List Credentials

Overview

Retrieves all credentials for a specified project. Credentials are used for authentication and authorization to access API Proxies and API Proxy Groups.

Endpoint

GET /apiops/projects/{projectName}/credentials/

Authentication

Requires a Personal API Access Token.

Header

Authorization: Bearer YOUR_TOKEN

Request

Headers

Header	Value	Required
Authorization	Bearer {token}	Yes

Path Parameters

Parameter	Type	Required	Description
projectName	string	Yes	Project name

Query Parameters

None.

Response

Success Response (200 OK)

{
  "success": true,
  "resultList": [
    {
      "email": "user@example.com",
      "fullName": "John Doe",
      "description": "API user credential",
      "username": "api-user",
      "password": null,
      "roleNameList": [
        "API_USER",
        "DEVELOPER"
      ],
      "enabled": true,
      "ipList": [
        "192.168.1.100",
        "10.0.0.0/8"
      ],
      "expireDate": "2024-12-31T23:59:59.000Z"
    },
    {
      "email": "admin@example.com",
      "fullName": "Admin User",
      "description": "Administrator credential",
      "username": "admin",
      "password": null,
      "roleNameList": [
        "ADMIN"
      ],
      "enabled": true,
      "ipList": [],
      "expireDate": null
    }
  ]
}

Response Fields

Field	Type	Description
success	boolean	Indicates if the request was successful
resultList	array[object]	List of credentials

Credential Object

Field	Type	Description
email	string	Email address of the credential
fullName	string	Full name of the credential holder
description	string	Description of the credential
username	string	Username (unique identifier)
password	string|null	Password (always null in list response for security)
roleNameList	array[string]	List of role names assigned to the credential
enabled	boolean	Whether the credential is enabled
ipList	array[string]	List of allowed IP addresses/CIDR ranges
expireDate	string|null	Expiration date in ISO 8601 format (e.g., “2024-12-31T23:59:59.000Z”)

Notes

• password field is always null in list responses for security reasons
• expireDate is in ISO 8601 format (UTC)
• ipList can contain individual IP addresses or CIDR ranges
• Empty arrays ([]) are returned for empty lists
• For admin project, all credentials are returned; for regular projects, only project-specific credentials are returned

Error Response (401 Unauthorized)

{
  "error": "unauthorized_client",
  "error_description": "Invalid token"
}

Error Response (404 Not Found)

{
  "error": "not_found",
  "error_description": "Project(MyProject) was not found or user does not have privilege to access it!"
}

cURL Example

curl -X GET \
  "https://demo.apinizer.com/apiops/projects/MyProject/credentials/" \
  -H "Authorization: Bearer YOUR_TOKEN"

Notes and Warnings

• Password Security:
  • Passwords are never returned in list responses
  • Use Change Password endpoint to update passwords
• Project Scope:
  • Regular projects return only project-specific credentials
  • Admin project returns all credentials (including global)
• Role Names:
  • Role names are returned instead of role IDs
  • Role names must match existing credential roles
• IP Restrictions:
  • IP list can contain individual IPs or CIDR ranges
  • Empty IP list means no IP restrictions
• Expiration:
  • Expired credentials may still be returned
  • Check expireDate to determine if credential is expired
• Enabled Status:
  • Disabled credentials are still returned
  • Check enabled field to determine if credential is active
• Permissions:
  • Requires ROLE_MANAGE_PROXIES permission
  • User must have access to the project

Related Documentation

• Create Credential - Create a new credential
• Update Credential - Update a credential
• Get Granted Access List - Get access list for credential