Credential Store

Why Trust Techopedia

What Does Credential Store Mean?

A credential store is a library of security data. A credential store can hold public key certificates, username and password combinations, or tickets.


Credentials are utilized at the time of authentication, when subjects are populated with principals, and also during authorization, when identifying the actions the subjects are able to perform.

Oracle Platform Security Services (OPSS) consists of the Credential Store Framework (CSF). The CSF is a collection of APIs that applications can utilize for creating, reading, updating, and managing credentials securely. A standard application of the credential store is the storage of credentials (user names and passwords) to gain access to some external systems, such as an LDAP-based repository or a database.

Techopedia Explains Credential Store

In the credential store framework (CSF), a credential is determined by a key name and a map name.

Usually, the map name corresponds to an application's name, and all credentials having the same map name outline a logical set of credentials, like the credentials utilized by the application. The combination of key name and map name should be unique for every entry in the credential store.

The default credential store is Oracle Wallet. For a production environment, an LDAP-based Oracle Internet Directory is ideal to be used as a credential store. Also, it is recommended to use Oracle Wallet for storing X.509 certificates.

The storage of end-user digital certificates are not supported by the credential stores. Furthermore, the credentials can be provisioned, recovered, customized, or erased, but only by a user with relevant administration rights.

In order to access the credential store and carry out the operations, the CSF API is used. The CSF includes the following features:

  • It enables the users to securely manage the credentials.
  • It offers an API for storage, recovery, and maintenance of credentials in various back-end repositories.
  • It has the ability to support LDAP-based and file-based (Oracle wallet) credential management.

Related Terms

Margaret Rouse

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…