To look up the account credentials for the built-in accounts that are managed and rotated by SDDC Manager, you log in to the SDDC Manager VM using the root account credentials.


You must have the root account credentials to log in to the SDDC Manager VM.

Configure the privileged user. For more information, see Configure Dual Authentication.


  1. SSH in to the SDDC Manager VM using the vcf user account.
  2. (Optional) Change to the /usr/bin directory.
    Note: Although the password management CLI commands are located in /usr/bin, you can run them from any directory.
  3. Enter su to switch to the root user.
  4. Obtain the account credentials list by typing the command:

    You will be required to enter the privileged user name and the privileged password.

    To display the output in JSON format, use the following example command:

    curl “https://localhost/security/password/vault” -k -u "<administrative user name>:<password>" -H “Accept: application/json” -H “privileged-username: vcf-secure-user@vsphere.local” -H “privileged-password: AfGh!8f9”

    Enter the required credentials.

  5. (Optional) Save the command output to a secure location with encryption so that you can access it later and use it to log in to the components as needed.