Credentials

Credentials are secure, reusable authentication Records used by various Configuration Items (Accounts, Endpoints, Pipelines, etc.). Credentials are the foundation for secure file transfers throughout UDMG.

The Credentials page is a comprehensive vault that centralizes the storage and administration of all Credentials. This unified vault creates a cohesive security framework that maintains strong cryptographic practices while simplifying administration.

This architectural approach has several advantages:

• Consistent Reference Model: Credentials are created in one place, but can be referenced by any Configuration Item.
• Simplified Key Rotation: Credentials can be updated in one location.
• Reduced Configuration Errors: Eliminates duplicate credential management.
• Enhanced Auditability: Provides a single source of truth for security audit.

info

Credentials are created at the Domain level and can only be used within their Domain. If the same Credentials are needed in multiple Domains, they must be recreated in each Domain.

Types of Credentials

UDMG supports seven types of Credentials, each corresponding to a specific authentication or encryption method used within the platform.

Credential Type	Use Case	Required For
Public Key	SSH public key used to authenticate the client or verify your partner's SFTP servers' identity.	Authentication and login to a Local SFTP Server Endpoint. Public Key representing the Host Key of your partner's SFTP server (external).
Private Key	SSH private key kept on the server that establishes the server's identity.	SSH Host Private Key of the Local SFTP Server Endpoint. AS2 message decryption and signing for the Remote AS2 Server Endpoint.
PGP Public Key	PGP key used to perform OpenPGP encryption of transferred files.	UDMG OpenPGP Encryption Extension
PGP Private Key	PGP key used for OpenPGP decryption of transferred files.	UDMG OpenPGP Encryption Extension
Username and Password	Username/password for authentication.	LDAP bind credentials (Users and Accounts). Authentication and login to your partner's SFTP server (Pipeline with Remote SFTP Server Endpoint). Authentication and login to your partner's FTP server (Pipeline with Remote FTP Server Endpoint).
Username and Key	Username and Private key for authentication.	Authentication and login to your partner's SFTP server (Pipeline with Remote SFTP Server Endpoint).
Username, Password, and Key	Username/password and Private Key for authentication.	Authentication and login to your partner's SFTP server (Pipeline with Remote SFTP Server Endpoint).
X.509 Certificate	Certificate used to verify digital signatures and establish trusted identity in secure communications.	Authentication for the Single Sign-On (SSO)-SAML configuration (Users and Accounts). The certificate verifies the signature on the SAML response and confirms the Identity Provider's authenticity. AS2 message encryption and signing for the Remote AS2 Server Endpoint (Local and Partner).
TLS Certificate Pair	TLS server or messaging identity combining a public X.509 certificate and its private key for HTTPS, FTPS, and AS2 encryption and signing.	HTTPS/TLS identity for the Local AS2 Server Endpoint. AS2 message decryption and signing for the Local AS2 Server Endpoint. FTPS/TLS identity for the Local FTPS Server Endpoint.
Key Pair	Encrypted secret key and value used for authentication.	Authentication for the Single Sign-On (SSO)-OIDC (OpenID Connect)/OAuth 2.0 configuration (Users and Accounts). The Key Pair identify and authenticate UDMG with the Identity Provider, exchanging authorization codes for tokens.