External Credentials
External credentials are the credentials for a specific user to access a specific external system. The type of credentials to provide for each external system is decided by the configured credentials type in the external system configuration.
The External Systems Management UI provides a user self-service function, where users can enter their own credentials for external systems. In order for self-service to be available for a specific user, the user must first have been added in the External Systems Management UI, see Adding users for external systems.
Credentials protection
-
All configured passwords are stored salted and encrypted in the ESSM database.
-
When a user logs on via relay (see Grid Relay User Configuration), the grid principal contains all the configured credentials for external systems. These are kept encrypted in the grid principal.
-
Only applications approved by an administrator – by setting up an application mapping – may get the decrypted credentials and only for those external systems for which it has been approved.
-
Passwords are not displayed in the External Systems Management UI or the Relay User Self Service UI.