Ana içeriğe atla

Endpoint

POST /apiops/projects/{projectName}/credentials/

Authentication

Requires a Personal API Access Token. 
Authorization: Bearer YOUR_TOKEN

Request

Headers

HeaderValueRequired
AuthorizationBearer Yes
Content-Typeapplication/jsonYes

Path Parameters

ParameterTypeRequiredDescription
projectNamestringYesProject name

Request Body

Full JSON Body Example - Basic Credential

{
  "email": "[email protected]",
  "fullName": "John Doe",
  "description": "API user credential",
  "username": "api-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER"
  ],
  "enabled": true,
  "ipList": [],
  "expireDate": null
}

Full JSON Body Example - Credential with IP Restrictions

{
  "email": "[email protected]",
  "fullName": "Restricted User",
  "description": "Credential with IP restrictions",
  "username": "restricted-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER",
    "DEVELOPER"
  ],
  "enabled": true,
  "ipList": [
    "192.168.1.100",
    "10.0.0.0/8",
    "172.16.0.0/12"
  ],
  "expireDate": null
}

Full JSON Body Example - Credential with Expiration Date

{
  "email": "[email protected]",
  "fullName": "Temporary User",
  "description": "Temporary credential with expiration",
  "username": "temp-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER"
  ],
  "enabled": true,
  "ipList": [],
  "expireDate": "2024-12-31T23:59:59.000Z"
}

Full JSON Body Example - Disabled Credential

{
  "email": "[email protected]",
  "fullName": "Disabled User",
  "description": "Disabled credential",
  "username": "disabled-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER"
  ],
  "enabled": false,
  "ipList": [],
  "expireDate": null
}

Request Body Fields

FieldTypeRequiredDefaultDescription
emailstringYes-Email address of the credential holder
fullNamestringYes-Full name of the credential holder
descriptionstringNo-Description of the credential
usernamestringYes-Username (unique identifier, must be unique across all credentials)
passwordstringYes-Password for the credential
roleNameListarray[string]No[]List of role names assigned to the credential
enabledbooleanNotrueWhether the credential is enabled
ipListarray[string]No[]List of allowed IP addresses/CIDR ranges
expireDatestring|nullNonullExpiration date in ISO 8601 format (e.g., “2024-12-31T23:59:59.000Z”)

Notes

  • username must be unique across all credentials
  • password must not be empty
  • email must be a valid email address format
  • fullName must not be empty
  • roleNameList must contain valid role names that exist in the system
  • ipList can contain individual IP addresses (e.g., “192.168.1.100”) or CIDR ranges (e.g., “10.0.0.0/8”)
  • expireDate is in ISO 8601 format (UTC). Use null for no expiration
  • enabled defaults to true if not specified
  • Credential is automatically deployed to all environments in the project

Response

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "message": "Deployment completed successfully",
    "environmentResults": [
      {
        "environmentName": "production",
        "success": true,
        "message": "Deployed successfully"
      },
      {
        "environmentName": "staging",
        "success": true,
        "message": "Deployed successfully"
      }
    ]
  }
}

Response Fields

FieldTypeDescription
successbooleanIndicates if the request was successful
deploymentResultobjectDeployment result. See Deployment Result Object

Deployment Result Object

FieldTypeDescription
successbooleanOverall deployment success status
messagestringDeployment message
environmentResultsarray[object]Results per environment

Environment Result Object

FieldTypeDescription
environmentNamestringEnvironment name
successbooleanDeployment success status for this environment
messagestringDeployment message for this environment

Error Response (400 Bad Request)

{
  "error": "bad_request",
  "error_description": "Credential username can not be empty!"
}
or 
{
  "error": "bad_request",
  "error_description": "Credential password can not be empty!"
}
or 
{
  "error": "bad_request",
  "error_description": "Credential full name can not be empty!"
}
or 
{
  "error": "bad_request",
  "error_description": "Credential email can not be empty!"
}
or 
{
  "error": "bad_request",
  "error_description": "There is already a credential has this name!"
}

Common Causes

  • Missing required fields (username, password, fullName, email)
  • Username already exists
  • Invalid email format
  • Invalid role names in roleNameList
  • Invalid date format for expireDate

Error Response (401 Unauthorized)

{
  "error": "unauthorized_client",
  "error_description": "Invalid token"
}

Error Response (404 Not Found)

{
  "error": "not_found",
  "error_description": "Project(MyProject) was not found or user does not have privilege to access it!"
}

cURL Example

Example 1: Create Basic Credential

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "fullName": "John Doe",
    "description": "API user credential",
    "username": "api-user",
    "password": "SecurePassword123!",
    "roleNameList": [
      "API_USER"
    ],
    "enabled": true,
    "ipList": [],
    "expireDate": null
  }'

Example 2: Create Credential with IP Restrictions

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "fullName": "Restricted User",
    "username": "restricted-user",
    "password": "SecurePassword123!",
    "roleNameList": [
      "API_USER"
    ],
    "enabled": true,
    "ipList": [
      "192.168.1.100",
      "10.0.0.0/8"
    ],
    "expireDate": null
  }'

Example 3: Create Credential with Expiration

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "fullName": "Temporary User",
    "username": "temp-user",
    "password": "SecurePassword123!",
    "roleNameList": [
      "API_USER"
    ],
    "enabled": true,
    "ipList": [],
    "expireDate": "2024-12-31T23:59:59.000Z"
  }'

Notes and Warnings

  • Username Uniqueness:
    • Username must be unique across all credentials
    • If username already exists, creation will fail
  • Password Requirements:
    • Password must not be empty
    • Use strong passwords for security
    • Passwords are stored securely (hashed)
  • Email Validation:
    • Email must be provided and not empty
    • Email format should be valid
  • Full Name:
    • Full name must be provided and not empty
    • Used for identification purposes
  • Role Names:
    • Role names must exist in the system
    • Invalid role names will cause validation errors
    • Empty role list is allowed (no roles assigned)
  • IP Restrictions:
    • IP list can contain individual IPs or CIDR ranges
    • Empty IP list means no IP restrictions
    • Invalid IP formats may cause errors
  • Expiration Date:
    • Use ISO 8601 format (UTC): “YYYY-MM-DDTHH:mm:ss.sssZ”
    • Use null for no expiration
    • Expired credentials cannot be used for authentication
  • Enabled Status:
    • Defaults to true if not specified
    • Disabled credentials cannot be used for authentication
  • Automatic Deployment:
    • Credential is automatically deployed to all environments
    • Deployment results are returned in the response
    • Failed deployments are included in environmentResults

Permissions

  • User must have IDENTITY + MANAGE permission in the project
  • For automatic deployment, user must also have IDENTITY + DEPLOY_UNDEPLOY permission