Credentials¶
The following endpoints outline how to manage user credentials.
List Credentials¶
Operation path: GET /api/v2/credentials/
Authentication requirements: BearerAuth
List all sets of credentials available for given user.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| offset | query | integer | false | The number of results to skip. |
| limit | query | integer | false | At most this many results are returned. The default may change without notice. |
| types | query | any | false | Includes only credentials of the specified type. Repeat the parameter for filtering on multiple statuses. |
| orderBy | query | string | false | The order to sort the credentials. Defaults to the order by the creation_date in descending order. |
Enumerated Values¶
| Parameter | Value |
|---|---|
| orderBy | [creationDate, -creationDate] |
Example responses¶
200 Response
{
"properties": {
"count": {
"description": "The number of items returned on this page.",
"type": "integer"
},
"data": {
"description": "List of credentials.",
"items": {
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name"
],
"type": "object"
},
"type": "array"
},
"next": {
"description": "The url of the next page (if null, there is no next page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"previous": {
"description": "The url of the previous page (if null, there is no previous page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"totalCount": {
"description": "The total number of items across all pages.",
"type": "integer"
}
},
"required": [
"data",
"next",
"previous",
"totalCount"
],
"type": "object"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | A paginated list of credentials. | CredentialsListResponse |
Store A New Set Of Credentials¶
Operation path: POST /api/v2/credentials/
Authentication requirements: BearerAuth
Store a new set of credentials.
Body parameter¶
{
"discriminator": {
"propertyName": "credentialType"
},
"oneOf": [
{
"properties": {
"credentialType": {
"description": "The credential type.",
"enum": [
"basic"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"password": {
"description": "Password to store for these credentials.",
"type": "string"
},
"snowflakeAccountName": {
"description": "Snowflake account name.",
"type": "string",
"x-versionadded": "v2.21"
},
"user": {
"description": "Username to store for these credentials.",
"type": "string"
}
},
"required": [
"name",
"password",
"user"
],
"type": "object"
},
{
"properties": {
"credentialType": {
"description": "The credential type.",
"enum": [
"oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"refreshToken": {
"description": "OAUTH refresh token.",
"type": "string"
},
"token": {
"description": "OAUTH token.",
"type": "string"
}
},
"required": [
"credentialType",
"name",
"refreshToken",
"token"
],
"type": "object"
},
{
"properties": {
"awsAccessKeyId": {
"description": "The S3 AWS access key ID. Required if configId is not specified.Cannot include this parameter if configId is specified.",
"type": "string",
"x-versionadded": "v2.20"
},
"awsSecretAccessKey": {
"description": "The S3 AWS secret access key. Required if configId is not specified.Cannot include this parameter if configId is specified.",
"type": "string",
"x-versionadded": "v2.20"
},
"awsSessionToken": {
"default": null,
"description": "The S3 AWS session token for AWS temporary credentials.Cannot include this parameter if configId is specified.",
"type": [
"string",
"null"
],
"x-versionadded": "v2.20"
},
"configId": {
"description": "The ID of secure configurations of credentials shared by admin. If specified, cannot include awsAccessKeyId, awsSecretAccessKey or awsSessionToken.",
"type": "string",
"x-versionadded": "v2.32"
},
"credentialType": {
"description": "The type of these credentials, 's3' here.",
"enum": [
"s3"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"configId": {
"description": "The ID of secure configurations shared by admin. Alternative to googleConfigId (deprecated). If specified, cannot include gcpKey.",
"type": "string",
"x-versionadded": "v2.32"
},
"credentialType": {
"description": "The type of these credentials, 'gcp' here.",
"enum": [
"gcp"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"gcpKey": {
"description": "The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account *user managed key* (in the *iam & admin > service accounts section* of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified.",
"properties": {
"authProviderX509CertUrl": {
"description": "Auth provider x509 certificate url.",
"format": "uri",
"type": "string"
},
"authUri": {
"description": "Auth uri.",
"format": "uri",
"type": "string"
},
"clientEmail": {
"description": "Client email address.",
"type": "string"
},
"clientId": {
"description": "Client id.",
"type": "string"
},
"clientX509CertUrl": {
"description": "Client x509 certificate url.",
"format": "uri",
"type": "string"
},
"privateKey": {
"description": "Private key.",
"type": "string"
},
"privateKeyId": {
"description": "Private key id.",
"type": "string"
},
"projectId": {
"description": "Project id.",
"type": "string"
},
"tokenUri": {
"description": "Token uri.",
"format": "uri",
"type": "string"
},
"type": {
"description": "GCP account type.",
"enum": [
"service_account"
],
"type": "string"
}
},
"required": [
"type"
],
"type": "object"
},
"googleConfigId": {
"description": "The ID of secure configurations shared by admin. This is deprecated. Please use configId instead. If specified, cannot include gcpKey.",
"type": "string",
"x-versionadded": "v2.30"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"azureConnectionString": {
"description": "The Azure connection string.",
"type": "string",
"x-versionadded": "v2.21"
},
"credentialType": {
"description": "The type of these credentials, 'azure' here.",
"enum": [
"azure"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"azureConnectionString",
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"azureTenantId": {
"description": "Tenant ID of the Azure AD service principal.",
"type": "string",
"x-versionadded": "v2.30"
},
"clientId": {
"description": "Client ID of the Azure AD service principal.",
"type": "string",
"x-versionadded": "v2.30"
},
"clientSecret": {
"description": "Client Secret of the Azure AD service principal.",
"type": "string",
"x-versionadded": "v2.30"
},
"configId": {
"description": "The ID of the secure configuration to share Azure service principal credentials by admin.",
"type": "string",
"x-versionadded": "v2.35"
},
"credentialType": {
"description": "The type of these credentials, 'azure_service_principal' here.",
"enum": [
"azure_service_principal"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Snowflake OAUTH client ID.",
"type": "string",
"x-versionadded": "v2.23"
},
"clientSecret": {
"description": "Snowflake OAUTH client secret.",
"type": "string",
"x-versionadded": "v2.23"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"snowflake_oauth_user_account"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"oauthConfigId": {
"description": "ID of snowflake OAuth configurations shared by admin.",
"type": "string",
"x-versionadded": "v2.30"
},
"oauthIssuerType": {
"description": "OAuth issuer type.",
"enum": [
"azure",
"okta",
"snowflake"
],
"type": "string",
"x-versionadded": "v2.27"
},
"oauthIssuerUrl": {
"description": "OAuth issuer URL.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.27"
},
"oauthScopes": {
"description": "OAuth scopes.",
"items": {
"description": "OAuth scope.",
"type": "string"
},
"minItems": 1,
"type": "array",
"x-versionadded": "v2.27"
},
"snowflakeAccountName": {
"description": "Snowflake account name.",
"type": "string",
"x-versionadded": "v2.21"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "ADLS Gen2 OAuth client ID.",
"type": "string",
"x-versionadded": "v2.27"
},
"clientSecret": {
"description": "ADLS Gen2 OAuth client secret.",
"type": "string",
"x-versionadded": "v2.27"
},
"configId": {
"description": "ID of secure configuration to share ADLS OAuth credentials by admin.",
"type": "string",
"x-versionadded": "v2.35"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"adls_gen2_oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"oauthScopes": {
"description": "ADLS Gen2 OAuth scopes.",
"items": {
"description": "ADLS Gen2 OAuth scope.",
"type": "string"
},
"minItems": 1,
"type": "array",
"x-versionadded": "v2.27"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Azure OAuth client ID.",
"type": "string",
"x-versionadded": "v2.38"
},
"clientSecret": {
"description": "Azure OAuth client secret.",
"type": "string",
"x-versionadded": "v2.38"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"azure_oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"oauthScopes": {
"description": "Azure OAuth scopes.",
"items": {
"description": "Azure OAuth scope.",
"type": "string"
},
"maxItems": 100,
"minItems": 1,
"type": "array",
"x-versionadded": "v2.38"
}
},
"required": [
"clientId",
"clientSecret",
"credentialType",
"name",
"oauthScopes"
],
"type": "object"
},
{
"properties": {
"authenticationId": {
"description": "The authentication ID for an external OAuth provider. Used to retrieve tokens from DataRobot OAuth service.",
"type": "string"
},
"credentialType": {
"description": "The type of these credentials, 'external_oauth_provider' here.",
"enum": [
"external_oauth_provider"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"authenticationId",
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"configId": {
"description": "The ID of the saved shared credentials. If specified, cannot include user, privateKeyStr, or passphrase.",
"type": "string",
"x-versionadded": "v2.32"
},
"credentialType": {
"description": "The type of these credentials, 'snowflake_key_pair_user_account' here.",
"enum": [
"snowflake_key_pair_user_account"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"passphrase": {
"description": "Optional passphrase to decrypt private key. Cannot include this parameter if configId is specified.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"privateKeyStr": {
"description": "Private key for key pair authentication. Required if configId is not specified. This cannot be included if configId is specified.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"user": {
"description": "Username for this credential. Required if configId is not specified. This cannot be included if configId is specified.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"credentialType": {
"description": "The type of these credentials, 'databricks_access_token_account' here.",
"enum": [
"databricks_access_token_account"
],
"type": "string"
},
"databricksAccessToken": {
"description": "Databricks personal access token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"databricksAccessToken",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Client ID for Databricks service principal.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.33"
},
"clientSecret": {
"description": "Client secret for Databricks service principal.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.33"
},
"configId": {
"description": "The ID of the saved shared credentials. If specified, cannot include clientId and clientSecret.",
"type": "string",
"x-versionadded": "v2.33"
},
"credentialType": {
"description": "The type of these credentials, 'databricks_service_principal_account' here.",
"enum": [
"databricks_service_principal_account"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"apiToken": {
"description": "API token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"api_token"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"apiToken",
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"authUrl": {
"description": "The URL used for SAP authentication.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
},
"clientId": {
"description": "SAP OAUTH client ID.",
"type": "string",
"x-versionadded": "v2.35"
},
"clientSecret": {
"description": "SAP OAUTH client secret.",
"type": "string",
"x-versionadded": "v2.35"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"sap_oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"sapAiApiUrl": {
"description": "The URL used for SAP AI API service.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
}
},
"required": [
"authUrl",
"clientId",
"clientSecret",
"credentialType",
"name",
"sapAiApiUrl"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Box JWT client ID.",
"type": "string",
"x-versionadded": "v2.41"
},
"clientSecret": {
"description": "Box JWT client secret.",
"type": "string",
"x-versionadded": "v2.41"
},
"configId": {
"description": "ID of secure configuration to share Box JWT credentials by admin.",
"type": "string",
"x-versionadded": "v2.41"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"box_jwt"
],
"type": "string",
"x-versionadded": "v2.41"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"enterpriseId": {
"description": "Box enterprise identifier.",
"type": "string",
"x-versionadded": "v2.41"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"passphrase": {
"description": "Passphrase for the Box JWT private key.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.41"
},
"privateKeyStr": {
"description": "RSA private key for Box JWT.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.41"
},
"publicKeyId": {
"description": "Box public key identifier.",
"type": "string",
"x-versionadded": "v2.41"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "The client ID for integrations that use a client ID and client secret (e.g., OAuth client credentials).",
"type": "string",
"x-versionadded": "v2.42"
},
"clientSecret": {
"description": "The client secret for integrations that use a client ID and client secret (e.g., OAuth client credentials).",
"type": "string",
"x-versionadded": "v2.42"
},
"configId": {
"description": "The ID of the shared secure configuration for the client ID and client secret (managed by an admin).",
"type": "string",
"x-versionadded": "v2.42"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"client_id_and_secret"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"credentialType": {
"description": "The type of these credentials, 'azure_sas' here.",
"enum": [
"azure_sas"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"sasToken": {
"description": "The Azure shared access signature (SAS) token for Data Lake Storage Gen2.",
"minLength": 1,
"type": "string"
}
},
"required": [
"credentialType",
"name",
"sasToken"
],
"type": "object"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | CredentialsBody | false | none |
Example responses¶
201 Response
{
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name"
],
"type": "object"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Credentials stored successfully. | CreateCredentialsResponse |
| 409 | Conflict | The specified name is already in use. | None |
List Credentials Associated By Association Id by association ID¶
Operation path: GET /api/v2/credentials/associations/{associationId}/
Authentication requirements: BearerAuth
Returns a list of credentials associated with the specified object for the given session user.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| offset | query | integer | false | The number of results to skip. |
| limit | query | integer | false | At most this many results are returned. The default may change without notice. |
| orderBy | query | string | false | Sort order which will be applied to credential associations list. Prefix the attribute name with a dash to sort in descending order, e.g. "-is_default". Absent by default. |
| associationId | path | string | true | The compound ID of the data connection. |
Enumerated Values¶
| Parameter | Value |
|---|---|
| orderBy | [isDefault, -isDefault] |
Example responses¶
200 Response
{
"properties": {
"count": {
"description": "The number of items returned on this page.",
"type": "integer"
},
"data": {
"description": "List of credentials associations.",
"items": {
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"isDefault": {
"description": "Whether this credential association with the given object is default for given session user.",
"type": "boolean"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
},
"objectId": {
"description": "Associated object id.",
"type": "string"
},
"objectType": {
"description": "Associated object type.",
"enum": [
"batchPredictionJobDefinition",
"dataconnection"
],
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name",
"objectId",
"objectType"
],
"type": "object"
},
"type": "array"
},
"next": {
"description": "The url of the next page (if null, there is no next page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"previous": {
"description": "The url of the previous page (if null, there is no previous page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"totalCount": {
"description": "The total number of items across all pages.",
"type": "integer"
}
},
"required": [
"data",
"next",
"previous",
"totalCount"
],
"type": "object"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of credentials associated with the object for the session user. | ListCredentialsAssociationsResponse |
Delete The Credentials Set By Credential Id by credential ID¶
Operation path: DELETE /api/v2/credentials/{credentialId}/
Authentication requirements: BearerAuth
Delete the credential set matching the specified ID if it is not used by any data connection or batch prediction job.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Credentials deleted successfully. | None |
| 409 | Conflict | Credentials are in use by one or more data connections or batch prediction jobs. | None |
Retrieve The Credentials Set By Credential Id by credential ID¶
Operation path: GET /api/v2/credentials/{credentialId}/
Authentication requirements: BearerAuth
Return the credential set matching the specified ID.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
Example responses¶
200 Response
{
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name"
],
"type": "object"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Credentials retrieved successfully. | CreateCredentialsResponse |
Update Specified Credentials By Credential Id by credential ID¶
Operation path: PATCH /api/v2/credentials/{credentialId}/
Authentication requirements: BearerAuth
Update specified credentials.
Body parameter¶
{
"properties": {
"apiToken": {
"description": "API token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"authUrl": {
"description": "The url used for sap oauth authentication.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
},
"authenticationId": {
"description": "Authorized external oauth provider identifier.",
"type": "string",
"x-versionadded": "v2.41"
},
"awsAccessKeyId": {
"description": "AWS access key id (applicable for credentialtype `s3` only).",
"type": "string"
},
"awsSecretAccessKey": {
"description": "The AWS secret access key (applicable for credentialtype `s3` only).",
"type": "string"
},
"awsSessionToken": {
"description": "The AWS session token (applicable for credentialtype `s3` only).",
"type": "string"
},
"azureConnectionString": {
"description": "Azure connection string (applicable for credentialtype `azure` only).",
"type": "string",
"x-versionadded": "v2.21"
},
"azureTenantId": {
"description": "Tenant id of the azure ad service principal (applicable for credentialtype `azure_service_principal` only).",
"type": "string",
"x-versionadded": "v2.30"
},
"clientId": {
"description": "Oauth client id (applicable for credentialtype `snowflake_oauth_user_account`, `adls_gen2_oauth`, `sap_oauth_account`, `azure_service_principal`, `azure_oauth` and `client_id_and_secret`).",
"type": "string",
"x-versionadded": "v2.23"
},
"clientSecret": {
"description": "Oauth client secret (applicable for credentialtype `snowflake_oauth_user_account`, `adls_gen2_oauth`, `sap_oauth_account`, `azure_service_principal`, `azure_oauth` and `client_id_and_secret`).",
"type": "string",
"x-versionadded": "v2.23"
},
"configId": {
"description": "Id of secure configuration credentials to share by admin. alternative to googleconfigid (deprecated).",
"type": "string",
"x-versionadded": "v2.32"
},
"databricksAccessToken": {
"description": "Databricks personal access token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"description": {
"description": "Description of credentials. if omitted, and name is not omitted, clears any previous description for that name.",
"type": "string"
},
"enterpriseId": {
"description": "Box enterprise identifier (applicable for credentialtype `box_jwt` only).",
"type": "string",
"x-versionadded": "v2.41"
},
"gcpKey": {
"description": "The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account *user managed key* (in the *iam & admin > service accounts section* of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified.",
"properties": {
"authProviderX509CertUrl": {
"description": "Auth provider x509 certificate url.",
"format": "uri",
"type": "string"
},
"authUri": {
"description": "Auth uri.",
"format": "uri",
"type": "string"
},
"clientEmail": {
"description": "Client email address.",
"type": "string"
},
"clientId": {
"description": "Client id.",
"type": "string"
},
"clientX509CertUrl": {
"description": "Client x509 certificate url.",
"format": "uri",
"type": "string"
},
"privateKey": {
"description": "Private key.",
"type": "string"
},
"privateKeyId": {
"description": "Private key id.",
"type": "string"
},
"projectId": {
"description": "Project id.",
"type": "string"
},
"tokenUri": {
"description": "Token uri.",
"format": "uri",
"type": "string"
},
"type": {
"description": "GCP account type.",
"enum": [
"service_account"
],
"type": "string"
}
},
"required": [
"type"
],
"type": "object"
},
"googleConfigId": {
"description": "Id of google configurations shared by admin (deprecated). please use configid instead.",
"type": "string",
"x-versionadded": "v2.30"
},
"name": {
"description": "Name of credentials.",
"type": "string"
},
"oauthConfigId": {
"description": "Id of snowflake oauth configurations shared by admin.",
"type": "string",
"x-versionadded": "v2.30"
},
"oauthIssuerType": {
"description": "Snowflake idp issuer type (applicable for credentialtype `snowflake_oauth_user_account` only).",
"enum": [
"azure",
"okta",
"snowflake"
],
"type": "string",
"x-versionadded": "v2.27"
},
"oauthIssuerUrl": {
"description": "Snowflake external idp issuer url (applicable for snowflake external oauth connections only).",
"format": "uri",
"type": "string",
"x-versionadded": "v2.27"
},
"oauthScopes": {
"description": "External oauth scopes (applicable for snowflake external oauth connections, credentialtype `snowflake_oauth_user_account`, `adls_gen2_oauth`, and `azure_oauth`).",
"items": {
"description": "AUTH scope.",
"type": "string"
},
"minItems": 1,
"type": "array",
"x-versionadded": "v2.27"
},
"passphrase": {
"description": "Optional passphrase to encrypt private key.(applicable for credentialtype `snowflake_key_pair_user_account` only).",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"password": {
"description": "Password to update for this set of credentials (applicable for credentialtype `basic` only).",
"type": "string"
},
"privateKeyStr": {
"description": "Private key for key pair authentication.(applicable for credentialtype `snowflake_key_pair_user_account` only).",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"publicKeyId": {
"description": "Box public key identifier (applicable for credentialtype `box_jwt` only).",
"type": "string",
"x-versionadded": "v2.41"
},
"refreshToken": {
"description": "Oauth refresh token (applicable for credentialtype `oauth` only).",
"type": "string"
},
"sapAiApiUrl": {
"description": "The url used for sap AI API service.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
},
"sasToken": {
"description": "The azure sas token (only applicable for credentialtype `azure_sas`).",
"type": "string",
"x-versionadded": "v2.45"
},
"snowflakeAccountName": {
"description": "Snowflake account name (applicable for `snowflake_oauth_user_account` only).",
"type": "string",
"x-versionadded": "v2.21"
},
"token": {
"description": "Oauth token (applicable for credentialtype `oauth` only).",
"type": "string"
},
"user": {
"description": "Username to update for this set of credentials (applicable for credentialtype `basic` and `snowflake_key_pair_user_account` only).",
"type": "string"
}
},
"type": "object"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
| body | body | CredentialsUpdate | false | none |
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Set of credentials updated | None |
| 404 | Not Found | Requested credentials not found | None |
| 409 | Conflict | The name specified for credentials is already in use. | None |
| 422 | Unprocessable Entity | Must specify at least one field to update | None |
List All Objects Associated By Credential Id by credential ID¶
Operation path: GET /api/v2/credentials/{credentialId}/associations/
Authentication requirements: BearerAuth
List all objects associated with specified credentials for the current user.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| offset | query | integer | false | The number of results to skip. |
| limit | query | integer | false | At most this many results are returned. The default may change without notice. |
| types | query | any | false | Includes only credentials of the specified type. Repeat the parameter for filtering on multiple statuses. |
| orderBy | query | string | false | The order to sort the credentials. Defaults to the order by the creation_date in descending order. |
| credentialId | path | string | true | Credentials entity ID. |
Enumerated Values¶
| Parameter | Value |
|---|---|
| orderBy | [creationDate, -creationDate] |
Example responses¶
200 Response
{
"properties": {
"count": {
"description": "The number of items returned on this page.",
"type": "integer"
},
"data": {
"description": "Objects associated with the specified credentials.",
"items": {
"properties": {
"isDefault": {
"description": "Whether this credential association with the given object is default for given session user.",
"type": "boolean"
},
"link": {
"description": "Link to get more details about associated object.",
"format": "uri",
"type": [
"string",
"null"
]
},
"objectId": {
"description": "Associated object id.",
"type": "string"
},
"objectType": {
"description": "Associated object type.",
"type": "string"
}
},
"required": [
"link",
"objectId",
"objectType"
],
"type": "object"
},
"type": "array"
},
"next": {
"description": "The url of the next page (if null, there is no next page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"previous": {
"description": "The url of the previous page (if null, there is no previous page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"totalCount": {
"description": "The total number of items across all pages.",
"type": "integer"
}
},
"required": [
"data",
"next",
"previous",
"totalCount"
],
"type": "object"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Objects associated with the specified credentials for the current user. | CredentialsListAssociationsResponse |
Add Objects Associated By Credential Id by credential ID¶
Operation path: PATCH /api/v2/credentials/{credentialId}/associations/
Authentication requirements: BearerAuth
Add objects associated with credentials.
Body parameter¶
{
"properties": {
"credentialsToAdd": {
"description": "Objects to associate with given credentials.",
"items": {
"properties": {
"objectId": {
"description": "Object id identifying the object to be associated with the credentials.",
"type": "string"
},
"objectType": {
"description": "Type of object associated with the credentials.",
"enum": [
"dataconnection"
],
"type": "string"
}
},
"required": [
"objectId",
"objectType"
],
"type": "object"
},
"minItems": 1,
"type": "array"
},
"credentialsToRemove": {
"description": "Object ids, each of which identifies an object to be disassociated from this credential. to see which objects are currently associated, see the response from [GET /api/v2/credentials/{credentialid}/associations/][get-apiv2credentialscredentialidassociations].",
"items": {
"description": "Object ID to be disassociated from given credentials.",
"type": "string"
},
"minItems": 1,
"type": "array"
}
},
"type": "object"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
| body | body | CredentialsAssociationUpdate | false | none |
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Credentials association updated. | None |
| 404 | Not Found | Requested credentials not found | None |
| 409 | Conflict | One or more associations already exist when adding or one or more associations do not exist. | None |
| 422 | Unprocessable Entity | Must specify a field to update or must specify only one of credentialsToAdd or credentialsToRemove. |
None |
Set Default Credentials By Credential Id by credential ID¶
Operation path: PUT /api/v2/credentials/{credentialId}/associations/{associationId}/
Authentication requirements: BearerAuth
Set (create or update) the credentials' association for the given Data Connection for the given session Owner for the given credentials.
Body parameter¶
{
"properties": {
"isDefault": {
"default": false,
"description": "Whether this credentials' association with the given object is default for given session user.",
"type": "boolean"
}
},
"type": "object"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| credentialId | path | string | true | Credentials entity ID. |
| associationId | path | string | true | The compound ID of the data connection. |
| body | body | SetCredentialsAssociationRequest | false | none |
Example responses¶
200 Response
{
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"isDefault": {
"description": "Whether this credential association with the given object is default for given session user.",
"type": "boolean"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
},
"objectId": {
"description": "Associated object id.",
"type": "string"
},
"objectType": {
"description": "Associated object type.",
"enum": [
"batchPredictionJobDefinition",
"dataconnection"
],
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name",
"objectId",
"objectType"
],
"type": "object"
}
Responses¶
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Credentials association was successfully set (created or updated). | RetrieveCredentialAssociationResponse |
| 201 | Created | New credential association was created. | None |
Schemas¶
CreateCredentialsResponse
{
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name"
],
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| creationDate | string(date-time) | true | Iso-8601 formatted date/time when these credentials were created. | |
| credentialId | string | true | Id of these credentials. | |
| credentialType | string | false | Type of credentials. | |
| description | string | false | Description of these credentials. | |
| name | string | true | Name of these credentials. |
Enumerated Values¶
| Property | Value |
|---|---|
| credentialType | [adls_gen2_oauth, api_token, azure, azure_oauth, azure_sas, azure_service_principal, basic, bearer, box_jwt, client_id_and_secret, databricks_access_token_account, databricks_service_principal_account, external_oauth_provider, gcp, oauth, rsa, s3, sap_oauth, snowflake_key_pair_user_account, snowflake_oauth_user_account, tableau_access_token] |
CredentialsAssociationUpdate
{
"properties": {
"credentialsToAdd": {
"description": "Objects to associate with given credentials.",
"items": {
"properties": {
"objectId": {
"description": "Object id identifying the object to be associated with the credentials.",
"type": "string"
},
"objectType": {
"description": "Type of object associated with the credentials.",
"enum": [
"dataconnection"
],
"type": "string"
}
},
"required": [
"objectId",
"objectType"
],
"type": "object"
},
"minItems": 1,
"type": "array"
},
"credentialsToRemove": {
"description": "Object ids, each of which identifies an object to be disassociated from this credential. to see which objects are currently associated, see the response from [GET /api/v2/credentials/{credentialid}/associations/][get-apiv2credentialscredentialidassociations].",
"items": {
"description": "Object ID to be disassociated from given credentials.",
"type": "string"
},
"minItems": 1,
"type": "array"
}
},
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| credentialsToAdd | [CredentialsToAdd] | false | minItems: 1 |
Objects to associate with given credentials. |
| credentialsToRemove | [string] | false | minItems: 1 |
Object ids, each of which identifies an object to be disassociated from this credential. to see which objects are currently associated, see the response from [GET /api/v2/credentials/{credentialid}/associations/][get-apiv2credentialscredentialidassociations]. |
CredentialsAssociationsData
{
"properties": {
"isDefault": {
"description": "Whether this credential association with the given object is default for given session user.",
"type": "boolean"
},
"link": {
"description": "Link to get more details about associated object.",
"format": "uri",
"type": [
"string",
"null"
]
},
"objectId": {
"description": "Associated object id.",
"type": "string"
},
"objectType": {
"description": "Associated object type.",
"type": "string"
}
},
"required": [
"link",
"objectId",
"objectType"
],
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| isDefault | boolean | false | Whether this credential association with the given object is default for given session user. | |
| link | string,null(uri) | true | Link to get more details about associated object. | |
| objectId | string | true | Associated object id. | |
| objectType | string | true | Associated object type. |
CredentialsBody
{
"discriminator": {
"propertyName": "credentialType"
},
"oneOf": [
{
"properties": {
"credentialType": {
"description": "The credential type.",
"enum": [
"basic"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"password": {
"description": "Password to store for these credentials.",
"type": "string"
},
"snowflakeAccountName": {
"description": "Snowflake account name.",
"type": "string",
"x-versionadded": "v2.21"
},
"user": {
"description": "Username to store for these credentials.",
"type": "string"
}
},
"required": [
"name",
"password",
"user"
],
"type": "object"
},
{
"properties": {
"credentialType": {
"description": "The credential type.",
"enum": [
"oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"refreshToken": {
"description": "OAUTH refresh token.",
"type": "string"
},
"token": {
"description": "OAUTH token.",
"type": "string"
}
},
"required": [
"credentialType",
"name",
"refreshToken",
"token"
],
"type": "object"
},
{
"properties": {
"awsAccessKeyId": {
"description": "The S3 AWS access key ID. Required if configId is not specified.Cannot include this parameter if configId is specified.",
"type": "string",
"x-versionadded": "v2.20"
},
"awsSecretAccessKey": {
"description": "The S3 AWS secret access key. Required if configId is not specified.Cannot include this parameter if configId is specified.",
"type": "string",
"x-versionadded": "v2.20"
},
"awsSessionToken": {
"default": null,
"description": "The S3 AWS session token for AWS temporary credentials.Cannot include this parameter if configId is specified.",
"type": [
"string",
"null"
],
"x-versionadded": "v2.20"
},
"configId": {
"description": "The ID of secure configurations of credentials shared by admin. If specified, cannot include awsAccessKeyId, awsSecretAccessKey or awsSessionToken.",
"type": "string",
"x-versionadded": "v2.32"
},
"credentialType": {
"description": "The type of these credentials, 's3' here.",
"enum": [
"s3"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"configId": {
"description": "The ID of secure configurations shared by admin. Alternative to googleConfigId (deprecated). If specified, cannot include gcpKey.",
"type": "string",
"x-versionadded": "v2.32"
},
"credentialType": {
"description": "The type of these credentials, 'gcp' here.",
"enum": [
"gcp"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"gcpKey": {
"description": "The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account *user managed key* (in the *iam & admin > service accounts section* of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified.",
"properties": {
"authProviderX509CertUrl": {
"description": "Auth provider x509 certificate url.",
"format": "uri",
"type": "string"
},
"authUri": {
"description": "Auth uri.",
"format": "uri",
"type": "string"
},
"clientEmail": {
"description": "Client email address.",
"type": "string"
},
"clientId": {
"description": "Client id.",
"type": "string"
},
"clientX509CertUrl": {
"description": "Client x509 certificate url.",
"format": "uri",
"type": "string"
},
"privateKey": {
"description": "Private key.",
"type": "string"
},
"privateKeyId": {
"description": "Private key id.",
"type": "string"
},
"projectId": {
"description": "Project id.",
"type": "string"
},
"tokenUri": {
"description": "Token uri.",
"format": "uri",
"type": "string"
},
"type": {
"description": "GCP account type.",
"enum": [
"service_account"
],
"type": "string"
}
},
"required": [
"type"
],
"type": "object"
},
"googleConfigId": {
"description": "The ID of secure configurations shared by admin. This is deprecated. Please use configId instead. If specified, cannot include gcpKey.",
"type": "string",
"x-versionadded": "v2.30"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"azureConnectionString": {
"description": "The Azure connection string.",
"type": "string",
"x-versionadded": "v2.21"
},
"credentialType": {
"description": "The type of these credentials, 'azure' here.",
"enum": [
"azure"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"azureConnectionString",
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"azureTenantId": {
"description": "Tenant ID of the Azure AD service principal.",
"type": "string",
"x-versionadded": "v2.30"
},
"clientId": {
"description": "Client ID of the Azure AD service principal.",
"type": "string",
"x-versionadded": "v2.30"
},
"clientSecret": {
"description": "Client Secret of the Azure AD service principal.",
"type": "string",
"x-versionadded": "v2.30"
},
"configId": {
"description": "The ID of the secure configuration to share Azure service principal credentials by admin.",
"type": "string",
"x-versionadded": "v2.35"
},
"credentialType": {
"description": "The type of these credentials, 'azure_service_principal' here.",
"enum": [
"azure_service_principal"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Snowflake OAUTH client ID.",
"type": "string",
"x-versionadded": "v2.23"
},
"clientSecret": {
"description": "Snowflake OAUTH client secret.",
"type": "string",
"x-versionadded": "v2.23"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"snowflake_oauth_user_account"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"oauthConfigId": {
"description": "ID of snowflake OAuth configurations shared by admin.",
"type": "string",
"x-versionadded": "v2.30"
},
"oauthIssuerType": {
"description": "OAuth issuer type.",
"enum": [
"azure",
"okta",
"snowflake"
],
"type": "string",
"x-versionadded": "v2.27"
},
"oauthIssuerUrl": {
"description": "OAuth issuer URL.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.27"
},
"oauthScopes": {
"description": "OAuth scopes.",
"items": {
"description": "OAuth scope.",
"type": "string"
},
"minItems": 1,
"type": "array",
"x-versionadded": "v2.27"
},
"snowflakeAccountName": {
"description": "Snowflake account name.",
"type": "string",
"x-versionadded": "v2.21"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "ADLS Gen2 OAuth client ID.",
"type": "string",
"x-versionadded": "v2.27"
},
"clientSecret": {
"description": "ADLS Gen2 OAuth client secret.",
"type": "string",
"x-versionadded": "v2.27"
},
"configId": {
"description": "ID of secure configuration to share ADLS OAuth credentials by admin.",
"type": "string",
"x-versionadded": "v2.35"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"adls_gen2_oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"oauthScopes": {
"description": "ADLS Gen2 OAuth scopes.",
"items": {
"description": "ADLS Gen2 OAuth scope.",
"type": "string"
},
"minItems": 1,
"type": "array",
"x-versionadded": "v2.27"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Azure OAuth client ID.",
"type": "string",
"x-versionadded": "v2.38"
},
"clientSecret": {
"description": "Azure OAuth client secret.",
"type": "string",
"x-versionadded": "v2.38"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"azure_oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"oauthScopes": {
"description": "Azure OAuth scopes.",
"items": {
"description": "Azure OAuth scope.",
"type": "string"
},
"maxItems": 100,
"minItems": 1,
"type": "array",
"x-versionadded": "v2.38"
}
},
"required": [
"clientId",
"clientSecret",
"credentialType",
"name",
"oauthScopes"
],
"type": "object"
},
{
"properties": {
"authenticationId": {
"description": "The authentication ID for an external OAuth provider. Used to retrieve tokens from DataRobot OAuth service.",
"type": "string"
},
"credentialType": {
"description": "The type of these credentials, 'external_oauth_provider' here.",
"enum": [
"external_oauth_provider"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"authenticationId",
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"configId": {
"description": "The ID of the saved shared credentials. If specified, cannot include user, privateKeyStr, or passphrase.",
"type": "string",
"x-versionadded": "v2.32"
},
"credentialType": {
"description": "The type of these credentials, 'snowflake_key_pair_user_account' here.",
"enum": [
"snowflake_key_pair_user_account"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"passphrase": {
"description": "Optional passphrase to decrypt private key. Cannot include this parameter if configId is specified.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"privateKeyStr": {
"description": "Private key for key pair authentication. Required if configId is not specified. This cannot be included if configId is specified.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"user": {
"description": "Username for this credential. Required if configId is not specified. This cannot be included if configId is specified.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"credentialType": {
"description": "The type of these credentials, 'databricks_access_token_account' here.",
"enum": [
"databricks_access_token_account"
],
"type": "string"
},
"databricksAccessToken": {
"description": "Databricks personal access token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"databricksAccessToken",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Client ID for Databricks service principal.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.33"
},
"clientSecret": {
"description": "Client secret for Databricks service principal.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.33"
},
"configId": {
"description": "The ID of the saved shared credentials. If specified, cannot include clientId and clientSecret.",
"type": "string",
"x-versionadded": "v2.33"
},
"credentialType": {
"description": "The type of these credentials, 'databricks_service_principal_account' here.",
"enum": [
"databricks_service_principal_account"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"apiToken": {
"description": "API token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"api_token"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"apiToken",
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"authUrl": {
"description": "The URL used for SAP authentication.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
},
"clientId": {
"description": "SAP OAUTH client ID.",
"type": "string",
"x-versionadded": "v2.35"
},
"clientSecret": {
"description": "SAP OAUTH client secret.",
"type": "string",
"x-versionadded": "v2.35"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"sap_oauth"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"sapAiApiUrl": {
"description": "The URL used for SAP AI API service.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
}
},
"required": [
"authUrl",
"clientId",
"clientSecret",
"credentialType",
"name",
"sapAiApiUrl"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "Box JWT client ID.",
"type": "string",
"x-versionadded": "v2.41"
},
"clientSecret": {
"description": "Box JWT client secret.",
"type": "string",
"x-versionadded": "v2.41"
},
"configId": {
"description": "ID of secure configuration to share Box JWT credentials by admin.",
"type": "string",
"x-versionadded": "v2.41"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"box_jwt"
],
"type": "string",
"x-versionadded": "v2.41"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"enterpriseId": {
"description": "Box enterprise identifier.",
"type": "string",
"x-versionadded": "v2.41"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"passphrase": {
"description": "Passphrase for the Box JWT private key.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.41"
},
"privateKeyStr": {
"description": "RSA private key for Box JWT.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.41"
},
"publicKeyId": {
"description": "Box public key identifier.",
"type": "string",
"x-versionadded": "v2.41"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"clientId": {
"description": "The client ID for integrations that use a client ID and client secret (e.g., OAuth client credentials).",
"type": "string",
"x-versionadded": "v2.42"
},
"clientSecret": {
"description": "The client secret for integrations that use a client ID and client secret (e.g., OAuth client credentials).",
"type": "string",
"x-versionadded": "v2.42"
},
"configId": {
"description": "The ID of the shared secure configuration for the client ID and client secret (managed by an admin).",
"type": "string",
"x-versionadded": "v2.42"
},
"credentialType": {
"description": "The credential type.",
"enum": [
"client_id_and_secret"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
}
},
"required": [
"credentialType",
"name"
],
"type": "object"
},
{
"properties": {
"credentialType": {
"description": "The type of these credentials, 'azure_sas' here.",
"enum": [
"azure_sas"
],
"type": "string"
},
"description": {
"description": "Credentials description.",
"type": "string"
},
"name": {
"description": "Credentials name.",
"type": "string"
},
"sasToken": {
"description": "The Azure shared access signature (SAS) token for Data Lake Storage Gen2.",
"minLength": 1,
"type": "string"
}
},
"required": [
"credentialType",
"name",
"sasToken"
],
"type": "object"
}
]
}
Properties¶
oneOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » credentialType | string | false | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » password | string | true | Password to store for these credentials. | |
| » snowflakeAccountName | string | false | Snowflake account name. | |
| » user | string | true | Username to store for these credentials. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » refreshToken | string | true | OAUTH refresh token. | |
| » token | string | true | OAUTH token. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » awsAccessKeyId | string | false | The S3 AWS access key ID. Required if configId is not specified.Cannot include this parameter if configId is specified. | |
| » awsSecretAccessKey | string | false | The S3 AWS secret access key. Required if configId is not specified.Cannot include this parameter if configId is specified. | |
| » awsSessionToken | string,null | false | The S3 AWS session token for AWS temporary credentials.Cannot include this parameter if configId is specified. | |
| » configId | string | false | The ID of secure configurations of credentials shared by admin. If specified, cannot include awsAccessKeyId, awsSecretAccessKey or awsSessionToken. | |
| » credentialType | string | true | The type of these credentials, 's3' here. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » configId | string | false | The ID of secure configurations shared by admin. Alternative to googleConfigId (deprecated). If specified, cannot include gcpKey. | |
| » credentialType | string | true | The type of these credentials, 'gcp' here. | |
| » description | string | false | Credentials description. | |
| » gcpKey | GCPKey | false | The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account user managed key (in the iam & admin > service accounts section of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified. | |
| » googleConfigId | string | false | The ID of secure configurations shared by admin. This is deprecated. Please use configId instead. If specified, cannot include gcpKey. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » azureConnectionString | string | true | The Azure connection string. | |
| » credentialType | string | true | The type of these credentials, 'azure' here. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » azureTenantId | string | false | Tenant ID of the Azure AD service principal. | |
| » clientId | string | false | Client ID of the Azure AD service principal. | |
| » clientSecret | string | false | Client Secret of the Azure AD service principal. | |
| » configId | string | false | The ID of the secure configuration to share Azure service principal credentials by admin. | |
| » credentialType | string | true | The type of these credentials, 'azure_service_principal' here. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | Snowflake OAUTH client ID. | |
| » clientSecret | string | false | Snowflake OAUTH client secret. | |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » oauthConfigId | string | false | ID of snowflake OAuth configurations shared by admin. | |
| » oauthIssuerType | string | false | OAuth issuer type. | |
| » oauthIssuerUrl | string(uri) | false | OAuth issuer URL. | |
| » oauthScopes | [string] | false | minItems: 1 |
OAuth scopes. |
| » snowflakeAccountName | string | false | Snowflake account name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | ADLS Gen2 OAuth client ID. | |
| » clientSecret | string | false | ADLS Gen2 OAuth client secret. | |
| » configId | string | false | ID of secure configuration to share ADLS OAuth credentials by admin. | |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » oauthScopes | [string] | false | minItems: 1 |
ADLS Gen2 OAuth scopes. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | true | Azure OAuth client ID. | |
| » clientSecret | string | true | Azure OAuth client secret. | |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » oauthScopes | [string] | true | maxItems: 100 minItems: 1 |
Azure OAuth scopes. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » authenticationId | string | true | The authentication ID for an external OAuth provider. Used to retrieve tokens from DataRobot OAuth service. | |
| » credentialType | string | true | The type of these credentials, 'external_oauth_provider' here. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » configId | string | false | The ID of the saved shared credentials. If specified, cannot include user, privateKeyStr, or passphrase. | |
| » credentialType | string | true | The type of these credentials, 'snowflake_key_pair_user_account' here. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » passphrase | string | false | minLength: 1 minLength: 1 |
Optional passphrase to decrypt private key. Cannot include this parameter if configId is specified. |
| » privateKeyStr | string | false | minLength: 1 minLength: 1 |
Private key for key pair authentication. Required if configId is not specified. This cannot be included if configId is specified. |
| » user | string | false | Username for this credential. Required if configId is not specified. This cannot be included if configId is specified. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » credentialType | string | true | The type of these credentials, 'databricks_access_token_account' here. | |
| » databricksAccessToken | string | true | minLength: 1 minLength: 1 |
Databricks personal access token. |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | minLength: 1 minLength: 1 |
Client ID for Databricks service principal. |
| » clientSecret | string | false | minLength: 1 minLength: 1 |
Client secret for Databricks service principal. |
| » configId | string | false | The ID of the saved shared credentials. If specified, cannot include clientId and clientSecret. | |
| » credentialType | string | true | The type of these credentials, 'databricks_service_principal_account' here. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » apiToken | string | true | minLength: 1 minLength: 1 |
API token. |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » authUrl | string(uri) | true | The URL used for SAP authentication. | |
| » clientId | string | true | SAP OAUTH client ID. | |
| » clientSecret | string | true | SAP OAUTH client secret. | |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » sapAiApiUrl | string(uri) | true | The URL used for SAP AI API service. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | Box JWT client ID. | |
| » clientSecret | string | false | Box JWT client secret. | |
| » configId | string | false | ID of secure configuration to share Box JWT credentials by admin. | |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » enterpriseId | string | false | Box enterprise identifier. | |
| » name | string | true | Credentials name. | |
| » passphrase | string | false | minLength: 1 minLength: 1 |
Passphrase for the Box JWT private key. |
| » privateKeyStr | string | false | minLength: 1 minLength: 1 |
RSA private key for Box JWT. |
| » publicKeyId | string | false | Box public key identifier. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » clientId | string | false | The client ID for integrations that use a client ID and client secret (e.g., OAuth client credentials). | |
| » clientSecret | string | false | The client secret for integrations that use a client ID and client secret (e.g., OAuth client credentials). | |
| » configId | string | false | The ID of the shared secure configuration for the client ID and client secret (managed by an admin). | |
| » credentialType | string | true | The credential type. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. |
xor
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | |
| » credentialType | string | true | The type of these credentials, 'azure_sas' here. | |
| » description | string | false | Credentials description. | |
| » name | string | true | Credentials name. | |
| » sasToken | string | true | minLength: 1 minLength: 1 |
The Azure shared access signature (SAS) token for Data Lake Storage Gen2. |
Enumerated Values¶
| Property | Value |
|---|---|
| credentialType | basic |
| credentialType | oauth |
| credentialType | s3 |
| credentialType | gcp |
| credentialType | azure |
| credentialType | azure_service_principal |
| credentialType | snowflake_oauth_user_account |
| oauthIssuerType | [azure, okta, snowflake] |
| credentialType | adls_gen2_oauth |
| credentialType | azure_oauth |
| credentialType | external_oauth_provider |
| credentialType | snowflake_key_pair_user_account |
| credentialType | databricks_access_token_account |
| credentialType | databricks_service_principal_account |
| credentialType | api_token |
| credentialType | sap_oauth |
| credentialType | box_jwt |
| credentialType | client_id_and_secret |
| credentialType | azure_sas |
CredentialsListAssociationsResponse
{
"properties": {
"count": {
"description": "The number of items returned on this page.",
"type": "integer"
},
"data": {
"description": "Objects associated with the specified credentials.",
"items": {
"properties": {
"isDefault": {
"description": "Whether this credential association with the given object is default for given session user.",
"type": "boolean"
},
"link": {
"description": "Link to get more details about associated object.",
"format": "uri",
"type": [
"string",
"null"
]
},
"objectId": {
"description": "Associated object id.",
"type": "string"
},
"objectType": {
"description": "Associated object type.",
"type": "string"
}
},
"required": [
"link",
"objectId",
"objectType"
],
"type": "object"
},
"type": "array"
},
"next": {
"description": "The url of the next page (if null, there is no next page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"previous": {
"description": "The url of the previous page (if null, there is no previous page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"totalCount": {
"description": "The total number of items across all pages.",
"type": "integer"
}
},
"required": [
"data",
"next",
"previous",
"totalCount"
],
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| count | integer | false | The number of items returned on this page. | |
| data | [CredentialsAssociationsData] | true | Objects associated with the specified credentials. | |
| next | string,null(uri) | true | The url of the next page (if null, there is no next page). | |
| previous | string,null(uri) | true | The url of the previous page (if null, there is no previous page). | |
| totalCount | integer | true | The total number of items across all pages. |
CredentialsListResponse
{
"properties": {
"count": {
"description": "The number of items returned on this page.",
"type": "integer"
},
"data": {
"description": "List of credentials.",
"items": {
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name"
],
"type": "object"
},
"type": "array"
},
"next": {
"description": "The url of the next page (if null, there is no next page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"previous": {
"description": "The url of the previous page (if null, there is no previous page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"totalCount": {
"description": "The total number of items across all pages.",
"type": "integer"
}
},
"required": [
"data",
"next",
"previous",
"totalCount"
],
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| count | integer | false | The number of items returned on this page. | |
| data | [CreateCredentialsResponse] | true | List of credentials. | |
| next | string,null(uri) | true | The url of the next page (if null, there is no next page). | |
| previous | string,null(uri) | true | The url of the previous page (if null, there is no previous page). | |
| totalCount | integer | true | The total number of items across all pages. |
CredentialsToAdd
{
"properties": {
"objectId": {
"description": "Object id identifying the object to be associated with the credentials.",
"type": "string"
},
"objectType": {
"description": "Type of object associated with the credentials.",
"enum": [
"dataconnection"
],
"type": "string"
}
},
"required": [
"objectId",
"objectType"
],
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| objectId | string | true | Object id identifying the object to be associated with the credentials. | |
| objectType | string | true | Type of object associated with the credentials. |
Enumerated Values¶
| Property | Value |
|---|---|
| objectType | dataconnection |
CredentialsUpdate
{
"properties": {
"apiToken": {
"description": "API token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"authUrl": {
"description": "The url used for sap oauth authentication.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
},
"authenticationId": {
"description": "Authorized external oauth provider identifier.",
"type": "string",
"x-versionadded": "v2.41"
},
"awsAccessKeyId": {
"description": "AWS access key id (applicable for credentialtype `s3` only).",
"type": "string"
},
"awsSecretAccessKey": {
"description": "The AWS secret access key (applicable for credentialtype `s3` only).",
"type": "string"
},
"awsSessionToken": {
"description": "The AWS session token (applicable for credentialtype `s3` only).",
"type": "string"
},
"azureConnectionString": {
"description": "Azure connection string (applicable for credentialtype `azure` only).",
"type": "string",
"x-versionadded": "v2.21"
},
"azureTenantId": {
"description": "Tenant id of the azure ad service principal (applicable for credentialtype `azure_service_principal` only).",
"type": "string",
"x-versionadded": "v2.30"
},
"clientId": {
"description": "Oauth client id (applicable for credentialtype `snowflake_oauth_user_account`, `adls_gen2_oauth`, `sap_oauth_account`, `azure_service_principal`, `azure_oauth` and `client_id_and_secret`).",
"type": "string",
"x-versionadded": "v2.23"
},
"clientSecret": {
"description": "Oauth client secret (applicable for credentialtype `snowflake_oauth_user_account`, `adls_gen2_oauth`, `sap_oauth_account`, `azure_service_principal`, `azure_oauth` and `client_id_and_secret`).",
"type": "string",
"x-versionadded": "v2.23"
},
"configId": {
"description": "Id of secure configuration credentials to share by admin. alternative to googleconfigid (deprecated).",
"type": "string",
"x-versionadded": "v2.32"
},
"databricksAccessToken": {
"description": "Databricks personal access token.",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.31"
},
"description": {
"description": "Description of credentials. if omitted, and name is not omitted, clears any previous description for that name.",
"type": "string"
},
"enterpriseId": {
"description": "Box enterprise identifier (applicable for credentialtype `box_jwt` only).",
"type": "string",
"x-versionadded": "v2.41"
},
"gcpKey": {
"description": "The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account *user managed key* (in the *iam & admin > service accounts section* of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified.",
"properties": {
"authProviderX509CertUrl": {
"description": "Auth provider x509 certificate url.",
"format": "uri",
"type": "string"
},
"authUri": {
"description": "Auth uri.",
"format": "uri",
"type": "string"
},
"clientEmail": {
"description": "Client email address.",
"type": "string"
},
"clientId": {
"description": "Client id.",
"type": "string"
},
"clientX509CertUrl": {
"description": "Client x509 certificate url.",
"format": "uri",
"type": "string"
},
"privateKey": {
"description": "Private key.",
"type": "string"
},
"privateKeyId": {
"description": "Private key id.",
"type": "string"
},
"projectId": {
"description": "Project id.",
"type": "string"
},
"tokenUri": {
"description": "Token uri.",
"format": "uri",
"type": "string"
},
"type": {
"description": "GCP account type.",
"enum": [
"service_account"
],
"type": "string"
}
},
"required": [
"type"
],
"type": "object"
},
"googleConfigId": {
"description": "Id of google configurations shared by admin (deprecated). please use configid instead.",
"type": "string",
"x-versionadded": "v2.30"
},
"name": {
"description": "Name of credentials.",
"type": "string"
},
"oauthConfigId": {
"description": "Id of snowflake oauth configurations shared by admin.",
"type": "string",
"x-versionadded": "v2.30"
},
"oauthIssuerType": {
"description": "Snowflake idp issuer type (applicable for credentialtype `snowflake_oauth_user_account` only).",
"enum": [
"azure",
"okta",
"snowflake"
],
"type": "string",
"x-versionadded": "v2.27"
},
"oauthIssuerUrl": {
"description": "Snowflake external idp issuer url (applicable for snowflake external oauth connections only).",
"format": "uri",
"type": "string",
"x-versionadded": "v2.27"
},
"oauthScopes": {
"description": "External oauth scopes (applicable for snowflake external oauth connections, credentialtype `snowflake_oauth_user_account`, `adls_gen2_oauth`, and `azure_oauth`).",
"items": {
"description": "AUTH scope.",
"type": "string"
},
"minItems": 1,
"type": "array",
"x-versionadded": "v2.27"
},
"passphrase": {
"description": "Optional passphrase to encrypt private key.(applicable for credentialtype `snowflake_key_pair_user_account` only).",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"password": {
"description": "Password to update for this set of credentials (applicable for credentialtype `basic` only).",
"type": "string"
},
"privateKeyStr": {
"description": "Private key for key pair authentication.(applicable for credentialtype `snowflake_key_pair_user_account` only).",
"minLength": 1,
"type": "string",
"x-versionadded": "v2.30"
},
"publicKeyId": {
"description": "Box public key identifier (applicable for credentialtype `box_jwt` only).",
"type": "string",
"x-versionadded": "v2.41"
},
"refreshToken": {
"description": "Oauth refresh token (applicable for credentialtype `oauth` only).",
"type": "string"
},
"sapAiApiUrl": {
"description": "The url used for sap AI API service.",
"format": "uri",
"type": "string",
"x-versionadded": "v2.35"
},
"sasToken": {
"description": "The azure sas token (only applicable for credentialtype `azure_sas`).",
"type": "string",
"x-versionadded": "v2.45"
},
"snowflakeAccountName": {
"description": "Snowflake account name (applicable for `snowflake_oauth_user_account` only).",
"type": "string",
"x-versionadded": "v2.21"
},
"token": {
"description": "Oauth token (applicable for credentialtype `oauth` only).",
"type": "string"
},
"user": {
"description": "Username to update for this set of credentials (applicable for credentialtype `basic` and `snowflake_key_pair_user_account` only).",
"type": "string"
}
},
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| apiToken | string | false | minLength: 1 minLength: 1 |
API token. |
| authUrl | string(uri) | false | The url used for sap oauth authentication. | |
| authenticationId | string | false | Authorized external oauth provider identifier. | |
| awsAccessKeyId | string | false | AWS access key id (applicable for credentialtype s3 only). |
|
| awsSecretAccessKey | string | false | The AWS secret access key (applicable for credentialtype s3 only). |
|
| awsSessionToken | string | false | The AWS session token (applicable for credentialtype s3 only). |
|
| azureConnectionString | string | false | Azure connection string (applicable for credentialtype azure only). |
|
| azureTenantId | string | false | Tenant id of the azure ad service principal (applicable for credentialtype azure_service_principal only). |
|
| clientId | string | false | Oauth client id (applicable for credentialtype snowflake_oauth_user_account, adls_gen2_oauth, sap_oauth_account, azure_service_principal, azure_oauth and client_id_and_secret). |
|
| clientSecret | string | false | Oauth client secret (applicable for credentialtype snowflake_oauth_user_account, adls_gen2_oauth, sap_oauth_account, azure_service_principal, azure_oauth and client_id_and_secret). |
|
| configId | string | false | Id of secure configuration credentials to share by admin. alternative to googleconfigid (deprecated). | |
| databricksAccessToken | string | false | minLength: 1 minLength: 1 |
Databricks personal access token. |
| description | string | false | Description of credentials. if omitted, and name is not omitted, clears any previous description for that name. | |
| enterpriseId | string | false | Box enterprise identifier (applicable for credentialtype box_jwt only). |
|
| gcpKey | GCPKey | false | The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account user managed key (in the iam & admin > service accounts section of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified. | |
| googleConfigId | string | false | Id of google configurations shared by admin (deprecated). please use configid instead. | |
| name | string | false | Name of credentials. | |
| oauthConfigId | string | false | Id of snowflake oauth configurations shared by admin. | |
| oauthIssuerType | string | false | Snowflake idp issuer type (applicable for credentialtype snowflake_oauth_user_account only). |
|
| oauthIssuerUrl | string(uri) | false | Snowflake external idp issuer url (applicable for snowflake external oauth connections only). | |
| oauthScopes | [string] | false | minItems: 1 |
External oauth scopes (applicable for snowflake external oauth connections, credentialtype snowflake_oauth_user_account, adls_gen2_oauth, and azure_oauth). |
| passphrase | string | false | minLength: 1 minLength: 1 |
Optional passphrase to encrypt private key.(applicable for credentialtype snowflake_key_pair_user_account only). |
| password | string | false | Password to update for this set of credentials (applicable for credentialtype basic only). |
|
| privateKeyStr | string | false | minLength: 1 minLength: 1 |
Private key for key pair authentication.(applicable for credentialtype snowflake_key_pair_user_account only). |
| publicKeyId | string | false | Box public key identifier (applicable for credentialtype box_jwt only). |
|
| refreshToken | string | false | Oauth refresh token (applicable for credentialtype oauth only). |
|
| sapAiApiUrl | string(uri) | false | The url used for sap AI API service. | |
| sasToken | string | false | The azure sas token (only applicable for credentialtype azure_sas). |
|
| snowflakeAccountName | string | false | Snowflake account name (applicable for snowflake_oauth_user_account only). |
|
| token | string | false | Oauth token (applicable for credentialtype oauth only). |
|
| user | string | false | Username to update for this set of credentials (applicable for credentialtype basic and snowflake_key_pair_user_account only). |
Enumerated Values¶
| Property | Value |
|---|---|
| oauthIssuerType | [azure, okta, snowflake] |
GCPKey
{
"description": "The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account *user managed key* (in the *iam & admin > service accounts section* of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified.",
"properties": {
"authProviderX509CertUrl": {
"description": "Auth provider x509 certificate url.",
"format": "uri",
"type": "string"
},
"authUri": {
"description": "Auth uri.",
"format": "uri",
"type": "string"
},
"clientEmail": {
"description": "Client email address.",
"type": "string"
},
"clientId": {
"description": "Client id.",
"type": "string"
},
"clientX509CertUrl": {
"description": "Client x509 certificate url.",
"format": "uri",
"type": "string"
},
"privateKey": {
"description": "Private key.",
"type": "string"
},
"privateKeyId": {
"description": "Private key id.",
"type": "string"
},
"projectId": {
"description": "Project id.",
"type": "string"
},
"tokenUri": {
"description": "Token uri.",
"format": "uri",
"type": "string"
},
"type": {
"description": "GCP account type.",
"enum": [
"service_account"
],
"type": "string"
}
},
"required": [
"type"
],
"type": "object"
}
The google cloud platform (gcp) key. output is the downloaded JSON resulting from creating a service account user managed key (in the iam & admin > service accounts section of gcp).required if googleconfigid/configid is not specified.cannot include this parameter if googleconfigid/configid is specified.
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| authProviderX509CertUrl | string(uri) | false | Auth provider x509 certificate url. | |
| authUri | string(uri) | false | Auth uri. | |
| clientEmail | string | false | Client email address. | |
| clientId | string | false | Client id. | |
| clientX509CertUrl | string(uri) | false | Client x509 certificate url. | |
| privateKey | string | false | Private key. | |
| privateKeyId | string | false | Private key id. | |
| projectId | string | false | Project id. | |
| tokenUri | string(uri) | false | Token uri. | |
| type | string | true | GCP account type. |
Enumerated Values¶
| Property | Value |
|---|---|
| type | service_account |
ListCredentialsAssociationsResponse
{
"properties": {
"count": {
"description": "The number of items returned on this page.",
"type": "integer"
},
"data": {
"description": "List of credentials associations.",
"items": {
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"isDefault": {
"description": "Whether this credential association with the given object is default for given session user.",
"type": "boolean"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
},
"objectId": {
"description": "Associated object id.",
"type": "string"
},
"objectType": {
"description": "Associated object type.",
"enum": [
"batchPredictionJobDefinition",
"dataconnection"
],
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name",
"objectId",
"objectType"
],
"type": "object"
},
"type": "array"
},
"next": {
"description": "The url of the next page (if null, there is no next page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"previous": {
"description": "The url of the previous page (if null, there is no previous page).",
"format": "uri",
"type": [
"string",
"null"
]
},
"totalCount": {
"description": "The total number of items across all pages.",
"type": "integer"
}
},
"required": [
"data",
"next",
"previous",
"totalCount"
],
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| count | integer | false | The number of items returned on this page. | |
| data | [RetrieveCredentialAssociationResponse] | true | List of credentials associations. | |
| next | string,null(uri) | true | The url of the next page (if null, there is no next page). | |
| previous | string,null(uri) | true | The url of the previous page (if null, there is no previous page). | |
| totalCount | integer | true | The total number of items across all pages. |
RetrieveCredentialAssociationResponse
{
"properties": {
"creationDate": {
"description": "Iso-8601 formatted date/time when these credentials were created.",
"format": "date-time",
"type": "string"
},
"credentialId": {
"description": "Id of these credentials.",
"type": "string"
},
"credentialType": {
"default": "basic",
"description": "Type of credentials.",
"enum": [
"adls_gen2_oauth",
"api_token",
"azure",
"azure_oauth",
"azure_sas",
"azure_service_principal",
"basic",
"bearer",
"box_jwt",
"client_id_and_secret",
"databricks_access_token_account",
"databricks_service_principal_account",
"external_oauth_provider",
"gcp",
"oauth",
"rsa",
"s3",
"sap_oauth",
"snowflake_key_pair_user_account",
"snowflake_oauth_user_account",
"tableau_access_token"
],
"type": "string"
},
"description": {
"description": "Description of these credentials.",
"type": "string"
},
"isDefault": {
"description": "Whether this credential association with the given object is default for given session user.",
"type": "boolean"
},
"name": {
"description": "Name of these credentials.",
"type": "string"
},
"objectId": {
"description": "Associated object id.",
"type": "string"
},
"objectType": {
"description": "Associated object type.",
"enum": [
"batchPredictionJobDefinition",
"dataconnection"
],
"type": "string"
}
},
"required": [
"creationDate",
"credentialId",
"name",
"objectId",
"objectType"
],
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| creationDate | string(date-time) | true | Iso-8601 formatted date/time when these credentials were created. | |
| credentialId | string | true | Id of these credentials. | |
| credentialType | string | false | Type of credentials. | |
| description | string | false | Description of these credentials. | |
| isDefault | boolean | false | Whether this credential association with the given object is default for given session user. | |
| name | string | true | Name of these credentials. | |
| objectId | string | true | Associated object id. | |
| objectType | string | true | Associated object type. |
Enumerated Values¶
| Property | Value |
|---|---|
| credentialType | [adls_gen2_oauth, api_token, azure, azure_oauth, azure_sas, azure_service_principal, basic, bearer, box_jwt, client_id_and_secret, databricks_access_token_account, databricks_service_principal_account, external_oauth_provider, gcp, oauth, rsa, s3, sap_oauth, snowflake_key_pair_user_account, snowflake_oauth_user_account, tableau_access_token] |
| objectType | [batchPredictionJobDefinition, dataconnection] |
SetCredentialsAssociationRequest
{
"properties": {
"isDefault": {
"default": false,
"description": "Whether this credentials' association with the given object is default for given session user.",
"type": "boolean"
}
},
"type": "object"
}
Properties¶
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| isDefault | boolean | false | Whether this credentials' association with the given object is default for given session user. |