CredHub has two API endpoints to identify and re-use variables. Operators who want to see all the credentials associated with their product, or support engineers who want to troubleshoot issues specific to one virtual machine (VM), can use these APIs for those purposes.
The API endpoints perform these functions:
Use these endpoints to view variables for any product in Ops Manager, except the BOSH Director. These endpoints are read-only. You cannot use them to add, remove, or rotate variables.
This endpoint returns the list of variables associated with a product that are stored in CredHub. Not all variables are stored in CredHub. If you call a variable that is not stored in CredHub, the call returns an empty value.
$ curl "https://OPS-MAN-FQDN/api/v0/deployed/products/product-guid/variables" \
-X GET \
-H "Authorization: Bearer EXAMPLE_UAA_ACCESS_TOKEN"
HTTP/1.1 200 OK { "variables": ["FIRST-EXAMPLE-VARIABLE", "SECOND-EXAMPLE-VARIABLE", "THIRD-EXAMPLE-VARIABLE"] }
Parameter | Description |
---|---|
product_guid | The unique product identifier, formatted as a text string |
This endpoint returns a variable’s name. Use the name in the next endpoint to return the variable’s value.
This endpoint returns the value of a variable stored in CredHub. Not all variables are stored in CredHub, so if you call a variable that isn’t in CredHub, the call will return an empty value.
$ curl "https://OPS-MAN-FQDN/api/v0/deployed/products/product-guid/variables?name=EXAMPLE-VARIABLE-NAME" \
-X GET \
-H "Authorization: Bearer UAA_ACCESS_TOKEN"
HTTP/1.1 200 OK { "credhub-password": "EXAMPLE-PASSWORD" }
Parameter | Description |
---|---|
variable_name | The name of the variable, formatted as a text string |
product_guid | The unique product identifier, formatted as a text string |