Skip to content

Credential Management

Jump to bottom Edit New page
Ihor Bubnyak edited this page Oct 26, 2022 · 24 revisions

Various Orion processes (discovery, polling) work with credentials that are stored in Orion. This page describes how to manage credentials using Orion SDK.

Verbs

The Orion.Credential entity provides following verbs to create Orion credentials. Parameters are listed in C# syntax.

Create SNMP v1 and v2c credentials

public long CreateSNMPCredentials(
	string name, 
	string community,
	string owner = "Orion")

Parameters:

  • name - credentials name, required
  • community - community string, required
  • owner - credential owner, optional

Verb returns ID of the newly created Orion.Credential instance. Credential name must be unique for given credential type, exception is thrown otherwise.

Supported since: Orion Platform 2017.3 (NPM 12.2)

Example:

# create SNMP credentials with name=custom, community=RO_permanent
# credentialId can be used in discovery plugin configuration
$credentialId = Invoke-SwisVerb $swis Orion.Credential CreateSNMPCredentials @( "custom",  "RO_permanent" )

Update SNMP v1 and v2c credentials

void UpdateSNMPCredentials(int credentialId,
            string name,
            string community)

Parameters:

  • credentialId - ID of the credential to update (must be an SNMP v1/v2c credential)
  • name - name to set for the credential (must not be empty)
  • community - community string to set for the credential

Supported since Orion Platform 2018.4 (NPM 12.4)

Create SNMP v3 credentials

public long CreateSNMPv3Credentials(
	string name, 
	string username,
	string context, 
	string authenticationMethod, string authenticationPassword, bool isAuthenticationPasswordKey, 
	string privacyMethod, string privacyPassword, bool isPrivacyPasswordKey,
	string owner = "Orion")

Parameters:

  • name - credentials name, required
  • username - username, required
  • context - context, required
  • authenticationMethod - authentication method (None, MD5, SHA1), required
  • authenticationPassword - authentication password, value can be empty for authentication method None, required
  • authenticationKeyIsPassword - is authentication key password (True, False), required
  • privacyMethod - privacy method (None, DES56, AES128, AES192, AES256), required
  • privacyPassword - privacy password, value can be empty for privacy method None, required
  • privacyKeyIsPassword - is privacy key password (True, False), required
  • owner - credential owner, default value = Orion, optional

Verb returns ID of the newly created Orion.Credential instance. Credential name must be unique for given credential type, exception is thrown otherwise.

Supported since: Orion Platform 2017.3 (NPM 12.2)

Update SNMP v3 credentials

void UpdateSNMPv3Credentials(
	int credentialId,
	string name,
	string username,
	string context,
	string authenticationMethodValue,
	string authenticationPassword,
	bool authenticationKeyIsPassword,
	string privacyMethodValue,
	string privacyPassword,
	bool privacyKeyIsPassword)

Parameters:

  • credentialId - ID of the credential to update (must be an SNMP v1/v2c credential)
  • name - name to set for the credential (must not be empty)
  • username - username, required
  • context - context, required
  • authenticationMethodValue - authentication method (None, MD5, SHA1), required
  • authenticationPassword - authentication password, value can be empty for authentication method None, required
  • authenticationKeyIsPassword - is authentication key password (True, False), required
  • privacyMethodValue - privacy method (None, DES56, AES128, AES192, AES256), required
  • privacyPassword - privacy password, value can be empty for privacy method None, required
  • privacyKeyIsPassword - is privacy key password (True, False), required

Supported since Orion Platform 2018.4 (NPM 12.4)

Create UserPassword (WMI) credentials

These credentials are applicable for WMI discovery configuration.

public long CreateUsernamePasswordCredentials(
	string name, 
	string username, 
	string password,
	string owner = "Orion")

Parameters:

  • name - credentials name, required
  • username - username, required
  • password - password, required
  • owner - credential owner, default value = Orion, optional

Verb returns ID of the newly created Orion.Credential instance. Credential name must be unique for given credential type, exception is thrown otherwise.

Example:

# create WHMI credentials guest/guest with name=custom
# credentialId can be used in discovery plugin configuration
$credentialId = Invoke-SwisVerb $swis Orion.Credential CreateUsernamePasswordCredentials @( "custom",  "guest", "guest" )

Update UserPassword (WMI) credentials

void UpdateUsernamePasswordCredentials(
	int credentialId,
	string name,
	string username,
	string password)

Parameters:

  • credentialId - ID of the credential to update (must be an SNMP v1/v2c credential)
  • name - name to set for the credential (must not be empty)
  • username - username to set for the credential
  • password - password to set for the credential

Supported since Orion Platform 2018.4 (NPM 12.4)

Shared Credentials Verbs

Shared Credentials help you ensure that all existing Hybrid Cloud Observability credential sets follow a unified set of rules regarding their structure, storage, and management operations. Hybrid Cloud Observability 2022.4 introduced two verbs for managing shared credentials: CreateCredentials and UpdateCredentials; these verbs support most common credential types.

See the table below for the full list of supported credential types.

Orion.Credential

Each instance of Orion.Credential represents one shared credential set. Notable properties include:

  • ID - The primary key assigned to the credential set.
  • Name - The name assigned to the credential set to distinguish it from the rest; it is not part of actual credentials data (e.g. username, password).
  • CredentialType - The credential set type in a specific format.
  • CredentialOwner - The owner of the credential set, usually a module or a feature, used for determining in which parts of the product the credentials may be used.

Verb: CreateCredentials

Orion.AlertActive CreateCredentials (string type, Dictionary<string, string> properties, string owner)

Use this verb to create a credential set of a given type. Requires the following arguments:

  • Type - Corresponds to the CredentialType property of Orion.Credential entity; see the table below for all available formats.
  • Properties - Configuration of the credential set listed in the form of a dictionary; see the table below for all example configurations.
  • Owner - same as CredentialOwner property of Orion.Credential entity; see the table below for all available values.

To prevent potential issues, the verb does not allow you to create duplicates. The following arguments determine that the credential set is unique: Name, which is read from the Properties field, & Type & Owner.

Note: The Type and Owner properties of the credential set cannot be changed afterward.

Verb: UpdateCredentials

Orion.AlertActive UpdateCredentials (int id, Dictionary<string, string> properties)

Use this verb to update an already existing credential set of a given type. Requires the following arguments:

  • ID - Corresponds to the ID property of Orion.Credential entity; an ID of an existing credential set to be updated.
  • Properties - Configuration of the credential set listed in the form of a dictionary; see the table below for all example configurations.

Supported credential types and example properties

The following table lists all supported credential types, their default owners, and example properties (in the format applicable for invoking the verbs in SWQL Studio).

Note: The first two keys <Key>Name</Key> and <Key>Description</Key> are properties of the credentials set itself and are not part of the credentials data (e.g. username, password).

Credential Type Type Description Default Owner Owner Configuration Example (SWQL Studio) Properties Supported in
SolarWinds.Orion.Core.SharedCredentials.Credentials.UsernamePasswordCredential Username & Password combo; used throughout the product (e.g. discovery, alerting\reporting actions etc.). Orion Properties 2022.4. and later
SolarWinds.APM.Common.Credentials.ApmUsernamePasswordCredential SAM module’s version of the UsernamePasswordCredentials; used in SAM specific features (e.g. applications discovery). APM Properties 2022.4. and later
SolarWinds.Orion.Core.SharedCredentials.Credentials.ApiKeyCredential Used in “Send GET\POST Request” Alerting action for the Token Authentication option. Orion Properties 2022.4. and later
SolarWinds.Orion.Core.SharedCredentials.Credentials.SmtpServerCredential Basic authentication credentials for an SMTP Server (used by alert\reporting actions). Orion Properties 2022.4. and later
SolarWinds.Orion.Core.Models.Credentials.SnmpCredentialsV3 Node SNMPv3 credentials Orion Properties 2022.4. and later
SolarWinds.Orion.Core.Models.Credentials.SnmpCredentialsV2 Node SNMPv2 credentials (only for discovery), include regular SNMPv1. Orion Properties 2022.4. and later
SolarWinds.Orion.Core.SharedCredentials.Credentials.CliCredential Node credentials for CLI polling CLI Properties 2022.4. and later
Clone this wiki locally