Credentials¶
This page outlines the operations, endpoints, parameters, and example requests and responses for the Credentials.
GET /api/v2/credentials/¶
List all sets of credentials available for given user.
Code samples¶
curl -X GET https://app.datarobot.com/api/v2/credentials/ \
-H "Accept: application/json" \
-H "Authorization: Bearer {access-token}"
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| offset | query | integer | false | Number of results to skip. |
| limit | query | integer | false | At most this many results are returned. The default may change without notice. |
| types | query | any | false | Includes only credentials of the specified type. Repeat the parameter for filtering on multiple statuses. |
| orderBy | query | string | false | The order to sort the credentials. Defaults to the order by the creation_date in descending order. |
Enumerated Values¶
| Parameter | Value |
|---|---|
| orderBy | [creationDate, -creationDate] |
Example responses¶
200 Response
{
"count": 0,
"data": [
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"name": "string"
}
],
"next": "http://example.com",
"previous": "http://example.com",
"totalCount": 0
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | A paginated list of credentials. | CredentialsListResponse |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
POST /api/v2/credentials/¶
Store a new set of credentials.
Code samples¶
curl -X POST https://app.datarobot.com/api/v2/credentials/ \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer {access-token}" \
-d '{CredentialsBody}'
Body parameter¶
{
"credentialType": "basic",
"description": "string",
"name": "string",
"password": "string",
"snowflakeAccountName": "string",
"user": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | CredentialsBody | false | none |
Example responses¶
201 Response
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"name": "string"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Credentials stored successfully. | CreateCredentialsResponse |
| 409 | Conflict | The specified name is already in use. | None |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
GET /api/v2/credentials/associations/{associationId}/¶
Returns a list of credentials associated with the specified object for the given session user.
Code samples¶
curl -X GET https://app.datarobot.com/api/v2/credentials/associations/{associationId}/ \
-H "Accept: application/json" \
-H "Authorization: Bearer {access-token}"
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| offset | query | integer | false | Number of results to skip. |
| limit | query | integer | false | At most this many results are returned. The default may change without notice. |
| orderBy | query | string | false | Sort order which will be applied to credential associations list. Prefix the attribute name with a dash to sort in descending order, e.g. "-is_default". Absent by default. |
| associationId | path | string | true | The compound ID of the data connection. |
Enumerated Values¶
| Parameter | Value |
|---|---|
| orderBy | [isDefault, -isDefault] |
Example responses¶
200 Response
{
"count": 0,
"data": [
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"isDefault": true,
"name": "string",
"objectId": "string",
"objectType": "batchPredictionJobDefinition"
}
],
"next": "http://example.com",
"previous": "http://example.com",
"totalCount": 0
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of credentials associated with the object for the session user. | ListCredentialsAssociationsResponse |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
DELETE /api/v2/credentials/{credentialId}/¶
Delete the credential set matching the specified ID if it is not used by any data connection or batch prediction job.
Code samples¶
curl -X DELETE https://app.datarobot.com/api/v2/credentials/{credentialId}/ \
-H "Authorization: Bearer {access-token}"
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Credentials deleted successfully. | None |
| 409 | Conflict | Credentials are in use by one or more data connections or batch prediction jobs. | None |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
GET /api/v2/credentials/{credentialId}/¶
Return the credential set matching the specified ID.
Code samples¶
curl -X GET https://app.datarobot.com/api/v2/credentials/{credentialId}/ \
-H "Accept: application/json" \
-H "Authorization: Bearer {access-token}"
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
Example responses¶
200 Response
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"name": "string"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Credentials retrieved successfully. | CreateCredentialsResponse |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
PATCH /api/v2/credentials/{credentialId}/¶
Update specified credentials
Code samples¶
curl -X PATCH https://app.datarobot.com/api/v2/credentials/{credentialId}/ \
-H "Content-Type: application/json" \
-H "Authorization: Bearer {access-token}" \
-d '{undefined}'
Body parameter¶
{
"apiToken": "string",
"authUrl": "http://example.com",
"awsAccessKeyId": "string",
"awsSecretAccessKey": "string",
"awsSessionToken": "string",
"azureConnectionString": "string",
"azureTenantId": "string",
"clientId": "string",
"clientSecret": "string",
"configId": "string",
"databricksAccessToken": "string",
"description": "string",
"gcpKey": {
"authProviderX509CertUrl": "http://example.com",
"authUri": "http://example.com",
"clientEmail": "string",
"clientId": "string",
"clientX509CertUrl": "http://example.com",
"privateKey": "string",
"privateKeyId": "string",
"projectId": "string",
"tokenUri": "http://example.com",
"type": "service_account"
},
"googleConfigId": "string",
"name": "string",
"oauthConfigId": "string",
"oauthIssuerType": "azure",
"oauthIssuerUrl": "http://example.com",
"oauthScopes": [
"string"
],
"passphrase": "string",
"password": "string",
"privateKeyStr": "string",
"refreshToken": "string",
"sapAiApiUrl": "http://example.com",
"snowflakeAccountName": "string",
"token": "string",
"user": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
| body | body | CredentialsUpdate | false | none |
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Set of credentials updated | None |
| 404 | Not Found | Requested credentials not found | None |
| 409 | Conflict | The name specified for credentials is already in use. | None |
| 422 | Unprocessable Entity | Must specify at least one field to update | None |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
GET /api/v2/credentials/{credentialId}/associations/¶
List all objects associated with specified credentials for the current user.
Code samples¶
curl -X GET https://app.datarobot.com/api/v2/credentials/{credentialId}/associations/ \
-H "Accept: application/json" \
-H "Authorization: Bearer {access-token}"
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| offset | query | integer | false | Number of results to skip. |
| limit | query | integer | false | At most this many results are returned. The default may change without notice. |
| types | query | any | false | Includes only credentials of the specified type. Repeat the parameter for filtering on multiple statuses. |
| orderBy | query | string | false | The order to sort the credentials. Defaults to the order by the creation_date in descending order. |
| credentialId | path | string | true | Credentials entity ID. |
Enumerated Values¶
| Parameter | Value |
|---|---|
| orderBy | [creationDate, -creationDate] |
Example responses¶
200 Response
{
"count": 0,
"data": [
{
"isDefault": true,
"link": "http://example.com",
"objectId": "string",
"objectType": "string"
}
],
"next": "http://example.com",
"previous": "http://example.com",
"totalCount": 0
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Objects associated with the specified credentials for the current user. | CredentialsListAssociationsResponse |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
PATCH /api/v2/credentials/{credentialId}/associations/¶
Add objects associated with credentials
Code samples¶
curl -X PATCH https://app.datarobot.com/api/v2/credentials/{credentialId}/associations/ \
-H "Content-Type: application/json" \
-H "Authorization: Bearer {access-token}" \
-d '{undefined}'
Body parameter¶
{
"credentialsToAdd": [
{
"objectId": "string",
"objectType": "dataconnection"
}
],
"credentialsToRemove": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
| body | body | CredentialsAssociationUpdate | false | none |
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | None |
| 204 | No Content | Credentials association updated | None |
| 404 | Not Found | Requested credentials not found | None |
| 409 | Conflict | One or more associations already exists when adding or one or more associations do not exist | None |
| 422 | Unprocessable Entity | Must specify a field to update or must specify only one of credentialsToAdd or credentialsToRemove. |
None |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
PUT /api/v2/credentials/{credentialId}/associations/{associationId}/¶
Set (create or update) the credentials' association for the given Data Connection for the given session Owner for the given credentials.
Code samples¶
curl -X PUT https://app.datarobot.com/api/v2/credentials/{credentialId}/associations/{associationId}/ \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer {access-token}" \
-d '{undefined}'
Body parameter¶
{
"isDefault": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
| associationId | path | string | true | The compound ID of the data connection. |
| body | body | SetCredentialsAssociationRequest | false | none |
Example responses¶
200 Response
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"isDefault": true,
"name": "string",
"objectId": "string",
"objectType": "batchPredictionJobDefinition"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Credentials association was successfully set (created or updated). | RetrieveCredentialAssociationResponse |
| 201 | Created | New credential association was created. | None |
To perform this operation, you must be authenticated by means of one of the following methods:
BearerAuth
Schemas¶
CreateCredentialsResponse
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"name": "string"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| creationDate | string(date-time) | true | ISO-8601 formatted date/time when these credentials were created. | |
| credentialId | string | true | ID of these credentials. | |
| credentialType | string | false | Type of credentials. | |
| description | string | false | Description of these credentials. | |
| name | string | true | Name of these credentials. |
Enumerated Values¶
| Property | Value |
|---|---|
| credentialType | [adls_gen2_oauth, api_token, azure, azure_service_principal, basic, bearer, databricks_access_token_account, databricks_service_principal_account, gcp, oauth, rsa, s3, sap_oauth, snowflake_key_pair_user_account, snowflake_oauth_user_account, tableau_access_token] |
CredentialsAssociationUpdate
{
"credentialsToAdd": [
{
"objectId": "string",
"objectType": "dataconnection"
}
],
"credentialsToRemove": [
"string"
]
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| credentialsToAdd | [CredentialsToAdd] | false | minItems: 1 |
Objects to associate with given credentials. |
| credentialsToRemove | [string] | false | minItems: 1 |
Object IDs, each of which identifies an object to be disassociated from this credential. To see which objects are currently associated, see the response from GET /api/v2/credentials/{credentialId}/associations/. |
CredentialsAssociationsData
{
"isDefault": true,
"link": "http://example.com",
"objectId": "string",
"objectType": "string"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| isDefault | boolean | false | Whether this credential association with the given object is default for given session user. | |
| link | string,null(uri) | true | Link to get more details about associated object. | |
| objectId | string | true | Associated object ID. | |
| objectType | string | true | Associated object type. |
CredentialsBody
{
"credentialType": "basic",
"description": "string",
"name": "string",
"password": "string",
"snowflakeAccountName": "string",
"user": "string"
}
Properties¶
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » credentialType | string | false | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » password | string | true | Password to store for this credentials. | |
| » snowflakeAccountName | string | false | Snowflake account name. | |
| » user | string | true | Username to store for this credentials. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » refreshToken | string | true | OAUTH token. | |
| » token | string | true | OAUTH token. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » awsAccessKeyId | string | false | AWS access key ID. | |
| » awsSecretAccessKey | string | false | AWS secret access key. | |
| » awsSessionToken | string | false | AWS session token. | |
| » configId | string | false | ID of Secure configurations to share S3 or GCP credentials by admin. Alternative to googleConfigId (deprecated). | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » configId | string | false | ID of Secure configurations to share S3 or GCP credentials by admin. Alternative to googleConfigId (deprecated). | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » gcpKey | GCPKey | false | The Google Cloud Platform (GCP) key. Output is the downloaded JSON resulting from creating a service account User Managed Key (in the IAM & admin > Service accounts section of GCP).Required if googleConfigId/configId is not specified.Cannot include this parameter if googleConfigId/configId is specified. | |
| » googleConfigId | string | false | ID of Google configurations shared by admin (deprecated). Please use configId instead. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » azureConnectionString | string | true | Azure connection string. | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » azureTenantId | string | false | Tenant ID of the Azure AD service principal. | |
| » clientId | string | false | Client ID of the Azure AD service principal. | |
| » clientSecret | string | false | Client Secret of the Azure AD service principal. | |
| » configId | string | false | ID of secure configuration to share Azure service principal credentials by admin. | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | Snowflake OAUTH client ID. | |
| » clientSecret | string | false | Snowflake OAUTH client secret. | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » oauthConfigId | string | false | ID of snowflake OAuth configurations shared by admin. | |
| » oauthIssuerType | string | false | OAuth issuer type. | |
| » oauthIssuerUrl | string(uri) | false | OAuth issuer URL. | |
| » oauthScopes | [string] | false | minItems: 1 |
OAuth scopes. |
| » snowflakeAccountName | string | false | Snowflake account name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | ADLS Gen2 OAuth client ID. | |
| » clientSecret | string | false | ADLS Gen2 OAuth client secret. | |
| » configId | string | false | ID of secure configuration to share ADLS OAuth credentials by admin. | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » oauthScopes | [string] | false | minItems: 1 |
ADLS Gen2 OAuth scopes. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » configId | string | false | ID of Snowflake Key Pair Credentials Secure configurations to share by admin | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » passphrase | string | false | minLength: 1 minLength: 1 |
Optional passphrase to encrypt private key. |
| » privateKeyStr | string | false | minLength: 1 minLength: 1 |
Private key for key pair authentication. |
| » user | string | false | Username for this credential. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » credentialType | string | true | Credentials type. | |
| » databricksAccessToken | string | true | minLength: 1 minLength: 1 |
Databricks personal access token. |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | Client ID for Databricks Service Principal. | |
| » clientSecret | string | false | Client secret for Databricks Service Principal. | |
| » configId | string | false | ID of Databricks Service Principal Credentials Secure configuration to share by admin | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » apiToken | string | true | minLength: 1 minLength: 1 |
API token. |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » authUrl | string(uri) | true | The URL used for SAP authentication. | |
| » clientId | string | true | SAP OAUTH client ID. | |
| » clientSecret | string | true | SAP OAUTH client secret. | |
| » credentialType | string | true | Credentials type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » sapAiApiUrl | string(uri) | true | The URL used for SAP AI API service. |
Enumerated Values¶
| Property | Value |
|---|---|
| credentialType | basic |
| credentialType | oauth |
| credentialType | s3 |
| credentialType | gcp |
| credentialType | azure |
| credentialType | azure_service_principal |
| credentialType | snowflake_oauth_user_account |
| oauthIssuerType | [azure, okta, snowflake] |
| credentialType | adls_gen2_oauth |
| credentialType | snowflake_key_pair_user_account |
| credentialType | databricks_access_token_account |
| credentialType | databricks_service_principal_account |
| credentialType | api_token |
| credentialType | sap_oauth |
CredentialsListAssociationsResponse
{
"count": 0,
"data": [
{
"isDefault": true,
"link": "http://example.com",
"objectId": "string",
"objectType": "string"
}
],
"next": "http://example.com",
"previous": "http://example.com",
"totalCount": 0
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| count | integer | false | Number of items returned on this page. | |
| data | [CredentialsAssociationsData] | true | Objects associated with the specified credentials. | |
| next | string,null(uri) | true | URL pointing to the next page (if null, there is no next page). | |
| previous | string,null(uri) | true | URL pointing to the previous page (if null, there is no previous page). | |
| totalCount | integer | true | The total number of items across all pages. |
CredentialsListResponse
{
"count": 0,
"data": [
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"name": "string"
}
],
"next": "http://example.com",
"previous": "http://example.com",
"totalCount": 0
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| count | integer | false | Number of items returned on this page. | |
| data | [CreateCredentialsResponse] | true | List of credentials. | |
| next | string,null(uri) | true | URL pointing to the next page (if null, there is no next page). | |
| previous | string,null(uri) | true | URL pointing to the previous page (if null, there is no previous page). | |
| totalCount | integer | true | The total number of items across all pages. |
CredentialsToAdd
{
"objectId": "string",
"objectType": "dataconnection"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| objectId | string | true | Object ID identifying the object to be associated with the credentials. | |
| objectType | string | true | Type of object associated with the credentials. |
Enumerated Values¶
| Property | Value |
|---|---|
| objectType | dataconnection |
CredentialsUpdate
{
"apiToken": "string",
"authUrl": "http://example.com",
"awsAccessKeyId": "string",
"awsSecretAccessKey": "string",
"awsSessionToken": "string",
"azureConnectionString": "string",
"azureTenantId": "string",
"clientId": "string",
"clientSecret": "string",
"configId": "string",
"databricksAccessToken": "string",
"description": "string",
"gcpKey": {
"authProviderX509CertUrl": "http://example.com",
"authUri": "http://example.com",
"clientEmail": "string",
"clientId": "string",
"clientX509CertUrl": "http://example.com",
"privateKey": "string",
"privateKeyId": "string",
"projectId": "string",
"tokenUri": "http://example.com",
"type": "service_account"
},
"googleConfigId": "string",
"name": "string",
"oauthConfigId": "string",
"oauthIssuerType": "azure",
"oauthIssuerUrl": "http://example.com",
"oauthScopes": [
"string"
],
"passphrase": "string",
"password": "string",
"privateKeyStr": "string",
"refreshToken": "string",
"sapAiApiUrl": "http://example.com",
"snowflakeAccountName": "string",
"token": "string",
"user": "string"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| apiToken | string | false | minLength: 1 minLength: 1 |
API token. |
| authUrl | string(uri) | false | The URL used for SAP OAuth authentication. | |
| awsAccessKeyId | string | false | AWS access key ID (applicable for credentialType s3 only). |
|
| awsSecretAccessKey | string | false | The AWS secret access key (applicable for credentialType s3 only). |
|
| awsSessionToken | string | false | The AWS session token (applicable for credentialType s3 only). |
|
| azureConnectionString | string | false | Azure connection string (applicable for credentialType azure only). |
|
| azureTenantId | string | false | Tenant ID of the Azure AD service principal (applicable for credentialType azure_service_principal only). |
|
| clientId | string | false | OAUTH client ID (applicable for credentialType snowflake_oauth_user_account, adls_gen2_oauth, sap_oauth_account and azure_service_principal). |
|
| clientSecret | string | false | OAUTH client secret (applicable for credentialType snowflake_oauth_user_account, adls_gen2_oauth, sap_oauth_account and azure_service_principal). |
|
| configId | string | false | ID of secure configuration credentials to share by admin. Alternative to googleConfigId (deprecated). | |
| databricksAccessToken | string | false | minLength: 1 minLength: 1 |
Databricks personal access token. |
| description | string | false | Description of credentials. If omitted, and name is not omitted, clears any previous description for that name. | |
| gcpKey | GCPKey | false | The Google Cloud Platform (GCP) key. Output is the downloaded JSON resulting from creating a service account User Managed Key (in the IAM & admin > Service accounts section of GCP).Required if googleConfigId/configId is not specified.Cannot include this parameter if googleConfigId/configId is specified. | |
| googleConfigId | string | false | ID of Google configurations shared by admin (deprecated). Please use configId instead. | |
| name | string | false | Name of credentials. | |
| oauthConfigId | string | false | ID of snowflake OAuth configurations shared by admin. | |
| oauthIssuerType | string | false | Snowflake IDP issuer type (applicable for credentialType snowflake_oauth_user_account only). |
|
| oauthIssuerUrl | string(uri) | false | Snowflake External IDP issuer URL (applicable for Snowflake External OAUTH connections only). | |
| oauthScopes | [string] | false | minItems: 1 |
External OAUTH scopes (applicable for Snowflake External OAUTH connections and credentialType snowflake_oauth_user_account). |
| passphrase | string | false | minLength: 1 minLength: 1 |
Optional passphrase to encrypt private key.(applicable for credentialType snowflake_key_pair_user_account only). |
| password | string | false | Password to update for this set of credentials (applicable for credentialType basic only). |
|
| privateKeyStr | string | false | minLength: 1 minLength: 1 |
Private key for key pair authentication.(applicable for credentialType snowflake_key_pair_user_account only). |
| refreshToken | string | false | OAUTH refresh token (applicable for credentialType oauth only). |
|
| sapAiApiUrl | string(uri) | false | The URL used for SAP AI API service. | |
| snowflakeAccountName | string | false | Snowflake account name (applicable for snowflake_oauth_user_account only). |
|
| token | string | false | OAUTH token (applicable for credentialType oauth only). |
|
| user | string | false | Username to update for this set of credentials (applicable for credentialType basic and snowflake_key_pair_user_account only). |
Enumerated Values¶
| Property | Value |
|---|---|
| oauthIssuerType | [azure, okta, snowflake] |
GCPKey
{
"authProviderX509CertUrl": "http://example.com",
"authUri": "http://example.com",
"clientEmail": "string",
"clientId": "string",
"clientX509CertUrl": "http://example.com",
"privateKey": "string",
"privateKeyId": "string",
"projectId": "string",
"tokenUri": "http://example.com",
"type": "service_account"
}
The Google Cloud Platform (GCP) key. Output is the downloaded JSON resulting from creating a service account User Managed Key (in the IAM & admin > Service accounts section of GCP).Required if googleConfigId/configId is not specified.Cannot include this parameter if googleConfigId/configId is specified.
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| authProviderX509CertUrl | string(uri) | false | Auth provider X509 certificate URL. | |
| authUri | string(uri) | false | Auth URI. | |
| clientEmail | string | false | Client email address. | |
| clientId | string | false | Client ID. | |
| clientX509CertUrl | string(uri) | false | Client X509 certificate URL. | |
| privateKey | string | false | Private key. | |
| privateKeyId | string | false | Private key ID | |
| projectId | string | false | Project ID. | |
| tokenUri | string(uri) | false | Token URI. | |
| type | string | true | GCP account type. |
Enumerated Values¶
| Property | Value |
|---|---|
| type | service_account |
ListCredentialsAssociationsResponse
{
"count": 0,
"data": [
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"isDefault": true,
"name": "string",
"objectId": "string",
"objectType": "batchPredictionJobDefinition"
}
],
"next": "http://example.com",
"previous": "http://example.com",
"totalCount": 0
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| count | integer | false | Number of items returned on this page. | |
| data | [RetrieveCredentialAssociationResponse] | true | List of credentials associations. | |
| next | string,null(uri) | true | URL pointing to the next page (if null, there is no next page). | |
| previous | string,null(uri) | true | URL pointing to the previous page (if null, there is no previous page). | |
| totalCount | integer | true | The total number of items across all pages. |
RetrieveCredentialAssociationResponse
{
"creationDate": "2019-08-24T14:15:22Z",
"credentialId": "string",
"credentialType": "adls_gen2_oauth",
"description": "string",
"isDefault": true,
"name": "string",
"objectId": "string",
"objectType": "batchPredictionJobDefinition"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| creationDate | string(date-time) | true | ISO-8601 formatted date/time when these credentials were created. | |
| credentialId | string | true | ID of these credentials. | |
| credentialType | string | false | Type of credentials. | |
| description | string | false | Description of these credentials. | |
| isDefault | boolean | false | Whether this credential association with the given object is default for given session user. | |
| name | string | true | Name of these credentials. | |
| objectId | string | true | Associated object ID. | |
| objectType | string | true | Associated object type. |
Enumerated Values¶
| Property | Value |
|---|---|
| credentialType | [adls_gen2_oauth, api_token, azure, azure_service_principal, basic, bearer, databricks_access_token_account, databricks_service_principal_account, gcp, oauth, rsa, s3, sap_oauth, snowflake_key_pair_user_account, snowflake_oauth_user_account, tableau_access_token] |
| objectType | [batchPredictionJobDefinition, dataconnection] |
SetCredentialsAssociationRequest
{
"isDefault": false
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| isDefault | boolean | false | Whether this credentials' association with the given object is default for given session user. |