This page covers configuration and management of View credential objects.

Object Overview

Credentials define the access material by which users have access to View and the data stored therein.

Endpoint, URL, and Supported Methods

Objects are managed via the configuration server API at [http|https]://[hostname]:[port]/v1.0/tenants/[tenant-guid]/credentials

By default, the configuration server is accessible on port 8601.

Supported methods include: GET HEAD PUT DELETE

Structure

Objects have the following structure:

{
    "GUID": "default",
    "TenantGUID": "default",
    "UserGUID": "default",
    "AccessKey": "***ault",
    "SecretKey": "***ault",
    "Active": true,
    "CreatedUtc": "2024-07-10T05:09:31.000000Z"
}

Properties:

  • GUID string globally unique identifier for the object
  • TenantGUID string globally unique identifier for the tenant
  • UserGUID string globally unique identifier for the user
  • AccessKey string the access key
  • SecretKey string the secret key
  • Active bool indicates whether or not the user is considered active and able to be used
  • CreatedUtc datetime timestamp from creation, in UTC time

Important: the user's password is never stored by View, but rather the SHA-256 hash within the PasswordSha256 property. As such this property is redacted when retrieving, enumerating, or updating the user object.

Create

To create, call PUT /v1.0/tenants/[tenant-guid]/credentials with the following properties using the configuration server: UserGUID

IMPORTANT: the only time the access key and secret key are returned to you is during the create operation. After this, a redacted access key and secret key will be returned to you. Take note of the access key and secret key from the response body.

curl -X PUT http://localhost:8601/v1.0/tenants/[tenant-guid]/credentials \
     -H "Content-Type: application/json" \
     -H "Authorization: Bearer [accesskey]" \
     -d '
{
  "UserGUID": "[guid]"
}'

Enumerate

Refer to the Enumeration page in REST API for details about the use of enumeration APIs.

Enumerate objects by using GET /v2.0/tenants/[tenant-guid]/credentials. The resultant object will appear as:

{
    "Success": true,
    "Timestamp": {
        "Start": "2024-10-21T02:36:37.677751Z",
        "TotalMs": 23.58,
        "Messages": {}
    },
    "MaxResults": 10,
    "IterationsRequired": 1,
    "EndOfResults": true,
    "RecordsRemaining": 16,
    "Objects": [
        {
            "GUID": "example-credential",
            ... credential details ...
        },
        { ... }
    ],
    "ContinuationToken": "[continuation-token]"
}

Read

To read an object by GUID, call GET /v1.0/tenants/[tenant-guid]/credentials/[credential-guid]. If the object exists, it will be returned as a JSON object in the response body. If it does not exist, a 404 will be returned with a NotFound error response.

{
    "GUID": "6046481e-5682-462a-a1a2-a7e1e242b1ff",
    "TenantGUID": "default",
    "UserGUID": "default",
    "AccessKey": "****ebsr",
    "SecretKey": "****Qzn9",
    "Active": true,
    "CreatedUtc": "2024-10-21T14:33:55.000000Z"
}

Note: the HEAD method can be used as an alternative to get to simply check the existence of the object. HEAD requests return either a 200/OK in the event the object exists, or a 404/Not Found if not. No response body is returned with a HEAD request.

## Delete

To delete an object by GUID, call DELETE /v1.0/tenants/[tenant-guid]/credentials/[credential-guid].