uip or credential-stores
uip or credential-stores inspects the credential stores configured for the tenant — the secure backends that hold credentials referenced by users and machines. A credential store is identified by a numeric key (the Id) that you pass as --credential-store-key when creating credential-type users or machines.
Common types include Database (the built-in Orchestrator store), AzureKeyVault, CyberArk, HashiCorp, and others.
Synopsis
uip or credential-stores <verb> [options]
Verbs
| Verb | Purpose |
|---|---|
list | List credential stores in the tenant. |
get | Get full details of a credential store by numeric key. |
All verbs honor the global options (--output, --output-filter, --log-level, --log-file). Exit codes follow the standard contract.
uip or credential-stores list
List the credential stores visible to the caller. Returns key (GUID), numeric id, name, type, and per-type details.
Options
| Short | Long | Value | Default | Description |
|---|---|---|---|---|
-t | --tenant | name | session default | Override the tenant. |
-n | --name | text | — | Contains-match on name. |
| — | --id | number | — | Filter by numeric key (exact match). |
-l | --limit | number | 50 | Page size. |
| — | --offset | number | 0 | Skip count. |
| — | --order-by | field | Id desc | OData sort expression (for example, Name asc). |
Examples
# All stores in the tenant
uip or credential-stores list
# Filter by name
uip or credential-stores list --name "Azure"
# Just id and name, script-friendly
uip or credential-stores list --output-filter 'Data[].{id:id, n:name}'
Data shape (--output json)
{
"Code": "CredentialStoreList",
"Data": [
{
"key": "a1b2c3d4-0000-0000-0000-000000000001",
"name": "Orchestrator Database",
"type": "Database",
"details": { "isReadOnly": false },
"id": 1
},
{
"key": "a1b2c3d4-0000-0000-0000-000000000002",
"name": "Azure Key Vault",
"type": "AzureKeyVault",
"details": {},
"id": 2
}
]
}
uip or credential-stores get
Fetch full details of a credential store by numeric key. Pass the id (integer) from credential-stores list, not the GUID.
Arguments
| Name | Required | Purpose |
|---|---|---|
<key> | yes | Numeric credential store key (the id from credential-stores list). |
Options
| Short | Long | Value | Default | Description |
|---|---|---|---|---|
-t | --tenant | name | session default | Override the tenant. |
Examples
uip or credential-stores get 1
uip or credential-stores get 2 --output-filter 'Data.type'
Data shape (--output json)
{
"Code": "CredentialStore",
"Data": {
"key": "a1b2c3d4-0000-0000-0000-000000000001",
"name": "Orchestrator Database",
"type": "Database",
"details": { "isReadOnly": false },
"id": 1
}
}
Related commands
uip or users— creating a credential-typed user requires--credential-store-key, which comes from this command.uip or machines— creating a machine with stored credentials requires--credential-store-key.
See also
- Global options —
--output,--output-filter,--log-level,--log-file. - Exit codes — standard exit-code contract.