Create Credential

Overview

Creates a new credential for a specific project. Credentials are used for authentication and authorization to access API Proxies and API Proxy Groups. The credential is automatically deployed to all environments in the project.

Endpoint

POST /apiops/projects/{projectName}/credentials/

Authentication

Requires a Personal API Access Token.

Header

Authorization: Bearer YOUR_TOKEN

Request

Headers

Header	Value	Required
Authorization	Bearer {token}	Yes
Content-Type	application/json	Yes

Path Parameters

Parameter	Type	Required	Description
projectName	string	Yes	Project name

Request Body

Full JSON Body Example - Basic Credential

{
  "email": "user@example.com",
  "fullName": "John Doe",
  "description": "API user credential",
  "username": "api-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER"
  ],
  "enabled": true,
  "ipList": [],
  "expireDate": null
}

Full JSON Body Example - Credential with IP Restrictions

{
  "email": "restricted@example.com",
  "fullName": "Restricted User",
  "description": "Credential with IP restrictions",
  "username": "restricted-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER",
    "DEVELOPER"
  ],
  "enabled": true,
  "ipList": [
    "192.168.1.100",
    "10.0.0.0/8",
    "172.16.0.0/12"
  ],
  "expireDate": null
}

Full JSON Body Example - Credential with Expiration Date

{
  "email": "temporary@example.com",
  "fullName": "Temporary User",
  "description": "Temporary credential with expiration",
  "username": "temp-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER"
  ],
  "enabled": true,
  "ipList": [],
  "expireDate": "2024-12-31T23:59:59.000Z"
}

Full JSON Body Example - Disabled Credential

{
  "email": "disabled@example.com",
  "fullName": "Disabled User",
  "description": "Disabled credential",
  "username": "disabled-user",
  "password": "SecurePassword123!",
  "roleNameList": [
    "API_USER"
  ],
  "enabled": false,
  "ipList": [],
  "expireDate": null
}

Request Body Fields

Field	Type	Required	Default	Description
email	string	Yes	-	Email address of the credential holder
fullName	string	Yes	-	Full name of the credential holder
description	string	No	-	Description of the credential
username	string	Yes	-	Username (unique identifier, must be unique across all credentials)
password	string	Yes	-	Password for the credential
roleNameList	array[string]	No	[]	List of role names assigned to the credential
enabled	boolean	No	true	Whether the credential is enabled
ipList	array[string]	No	[]	List of allowed IP addresses/CIDR ranges
expireDate	string|null	No	null	Expiration date in ISO 8601 format (e.g., “2024-12-31T23:59:59.000Z”)

Notes

• username must be unique across all credentials
• password must not be empty
• email must be a valid email address format
• fullName must not be empty
• roleNameList must contain valid role names that exist in the system
• ipList can contain individual IP addresses (e.g., “192.168.1.100”) or CIDR ranges (e.g., “10.0.0.0/8”)
• expireDate is in ISO 8601 format (UTC). Use null for no expiration
• enabled defaults to true if not specified
• Credential is automatically deployed to all environments in the project

Response

Success Response (200 OK)

{
  "success": true,
  "deploymentResult": {
    "success": true,
    "message": "Deployment completed successfully",
    "environmentResults": [
      {
        "environmentName": "production",
        "success": true,
        "message": "Deployed successfully"
      },
      {
        "environmentName": "staging",
        "success": true,
        "message": "Deployed successfully"
      }
    ]
  }
}

Response Fields

Field	Type	Description
success	boolean	Indicates if the request was successful
deploymentResult	object	Deployment result. See Deployment Result Object

Deployment Result Object

Field	Type	Description
success	boolean	Overall deployment success status
message	string	Deployment message
environmentResults	array[object]	Results per environment

Environment Result Object

Field	Type	Description
environmentName	string	Environment name
success	boolean	Deployment success status for this environment
message	string	Deployment message for this environment

Error Response (400 Bad Request)

{
  "error": "bad_request",
  "error_description": "Credential username can not be empty!"
}

or

{
  "error": "bad_request",
  "error_description": "Credential password can not be empty!"
}

or

{
  "error": "bad_request",
  "error_description": "Credential full name can not be empty!"
}

or

{
  "error": "bad_request",
  "error_description": "Credential email can not be empty!"
}

or

{
  "error": "bad_request",
  "error_description": "There is already a credential has this name!"
}

Common Causes

• Missing required fields (username, password, fullName, email)
• Username already exists
• Invalid email format
• Invalid role names in roleNameList
• Invalid date format for expireDate

Error Response (401 Unauthorized)

{
  "error": "unauthorized_client",
  "error_description": "Invalid token"
}

Error Response (404 Not Found)

{
  "error": "not_found",
  "error_description": "Project(MyProject) was not found or user does not have privilege to access it!"
}

cURL Example

Example 1: Create Basic Credential

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "user@example.com",
    "fullName": "John Doe",
    "description": "API user credential",
    "username": "api-user",
    "password": "SecurePassword123!",
    "roleNameList": [
      "API_USER"
    ],
    "enabled": true,
    "ipList": [],
    "expireDate": null
  }'

Example 2: Create Credential with IP Restrictions

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "restricted@example.com",
    "fullName": "Restricted User",
    "username": "restricted-user",
    "password": "SecurePassword123!",
    "roleNameList": [
      "API_USER"
    ],
    "enabled": true,
    "ipList": [
      "192.168.1.100",
      "10.0.0.0/8"
    ],
    "expireDate": null
  }'

Example 3: Create Credential with Expiration

curl -X POST \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "temporary@example.com",
    "fullName": "Temporary User",
    "username": "temp-user",
    "password": "SecurePassword123!",
    "roleNameList": [
      "API_USER"
    ],
    "enabled": true,
    "ipList": [],
    "expireDate": "2024-12-31T23:59:59.000Z"
  }'

Notes and Warnings

• Username Uniqueness:
  • Username must be unique across all credentials
  • If username already exists, creation will fail
• Password Requirements:
  • Password must not be empty
  • Use strong passwords for security
  • Passwords are stored securely (hashed)
• Email Validation:
  • Email must be provided and not empty
  • Email format should be valid
• Full Name:
  • Full name must be provided and not empty
  • Used for identification purposes
• Role Names:
  • Role names must exist in the system
  • Invalid role names will cause validation errors
  • Empty role list is allowed (no roles assigned)
• IP Restrictions:
  • IP list can contain individual IPs or CIDR ranges
  • Empty IP list means no IP restrictions
  • Invalid IP formats may cause errors
• Expiration Date:
  • Use ISO 8601 format (UTC): “YYYY-MM-DDTHH:mm:ss.sssZ”
  • Use null for no expiration
  • Expired credentials cannot be used for authentication
• Enabled Status:
  • Defaults to true if not specified
  • Disabled credentials cannot be used for authentication
• Automatic Deployment:
  • Credential is automatically deployed to all environments
  • Deployment results are returned in the response
  • Failed deployments are included in environmentResults
• Permissions:
  • Requires ROLE_MANAGE_PROXIES permission
  • Requires ROLE_DEPLOY_UNDEPLOY_PROXIES permission for deployment
  • User must have access to the project

Related Documentation

• List Credentials - List all credentials
• Update Credential - Update a credential
• Change Credential Password - Change credential password
• Grant Access - Grant access to API Proxy or Group