunityString: This element represents the community string. GroupManagedServiceAccount: This element is expected to be empty. X509CertificateSubjectName: This represents the certificate subject (common) name (URI version v6.1 and later).
networks	Optional Read-only	Indicates an array of references to the virtual networks that use this credential to encrypt virtualized traffic. This property is supported in URI version v2 or later.
auditingSettings	Optional	A singleton resource that configures the directory where servers log firewall auditing information. This property is supported with URI version v3 or later.