Skip to main content

Credentials

Credentials are secure, reusable authentication Records used by various Configuration Items (Accounts, Endpoints, Pipelines, etc.). Credentials are the foundation for secure file transfers throughout UDMG.

The Credentials page is a comprehensive vault that centralizes the storage and administration of all Credentials. This unified vault creates a cohesive security framework that maintains strong cryptographic practices while simplifying administration.

This architectural approach has several advantages:

  • Consistent Reference Model: Credentials are created in one place, but can be referenced by any Configuration Item.
  • Simplified Key Rotation: Credentials can be updated in one location.
  • Reduced Configuration Errors: Eliminates duplicate credential management.
  • Enhanced Auditability: Provides a single source of truth for security audit.
info

Credentials are created at the Domain level and can only be used within their Domain. If the same Credentials are needed in multiple Domains, they must be recreated in each Domain.

Types of Credentials

UDMG supports seven types of Credentials, each corresponding to a specific authentication or encryption method used within the platform.

Credential TypeUse CaseRequired For
Public KeySSH public key used to authenticate the client or verify the external SFTP server's identity.
  • Authentication and login to a Local SFTP Server Endpoint
  • Public Key representing the Host Key of the external (remote) SFTP server
Private KeySSH private key kept on the server that establishes the server's identity.SSH Host Private Key of the Local SFTP Server Endpoint
PGP Public KeyPGP key used to perform OpenPGP encryption of transferred files.UDMG OpenPGP Encryption Extension
PGP Private KeyPGP key used for OpenPGP decryption of transferred files.UDMG OpenPGP Encryption Extension
Username and PasswordUsername/password for authentication.
  • LDAP bind credentials (username/password)
  • Authentication and login to the remote SFTP server (username/password)
Username and KeyUsername/key for authentication.Authentication and login to the remote SFTP server (username/public-private key)
Username, Password, and KeyUsername/password and key for authentication.Authentication and login to the remote SFTP server (username/password, username/public-private key)
X509 CertificateCertificate used to verify digital signatures and establish trusted identity in secure communications.Authentication for the Single Sign-On (SSO)-SAML configuration. The certificate verifies the signature on the SAML response and confirms the Identity Provider's authenticity.
Key PairEncrypted secret key and value used for authentication.Authentication for the Single Sign-On (SSO)-OIDC (OpenID Connect)/OAuth 2.0 configuration. The Key Pair identify and authenticate UDMG with the Identity Provider, exchanging authorization codes for tokens.