Configuring Credentials

Default Credentials #

With Manage By: Defaults selected, click on the Credentials tab.

The following actions are available:

Action
Description

Adds a new Credential, and allows you to specify whether it has a default value or not.

Edits an existing Credential. You can update the Credential’s name and modify any default values.

Deletes a Credential from the system.

Deleting a global Credential will also delete the Credential from Domains and Users.

Adding Credentials #

The following actions are available:

Property
Description
Name Symbolic name to use for this Credential. This label will be displayed on the User and Domain Provisioning views.
Type Specifies a Credential type:

  1. Username & Password: This Credential type contains properties for Username and Password.
  2. Username, Domain, & Password: This Credential type contains properties for Username, Domain, and Password.
Credential

Default values for this Credential set.

Credential Usage Determines how the Credential will be used.

  1. Use for validation only: This value will only be used to validate endpoints. It will not be inherited as a default for Domains or Users. With this option selected, a separate value must be set for a User, or a User’s Domain.
  2. Use as a default value: This value will be used to validate endpoints, as well as a default value for all Users. This “default” value can be overwritten at the User or Domain level. However, if nothing is explicitly set for the User, or the User’s Domain, they will inherit the value supplied here.

Domain-Scoped Credentials #

Domain-scoped credentials apply to all users in an edgeCore domain, except those that have their own credentials defined (see User-Scoped Credentials below).

With Manage By: Domains selected, click on the name of the Domain and then the Credentials tab.  Double-clicking a Credential row, or clicking the pencil icon in the footer will activate the Edit Credential dialog.

Property
Description
Inherited? Yes: Use the default values

No: Specify values for this Domain

Credential
Values for this Credential set for this Domain.
Not all Credentials will have globally defined default values. If the global default Credential values are undefined, and no default value is provided for a Domain, end users will be prompted to enter Credential values. Once an end user enters Credential values, they will be stored at the User’s level.

User-Scoped Credentials

Individual users can be assigned specific credentials on the Provision Users page.  Navigate to it by selecting Users in the Manage By drop down list.  On the left, select the user to be managed.  Select the Credentials tab in the right pane.  The Edit Credential dialog is displayed.

Property
Description
Inherited? Yes: Use the Domain values, if defined, else use the defaults.

No: Specify values for this User

Credential
Values for this Credential set for this User.

It is possible to configure edgeCore to prevent the storage of user-scoped credentials, whether they are user-entered or configured by the administrative user.  This option is controlled by setting the secvars.persistUserCredentials property in either custom.properties or local.properties (both located in the conf/ directory of the edgeCore installation).  By default this is set to true, but when it is set to false, user-scoped credentials are not persisted in the edgeCore database, and will only be valid for the duration of edgeCore user sessions.

When user-scoped credentials are not being persisted, this is indicated on the Provision Users page by [not stored] being displayed where the username portion of the credential might normally be displayed.  Values for user-scoped credentials are not available for editing here, either.