Description
Use a HTTP PUT request to update a credential.
Request
HTTP Method: PUT
| Parameter | Description |
|---|---|
| mode | Describes the type of credential (TEXT, JWT, OAUTH, AWS, MTLS, HTTP_REQUEST_AGENT, MULTI_REQUEST). |
| name | Optional Name of the credential. |
| folder_id | Optional The ID of the folder to move the credential to, or an empty value to indicate the root folder. Note that this folder must exist within the team identified by team_id, or the credential's current team if team_id isn't specified. |
| read_access | Optional Control where this credential can be used (TEAM, GLOBAL, SPECIFIC_TEAMS). default: TEAM. (SPECIFIC_TEAMS is a premium feature. Reach out to find out more.) |
| shared_team_slugs | Optional List of teams' slugs where this credential can be used. Required to set read_access to SPECIFIC_TEAMS. default: [] (empty array). |
| description | Optional Description of the credential. default: "" (empty string). |
| metadata | Optional Key/value metadata for use in HTTP requests alongside the credential value |
| allowed_hosts | Optional Array of domains where this credential can only be used in HTTP requests. Domain matching supports wildcards. |
| test_credential_enabled | Optional A boolean value stating if the credential is enabled for using a test credential |
| is_test | Optional Boolean value stating if the test credential should be updated. test_credential_enabled must be set to TRUE and a test credential must exist for the update to succeed. |
TEXT Options
| Parameter | Description |
|---|---|
| value | Value of the credential. |
OAUTH Options
| Parameter | Description |
|---|---|
| oauth_url | Your app oauth url |
| oauth_token_url | Your app oauth token url |
| oauth_client_id | The client ID for your app |
| oauth_client_secret | The client secret for your app |
| oauth_scope | Enter one or more scope values indicating which parts of the user’s account you wish to access |
| oauth_grant_type | Tines supports client_credentials and authorization_code grants. |
| oauthPkceCodeChallengeMethod | PKCE challenge method (S256, plain). default: NULL (None). |
MTLS Options
| Parameter | Description |
|---|---|
| mtls_client_certificate | The certificate file issued by the CA for this client |
| mtls_client_private_key | The private key file for the client certificate |
| mtls_root_certificate | The root certificate file for the certificate authority (CA) responsible for signatures |
JWT Options
| Parameter | Description |
|---|---|
| jwt_algorithm | The algorithm to be used when computing the JWT |
| jwt_payload | The payload to be included in the JWT |
| jwt_auto_generate_time_claims | Auto generate ‘iat’ & ‘exp’ claims |
| jwt_private_key | The private key to be used to sign the JWT |
HTTP_REQUEST_AGENT Options
| Parameter | Description |
|---|---|
| http_request_options | JSON string representing the Agents::HTTPRequestAgent Options (required) |
| http_request_location_of_token | Location of token from response (required) |
| http_request_secret | Secret value to save in an http request. This can be referenced as secret in the HTTP request options builder. |
| http_request_ttl | Time to live (TTL) in seconds. Not sending this value during an update/PUT operation will update it to null. |
MULTI_REQUEST Options
| Parameter | Description |
|---|---|
| http_request_location_of_token | Location of token from response (required) |
| credential_requests | List of requests to run to fetch the credential values (required). |
| http_request_ttl | Time to live (TTL) in seconds. Not sending this value during an update/PUT operation will update it to null. |
AWS Options
| Parameter | Description |
|---|---|
| aws_authentication_type | The authentication method with AWS, key-based-access or role-based-access(KEY, ROLE, INSTANCE_PROFILE) |
| aws_access_key | The access key from your AWS Security Credentials |
| aws_secret_key | The access secret from your AWS Security Credentials |
| aws_assumed_role_arn | Required for role-based-access The ARN of the role you wish to assume, e.g.: arn:aws:iam::123456789012:role/write-access-role |
Sample request
curl -X PUT \
https://<<META.tenant.domain>>/api/v1/user_credentials/<<credential_id>> \
-H 'content-type: application/json' \
-H 'Authorization: Bearer <<CREDENTIAL.tines_api_key>>' \
-d '{
"name": "Updated credential name",
"value": "Updated secret value",
"mode": "TEXT",
"metadata": { "account_domain": "https://updatedmetadataexample.com" }
}'
Response
A successful request will return a JSON object describing the created credential.
Field description
| Parameter | Description |
|---|---|
| id | credential ID. |
| name | Name of the credential. |
| mode | Describes the type of credential (TEXT, JWT, OAUTH, AWS, MTLS, HTTP_REQUEST_AGENT, MULTI_REQUEST). |
| team_id | ID of team to which the credential belongs. |
| folder_id | ID of folder to which the credential belongs. |
| read_access | Control where this credential can be used (TEAM, GLOBAL, SPECIFIC_TEAMS). |
| shared_team_slugs | List of teams' slugs where this credential can be used when read_access is SPECIFIC_TEAMS, otherwise empty. |
| description | Description of the credential. |
| slug | An underscored representation of the credential name |
| created_at | ISO 8601 Timestamp representing date and time the credential was created. |
| updated_at | ISO 8601 Timestamp representing date and time the credential was last updated. |
| allowed_hosts | Array of domains where this credential can only be used in HTTP requests. |
| metadata | Key/value metadata for use in HTTP requests alongside the credential value. |
| restriction_type | The type of restriction applied to the use of the credential (RESTRICTED,RESTRICTED_TO_CREDENTIALS ,UNRESTRICTED ) |
| test_credential_enabled | A boolean value stating if the credential is enabled for using a test credential |
| test_credential | Data specific to the test credential (created_at and updated_at) |
| owner | An object representing the user who owns this credential. By default, the owner is the user who created the credential. |
Sample response
{
"id": 1,
"name": "tines_api_credential",
"mode": "TEXT",
"team_id": 2,
"folder_id": 1,
"read_access": "TEAM",
"shared_team_slugs": [],
"slug": "tines_api_credential",
"created_at": "2021-03-26T12:34:16.540Z",
"updated_at": "2021-03-26T12:34:16.540Z",
"description": "",
"allowed_hosts": [],
"metadata": { "account_domain": "https://example.com" },
"restriction_type": "UNRESTRICTED",
"test_credential_enabled": false,
"owner": {
"user_id": 1,
"first_name": "Jane",
"last_name": "Doe",
"email": "jane@tines.io"
}
}