Update Credentials (Service) | ArcGIS REST APIs

URL:: https://<root>/cloud/services/<serviceID>/credential/update
Methods:: POST
Version Introduced:: 12.0

Access requirements

Required privileges

The Enterprise Administrator API requires privilege-based access. An administrator must be assigned a specific user privilege, or role, to access any given endpoint. Listed below are the user privileges or roles an administrator can be assigned that provides access to this endpoint. If multiple privileges are listed, only one needs to be assigned to gain access.

Security and infrastructure

Tokens

This API requires token-based authentication. A token is automatically generated for administrators who sign in to the Enterprise Administrator API directory's HTML interface. Tokens generated in this way are stored for the entirety of the session.

Those accessing the API directory outside of the HTML interface will need to acquire a session token from the generateToken operation in the Enterprise Directory API. For security reasons, all POST requests made to the Enterprise Administrator API must include a token in the request body.

Learn how to generate a token

Description

The credential/update operation updates the credential information for a cloud service. The credential update request must include the credential information for the service, which is returned by the Services resource. Once submitted, the request returns a job ID that you can use to query the job resource. The HTML view also returns a link that can be used to access the job page for the request.

Request parameters

Parameter Details

Parameter	Details
`credential`	The updated credential object. The current credential object can be retrieved and modified from the Services resource. Amazon S3 credential examplesAmazon S3 credential examplesAzure Blob Store credential examplesGoogle Cloud Storage credential examples Use dark colors for code blocksCopy `1 2 3 4 5 6 7 8 9 10 11 12 13 // Access Keys credential={ "type":"ACCESS-KEY", "secret":{ "secret_key":"<secret_key>", "access_key":"<access_key>" } } // IAM Role credential={ "type": "IAM-ROLE" }` Note This operation can also update credentials for user-registered raster stores and supports both Azure Service Principal and Azure SAS tokens. Examples Use dark colors for code blocksCopy `1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 // Azure Blob Store - Service Principal { "secret":{ "storageAccountName":"<account_name>" }, "type":"SERVICE-PRINCIPAL", "servicePrincipal":{ "clientId":"<client_id>", "tenantId":"<tenant_id>", "clientSecret":"<client_secret>" } } // Azure Blob Store - SAS Token { "type":"SAS-TOKEN", "secret":{ "sasToken":"<azure_sas_token>", "storageAccountName":"<account_name>" } }`
`f`	The response format. The default format is `html`. Values: `html` \| `json` \| `pjson`

credential

The updated credential object. The current credential object can be retrieved and modified from the Services resource.

Amazon S3 credential examples

Azure Blob Store credential examples

Google Cloud Storage credential examples

Use dark colors for code blocksCopy
// Access Keys
credential={
  "type":"ACCESS-KEY",
  "secret":{
    "secret_key":"<secret_key>",
    "access_key":"<access_key>"
  }
}

// IAM Role
credential={
  "type": "IAM-ROLE"
}

Examples
Use dark colors for code blocksCopy
// Azure Blob Store - Service Principal
{
  "secret":{
    "storageAccountName":"<account_name>"
  },
  "type":"SERVICE-PRINCIPAL",
  "servicePrincipal":{
    "clientId":"<client_id>",
    "tenantId":"<tenant_id>",
    "clientSecret":"<client_secret>"
  }
}

// Azure Blob Store - SAS Token
{
  "type":"SAS-TOKEN",
  "secret":{
    "sasToken":"<azure_sas_token>",
    "storageAccountName":"<account_name>"
  }
}

f

The response format. The default format is html.

Values: html | json | pjson

Example usage

The following is a sample POST request for the credential/update operation:

Use dark colors for code blocksCopy
POST /<context>/admin/clouds/services/eg7hrelq6b/credential/update HTTP/1.1
Host: organization.example.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []

credential={"type":"STORAGE-ACCOUNT-KEY","secret": {"storageAccountName": "{crypt}R68p/cvTUo1LmRcgXJ5U07WKv936mnCe","storageAccountKey": "{crypt}xxxxxxxxxxxxxxxxVC5M"}}&f=pjson&token=m7zGSezM7znt6ZuIwr827imJxOTSDsjYujVdd7SiAQLYG1HmesG8EbSnTwCbiekEh0QwRdmeyp1hP63M60TPrdZQ2NzIg5G7qFaQh40MdiOCfh60-6oPKC2MNoqwdVDZ3srzreVZb66QofWXws8GMrKWkgP45A-2an5crKvReUo-pwvkzm68W87Q0yPJFA2Kww39UnMYNw-5qd2-Bt04VmkrqKI-lCbA-jFZY_UGzeGzNqnBGrjKuVB_q17HogMw

JSON Response example

Use dark colors for code blocksCopy
{
  "cloudCredentialRotationJobId": j876ae6e7-27d9-4b2d-b8ab-d07e2433e2c1",
  "message": "A cloud credentials rotation job is in-progress"
}