mqsicredentials command

Use the mqsicredentials command to encrypt credentials and store them in an IBM® App Connect Enterprise vault. These credentials can then be used by an integration node and its managed integration servers, an individual integration server, or any number of integration servers, to access secured resources.

Supported platforms

  • Windows
  • Linux®
  • AIX®

Purpose

Use the mqsicredentials command to create, update, retrieve, or delete the security credentials for resources that can be used by an integration node and its managed integration servers, an individual integration server, or any number of integration servers. The credentials are stored in an encrypted form in an App Connect Enterprise vault.

For more information about configuring vaults and credentials, see the following topics:
The security credentials that you set are used for connections to the following resources:
Credential type Resource requiring credentials for access
amazoncloudwatch Amazon CloudWatch
amazondynamodb Amazon DynamoDB
amazonec2 Amazon EC2
amazoneventbridge Amazon EventBridge
amazonlambda AWS Lambda
amazonrds Amazon RDS
amazons3 Amazon S3
amazonses Amazon SES
amazonsns Amazon SNS
amazonsqs Amazon SQS
anaplan Anaplan
asana Asana
azuread Microsoft Entra ID
azureblobstorage Microsoft Azure Blob storage
bamboohr BambooHR
box Box
calendly Calendly
cd IBM Sterling Connect:Direct® server
cdc Change Data Capture
cics CICS® Transaction Server for z/OS®
cloudantdb IBM Cloudant®
cmis CMIS
confluence Confluence
coupa Coupa
dropbox Dropbox
eis External Enterprise Information System (EIS), such as SAP, Siebel, JD Edwards, or PeopleSoft
elk Elasticsearch, Logstash, and Kibana (ELK) server
email Email server
eventbrite Eventbrite
expensify Expensify
filenet IBM FileNet Content Manager
flexengage flexEngage
ftp FTP server
github GitHub
gitlab GitLab
gmail Gmail
googleanalytics Google Analytics
googlecalendar Google Calendar
googlechat Google Chat
googlebigquery Google Cloud BigQuery
googlecloudstorage Google Cloud Storage
googlecontacts Google Contacts
googledrive Google Drive
googlegroups Google Groups
googlepubsub Google Cloud Pub/Sub
googlesheet Google Sheets
googletasks Google Tasks
googletranslate Google Translate
greenhouse Greenhouse
http SOAP and HTTP request nodes for static ID identity propagation when using basic authentication (basicAuth): SOAPRequest, SOAPAsyncRequest, HTTPRequest, and HTTPAsyncRequest nodes
httpproxy HTTP proxy server that requires a username and password
hubspotcrm HubSpot CRM
hubspotmarketing HubSpot Marketing
ibmcoss3 IBM Cloud Object Storage S3
ibmewm IBM Engineering Workflow Management
ibmopenpages IBM OpenPages with Watson
ibmsterlingiv IBM Sterling Inventory Visibility
ibmsterlingsci IBM Supply Chain Intelligence Suite
ibmtwc IBM Weather Company Data Limited Edition
ift IBM Food Trust
ims IMS Connect server
insightly Insightly
jdbc JDBC type 4 connection
jenkins Jenkins
jira Jira
jms JMS resource
jndi JNDI resource
kafka Kafka cluster that requires a username and password
kerberos The Kerberos Key Distribution Center (KDC)
keystore Web user interface keystore password
keystorekey The key inside the keystore (for use when the key inside the keystore is protected by a password that is different from the password that is used to open the keystore)
kronos Ultimate Kronos Group (UKG)
ldap Lightweight Directory Access Protocol (LDAP) bind credentials
local Security profile when using an authentication type of 'Local'
loopback Loopback connector resource
magento Magento
mailchimp MailChimp
marketo Marketo
maximo IBM Maximo®
mondaydotcom monday.com
mq Secured IBM MQ queue manager
mqtt Secured MQTT server
msad Microsoft Active Directory
msdynamicscrmrest Microsoft Dynamics 365 for Sales
msdynamicsfando Microsoft Dynamics 365 for Finance and Operations
msexcel Microsoft Excel Online
msexchange Microsoft Exchange
msonedrive Microsoft OneDrive for Business
msonenote Microsoft OneNote
mspowerbi Microsoft Power BI
mssharepoint Microsoft SharePoint
msteams Microsoft Teams
mstodo Microsoft To Do
odbc ODBC data source name (DSN) that is accessed from a message flow
odm Operational Decision Manager (ODM) Rule Execution Server
oracleebs Oracle E-Business Suite
oraclehcm Oracle Human Capital Management
rest External REST API
salesforce Salesforce
salesforceae Salesforce Account Engagement
salesforcemc Salesforce Marketing Cloud
sapariba SAP Ariba
sapodata SAP OData
sapsuccessfactors SAP SuccessFactors
servicenow ServiceNow
sfcommerceclouddata Salesforce Commerce Cloud Digital Data
sftp Connection to an SFTP server
shopify Shopify
slack Slack
smtp Connection to an SMTP server
snowflake Snowflake
soap SOAP request and reply nodes for static ID identity propagation when using WS-Security while connecting to or replying from a web service (SOAPRequest, SOAPAsyncRequest, and SOAPReply nodes)
square Square
surveymonkey SurveyMonkey
trello Trello
truststore Integration server or integration node truststore
truststorekey The key inside the truststore (for use when the key inside the truststore is protected by a password that is different from the password that is used to open the truststore)
twilio Twilio
watsondiscovery IBM Watson Discovery
wordpress WordPress
wsrr WebSphere® Service Registry and Repository
wufoo Wufoo
wxs WebSphere eXtreme Scale grid
yammer Microsoft Viva Engage
yapily Yapily
zendeskservice Zendesk Service

Syntax

Create or update credentials

Read syntax diagramSkip visual syntax diagrammqsicredentials --work-dir workpath --ext-vault-dir externalDirectoryVaultPathintegrationNodeName --integration-server integrationServerName --all-integration-servers  --integration-connection-file fileName --integration-server integrationServerName --all-integration-servers  --admin-host hostname --admin-port port --integration-server integrationServerName --all-integration-servers  --create  --update  --credential-type type  --credential-name name  --vault-key vaultKey --ext-vault-key externalDirectoryVaultKey --vaultrc-location mqsivaultrc_file_location --api-key apiKey --username userName --password password --ssh-identity-file file --passphrase phrase  --client-id clientIdentity  --client-secret clientSecret  --trace traceFileName

Report

Read syntax diagramSkip visual syntax diagrammqsicredentials --work-dir workpath --ext-vault-dir externalDirectoryVaultPathintegrationNodeName --integration-server integrationServerName --all-integration-servers  --integration-connection-file fileName --integration-server integrationServerName --all-integration-servers  --admin-host hostname --admin-port port --integration-server integrationServerName --all-integration-servers  --report  --credential-type type --credential-name name --vault-key vaultKey --ext-vault-key externalDirectoryVaultKey --vaultrc-location mqsivaultrc_file_location --trace traceFileName

Delete

Read syntax diagramSkip visual syntax diagrammqsicredentials --work-dir workpath --ext-vault-dir externalDirectoryVaultPathintegrationNodeName --integration-server integrationServerName --all-integration-servers  --integration-connection-file fileName --integration-server integrationServerName --all-integration-servers  --admin-host hostname --admin-port port --integration-server integrationServerName --all-integration-servers  --delete  --credential-type type  --credential-name name  --vault-key vaultKey --ext-vault-key externalDirectoryVaultKey --vaultrc-location mqsivaultrc_file_location --trace traceFileName

Set as default

Read syntax diagramSkip visual syntax diagrammqsicredentials --work-dir workpathintegrationNodeName --integration-server integrationServerName --all-integration-servers  --integration-connection-file fileName --integration-server integrationServerName --all-integration-servers  --admin-host hostname --admin-port port --integration-server integrationServerName --all-integration-servers  --set-as-default  --credential-type type  --credential-name name  --trace traceFileName

Export / Import

Read syntax diagramSkip visual syntax diagrammqsicredentials --work-dir workpath --ext-vault-dir externalDirectoryVaultPathintegrationNodeName --integration-server integrationServerName --integration-connection-file fileName --integration-server integrationServerName --admin-host hostname --admin-port port --integration-server integrationServerName --export  --import  --credential-type type  --credential-name name  --archive-locationarchive_location  --archive-key archiveKey  --vault-key vaultKey --ext-vault-key externalDirectoryVaultKey --vaultrc-location mqsivaultrc_file_location --trace traceFileName

Parameters

--work-dir workpath
(Optional) This parameter specifies the path to the work directory that is used by an independent integration server (not an integration server that is managed by an integration node). If you do not specify the --work-dir parameter, you must specify either the --ext-vault-dir, integrationNodeName, or --integration-connection-file parameter, or the --admin-host and --admin-port parameters.
--ext-vault-dir externalDirectoryVaultPath
(Optional) This parameter specifies the path to the directory that contains the external directory vault, which can be shared by multiple integration servers. If you do not specify the --ext-vault-dir parameter, you must specify either the --work-dir, integrationNodeName, or --integration-connection-file parameter, or the --admin-host and --admin-port parameters.

You cannot set the --ext-vault-dir parameter in conjunction with the --set-as-default parameter.

integrationNodeName
(Optional) The name of the integration node that is associated with the resources for which the credentials are being created, updated, reported, or deleted. If you do not specify this parameter, you must specify either the --work-dir, --ext-vault-dir, or --integration-connection-file parameter, or the --admin-host and --admin-port parameters.
--integration-connection-file fileName
(Optional) This parameter specifies a file that contains connection information for an integration node or server. If you do not specify the --integration-connection-file parameter, you must specify either the integrationNodeName, --work-dir, or --ext-vault-dir parameter, or the --admin-host and --admin-port parameters.
--admin-host hostname
(Optional) This parameter specifies the hostname or IP address of the computer on which the integration node or integration server is running. If you do not specify the --admin-host and --admin-port parameters, you must specify either the integrationNodeName, --work-dir, --ext-vault-dir, or --integration-connection-file parameter.
--admin-port port
(Optional) This parameter specifies the port of the integration node or integration server. If you do not specify the --admin-host and --admin-port parameters, you must specify either the integrationNodeName, --work-dir, --ext-vault-dir, or --integration-connection-file parameter.
--integration-server IntegrationServerName
(Optional) Specify the name of the integration server that is associated with the resources for which the credentials are being created, updated, reported, or deleted. This parameter applies only to integration servers that are managed by an integration node. Alternatively, you can specify --all-integration-servers.
--all-integration-servers
(Optional) This parameter specifies that the command applies to all integration servers that are managed by the integration node. Alternatively, you can specify a named integration server (--integration-server IntegrationServerName). This parameter applies only to integration servers that are managed by an integration node.
--create
(Optional) Specify this parameter to create credentials in the vault, with the name and type specified by the --credential-name and --credential-type parameters.

If you do not specify this parameter, you must specify either --update, --report, --set-as-default, or --delete.

--update
(Optional) Specify this parameter to update the credentials that are specified by the --credential-name and --credential-type parameters.

If you do not specify this parameter, you must specify either --create, --report, --set-as-default, or --delete.

--report
(Optional) Specify this parameter to show the reportable details of an existing credential, as specified by the --credential-name and --credential-type parameters.

If you do not specify this parameter, you must specify either --create, --update, --set-as-default, oror --delete.

--delete
(Optional) Specify this parameter to delete the specified credentials from the vault.

If you do not specify this parameter, you must specify either --create, --update, --set-as-default, or --report.

--set-as-default
(Optional) Use this parameter to specify that the credential that is specified by the --credential-name parameter is to be used as the default for the credential type set by the --credential-type parameter. If you set this parameter, the default credentials section of the integration server's server.conf.yaml file is updated with the specified default; for example:
Defaults:
 Credentials:
   mq: 'mymqcredential'
This credential is then used by default for the specified credential type (in this case, mq) when no credential name was specified.

If you do not specify this parameter, you must specify either --create, --update, --delete, or --report.

You cannot set the --set-as-default parameter in conjunction with the --ext-vault-dir parameter.

--export / import
(Optional). Use --export to export the selected credential(s) from the vault into a zip archive file. Use --import to import the selected credential(s) from a zip archive file into the vault.

Credentials cannot be exported from the vault if the --vault-options no-export parameter was set when the vault containing the credentials was created (by the mqsivault command). For more information, see mqsivault command.

--credential-name credentialName
(Optional) The name of the credential.
--credential-type credentialType
(Optional) This parameter specifies the credential type, which relates to the type of resource that is connected to by the integration server:
  • amazoncloudwatch:

    Specify this value to set credentials for authenticating a connection to Amazon CloudWatch.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon CloudWatch account.

  • amazondynamodb:

    Specify this value to set credentials for authenticating a connection to Amazon DynamoDB.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon DynamoDB account.

  • amazonec2:

    Specify this value to set credentials for authenticating a connection to Amazon EC2.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon EC2 account.

  • amazoneventbridge:

    Specify this value to set credentials for authenticating a connection to Amazon EventBridge.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon EventBridge account.

  • amazonkinesis:

    Specify this value to set credentials for authenticating a connection to Amazon Kinesis.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon Kinesis account.

  • amazonlambda:

    Specify this value to set credentials for authenticating a connection to AWS Lambda.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an AWS Lambda account.

  • amazonrds:

    Specify this value to set credentials for authenticating a connection to Amazon RDS.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon RDS account.

  • amazons3:

    Specify this value to set credentials for authenticating a connection to Amazon S3.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon S3 account.

  • amazonses:

    Specify this value to set credentials for authenticating a connection to Amazon SES.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon SES account.

  • amazonsns:

    Specify this value to set credentials for authenticating a connection to Amazon SNS.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon SNS account.

  • amazonsqs:

    Specify this value to set credentials for authenticating a connection to Amazon SQS.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to an Amazon SQS account.

  • anaplan:

    Specify this value to set credentials for authenticating a connection to Anaplan.

    You can use the following parameters to specify the credentials for connecting to an Anaplan account:
    • --auth-type basic, --username userName, and --password password
    • --auth-type oauth, --client-id clientIdentity, --client-secret clientSecret, --access-token accessToken, and --refresh-token refreshToken.
  • asana:

    Specify this value to set credentials for authenticating a connection to Asana.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to an Asana account.

  • azuread:

    Specify this value to set credentials for authenticating a connection to Microsoft Entra ID.

    You can use the following parameters to specify the credentials for connecting to a Microsoft Entra ID account:
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • azureblobstorage:

    Specify this value to set credentials for authenticating a connection to Microsoft Azure Blob storage.

    You can use the following parameters to specify the credentials for connecting to a Microsoft Azure Blob storage account:
    • --auth-type client --client-id clientIdentity and --client-secret clientSecret
    • --auth-type apiKey and --api-key apiKey
  • bamboohr:

    Specify this value to set credentials for authenticating a connection to BambooHR.

    You can use the --api-key apiKey parameter to specify the credentials for connecting to a BambooHR account.

  • box:

    Specify this value to set credentials for authenticating a connection to Box.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Box account.

  • calendly:

    Specify this value to set credentials for authenticating a connection to Calendly.

    You can use the following parameters to specify the credentials for connecting to a Calendly account:
    • --auth-type apiKey and --api-key apiKey
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • cd:

    Specify this value to set credentials for connecting an IBM Sterling Connect:Direct CDOutput node to its Connect:Direct server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Connect:Direct server.

  • cdc:

    Specify this value to set credentials for a Change Data Capture node.

    You can use the --username userName and --password password parameters to specify the credentials for a Change Data Capture node.

  • cics:

    Specify this value to set credentials for connecting a CICSRequest node to a CICS Transaction Server for z/OS server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a CICS Transaction Server for z/OS server. Password is optional.

  • cloudantdb:

    Specify this value to set credentials for authenticating a connection to IBM Cloudant.

    You can use the --username userName --password password and --api-key apiKey parameters to specify the credentials for connecting to an IBM Cloudant account.

  • cmis:

    Specify this value to set credentials for authenticating a connection to CMIS.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a CMIS account.

  • confluence:

    Specify this value to set credentials for authenticating a connection to Confluence.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Confluence account.

  • coupa:

    Specify this value to set credentials for authenticating a connection to Coupa.

    You can use the --api-key apiKey parameter to specify the credentials for connecting to a Coupa account.

  • docusign:

    Specify this value to set credentials for authenticating a connection to DocuSign.

    You can use the following parameters to specify the credentials for connecting to a DocuSign account:
    • --auth-type basicRSA --username userName --api-key apiKey --private-key privateKey
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken
  • dropbox:

    Specify this value to set credentials for authenticating a connection to Dropbox.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Dropbox account.

  • eis:

    Specify this value to set credentials for connecting to an external Enterprise Information System (EIS), such as SAP, Siebel, JD Edwards, or PeopleSoft.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an EIS.

  • elk:

    Specify this value to set credentials for connecting to an Elasticsearch, Logstash, and Kibana (ELK) server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an ELK server.

  • email:

    Specify this value to set credentials for connecting to an email server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an email server.

    Alternatively, if you are using OAuth, use the --client-id EmailId and --access-token accessToken parameters to specify the credentials for connecting to an email server.

  • eventbrite:

    Specify this value to set credentials for authenticating a connection to Eventbrite.

    You can use the --access-token accessToken parameter to specify the credentials for connecting to an Eventbrite account.

  • expensify:

    Specify this value to set credentials for authenticating a connection to Expensify.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an Expensify account.

  • filenet:

    Specify this value to set credentials for authenticating a connection to IBM FileNet Content Manager.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an IBM FileNet Content Manager account.

  • flexengage:

    Specify this value to set credentials for authenticating a connection to flexEngage.

    You can use the --client-id clientIdentity and --client-secret clientSecret parameters to specify the credentials for connecting to a flexEngage account.

  • ftp:

    Specify this value to set credentials for connecting to an FTP server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an FTP server.

  • github:

    Specify this value to set credentials for authenticating a connection to GitHub.

    You can use the following parameters to specify the credentials for connecting to a GitHub account:
    • --auth-type privateKey and --private-key privateKey
    • --auth-type accessKeyId and --access-key-id accessKeyId
  • gitlab:

    Specify this value to set credentials for authenticating a connection to GitLab.

    You can use the following parameters to specify the credentials for connecting to a GitLab account:
    • --auth-type accessToken and --access-token accessToken
    • --auth-type basicClientId --user-name userName password password --client-id clientId --client-secret clientSecret
  • gmail:

    Specify this value to set credentials for authenticating a connection to Gmail.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Gmail account.

  • googleanalytics:

    Specify this value to set credentials for authenticating a connection to Google Analytics.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Google Analytics account.

  • googlebigquery:

    Specify this value to set credentials for authenticating a connection to Google Cloud BigQuery.

    You can use the --private-key privateKey and --client-email clientEmail parameters to specify the credentials for connecting to a Google Cloud BigQuery account.

  • googlecalendar:

    Specify this value to set credentials for authenticating a connection to Google Calendar.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Google Calendar account.

  • googlechat:

    Specify this value to set credentials for authenticating a connection to Google Chat.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Google Chat account.

  • googlecloudstorage:

    Specify this value to set credentials for authenticating a connection to Google Cloud Storage.

    You can use the --secret-access-key secretAccessKey and --access-key-id accessKeyID parameters to specify the credentials for connecting to a Google Cloud Storage account.

  • googlecontacts:

    Specify this value to set credentials for authenticating a connection to Google Contacts.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Google Contacts account.

  • googledrive:

    Specify this value to set credentials for authenticating a connection to Google Drive.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Google Drive account.

  • googlegroups:

    Specify this value to set credentials for authenticating a connection to Google Groups.

    You can use the following parameters to specify the credentials for connecting to a Google Groups account:
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken
    • --auth-type apiClientEmailUsername --username userName --api-key apiKey --client-email clientEmail
  • googlepubsub:

    Specify this value to set credentials for authenticating a connection to Google Cloud Pub/Sub.

    You can use the --private-key privateKey and --client-email clientEmail parameters to specify the credentials for connecting to a Google Cloud Pub/Sub account.

  • googlesheet:

    Specify this value to set credentials for authenticating a connection to Google Sheets.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Google Sheets account.

  • googletasks:

    Specify this value to set credentials for authenticating a connection to Google Tasks.

    You can use the following parameters to specify the credentials for connecting to a Google Tasks account:
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken
    • --auth-type apiClientEmailUsername --username userName --api-key apiKey --client-email clientEmail
  • googletranslate:

    Specify this value to set credentials for authenticating a connection to Google Translate.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Google Translate account.

  • greenhouse:

    Specify this value to set credentials for authenticating a connection to Greenhouse.

    You can use the --api-key apiKey parameter to specify the credentials for connecting to a Greenhouse account.

  • http:

    Specify this value to set credentials for static ID identity propagation with SOAP or HTTP request nodes (SOAPRequest, SOAPAsyncRequest, HTTPRequest, and HTTPAsyncRequest nodes).

    You can use the following parameters to specify the credentials for an HTTP connection:
    • --auth-type basic --username userName --password password
    • --auth-type basicApiKey --username userName --password password --api-key apiKey
    • --auth-type apiKey --api-key apiKey

    You can use the --username userName and --password password parameters to specify the credentials for SOAP or HTTP request nodes.

    Alternatively, you can use the --username userName, --password password, and --api-key apiKey parameters to specify the credentials for HTTPRequest and HTTPAyncRequest nodes.

  • httpproxy:

    Specify this parameter to set credentials for connecting to a secured HTTP proxy server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an HTTP server.

  • hubspotcrm:

    Specify this value to set credentials for authenticating a connection to HubSpot CRM.

    You can use the following parameters to specify the credentials for connecting to a HubSpot CRM account:
    • --auth-type privateKey --private-key privateKey
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken --refresh-token refreshToken
  • hubspotmarketing:

    Specify this value to set credentials for authenticating a connection to HubSpot Marketing.

    You can use the following parameters to specify the credentials for connecting to a HubSpot Marketing account.

    • --auth-type privateKey --private-key privateKey
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken --refresh-token refreshToken
  • ibmcoss3:

    Specify this value to set credentials for authenticating a connection to IBM Cloud Object Storage S3.

    You can use the following parameters to specify the credentials for connecting to an IBM Cloud Object Storage S3 account:
    • --auth-type apiKey --api-key apiKey
    • --auth-type secretAccessApiKey --api-key apiKey --secret-access-key secretAccessKey --access-key-id accessKeyId
  • ibmewm:

    Specify this value to set credentials for authenticating a connection to IBM Engineering Workflow Management.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an IBM Engineering Workflow Management account.

  • ibmopenpages:

    Specify this value to set credentials for authenticating a connection to IBM OpenPages with Watson.

    You can use the following parameters to specify the credentials for connecting to an IBM OpenPages with Watson account:
    • --auth-type basic --username userName and --password password
    • --auth-type publicPrivateKeyPair --private-key privateKey and --public-key publicKey
  • ibmsterlingiv:

    Specify this value to set credentials for authenticating a connection to IBM Sterling Inventory Visibility.

    You can use the --client-id clientIdentity and --client-secret clientSecret parameters to specify the credentials for connecting to an IBM Sterling Inventory Visibility account.

  • ibmsterlingsci:

    Specify this value to set credentials for authenticating a connection to IBM Supply Chain Intelligence Suite.

    You can use the following parameters to specify the credentials for connecting to an IBM Supply Chain Intelligence Suite account:
    • --auth-type clientUsername --user-name userName password password --client-id clientId
    • --auth-type apiClientId --api-key apiKey --client-id clientId
  • ibmtwc:

    Specify this value to set credentials for authenticating a connection to IBM Weather Company Data Limited Edition.

    You can use the --api-key apiKey parameter to specify the credentials for connecting to an IBM Weather Company Data Limited Edition account.

  • ift:

    Specify this value to set credentials for authenticating a connection to IBM Food Trust.

    You can use the --api-key apiKey and --client-id clientId parameters to specify the credentials for connecting to an IBM Food Trust account.

  • ims:

    Specify this value to set credentials for connecting from an IMSRequest node to the IMS server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an IMS server.

  • jdbc:

    Specify this value to set credentials for a JDBC type 4 connection.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a JDBC resource.

  • jenkins:

    Specify this value to set credentials for authenticating a connection to Jenkins.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Jenkins account.

  • jira:

    Specify this value to set credentials for authenticating a connection to Jira.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Jira account.

  • jms:

    Specify this value to set credentials for connecting to JMS resource.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a JMS resource.

  • jndi:

    Specify this value to set credentials for connecting to a JNDI resource.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a JNDI resource.

  • kafka:

    Specify this value to set credentials for connecting to a secured Kafka cluster.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Kafka cluster.

  • kerberos:

    Specify this value to set credentials for connecting to the Kerberos Key Distribution Center (KDC).

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Kerberos KDC.

  • keystore:

    Specify this value to set credentials for opening the web user interface keystore.

    You can use the --password password parameter to specify the credentials for opening the web user interface keystore.

  • keystorekey:

    Specify this value to set credentials for opening a key inside the web user interface keystore.

    You can use the --password password parameter to specify the credentials for opening the key inside the keystore (for use when the key inside the keystore is protected by a password that is different from the password that is used to open the keystore).

  • kronos:

    Specify this value to set credentials for authenticating a connection to UKG (Ultimate Kronos Group).

    You can use the --username userName --password password --api-key apiKey --client-id clientIdentity and --client-secret clientSecret parameters to specify the credentials for connecting to a UKG account.

  • ldap:

    Specify this value to set Lightweight Directory Access Protocol (LDAP) bind credentials.

    You can use the --username userName and --password password parameters to specify the credentials for binding to an LDAP server.

  • local

    Specify this value when using a security profile with an authentication type of 'Local' to authenticate against a set of stored static credentials. You can use the --username and --password parameters to specify the credentials to authenticate against.

    If you need an input node in a message flow to authenticate against a locally stored credential, you can create a Security Profiles policy that uses locally stored credentials for authentication. For more information see, Configuring a message flow for identity propagation.

    If you want a Request node or an Output node to use a locally stored credential, you must provide the identity that it can use to authenticate to the remote server. For more information see, Creating a security profile for using locally stored credentials.

  • loopback:

    Specify this value to set credentials for a connection that is made through a LoopBack® connector.

    You can use the following parameters to specify the credentials for connecting through a LoopBack connector:
    • --auth-type basic, --username userName, and --password password
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
  • magento:

    Specify this value to set credentials for authenticating a connection to Magento.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Magento account.

  • mailchimp:

    Specify this value to set credentials for authenticating a connection to MailChimp.

    You can use the --access-token accessToken parameter to specify the credentials for connecting to a MailChimp account.

  • marketo:

    Specify this value to set credentials for authenticating a connection to Marketo.

    You can use the --client-id clientIdentity and --client-secret clientSecret parameters to specify the credentials for connecting to a Marketo account.

  • maximo:

    Specify this value to set credentials for authenticating a connection to IBM Maximo.

    You can use the following parameters to specify the credentials for connecting to an IBM Maximo account:
    • --auth-type basicWebsphere --username userName --password password --websphere-username websphereUserName and --websphere-password webspherePassword
    • --auth-type apiKeyWebsphere --api-key apiKey --websphere-username websphereUserName and --websphere-password webspherePassword
    • --auth-type basic --username userName and --password password
    • --auth-type apiKey and --api-key apiKey
  • mondaydotcom:

    Specify this value to set credentials for authenticating a connection to monday.com.

    You can use the --api-key apiKey parameter to specify the credentials for connecting to a monday.com account.

  • mq:

    Specify this value to set credentials for connecting to a secured IBM MQ queue manager.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an IBM MQ queue manager.

  • mqtt:

    Specify this value to set credentials for connecting to a secured external MQTT server, which the integration server uses to publish its event messages.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an external MQTT server.

  • msad:

    Specify this value to set credentials for authenticating a connection to Microsoft Active Directory.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to a Microsoft Active Directory account.

  • msdynamicscrmrest:

    Specify this value to set credentials for authenticating a connection to Microsoft Dynamics 365 for Sales.

    You can use the following parameters to specify the credentials for connecting to a Microsoft Dynamics 365 for Sales account:
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • msdynamicsfando:

    Specify this value to set credentials for authenticating a connection to Microsoft Dynamics 365 for Finance and Operations.

    You can use the --username userName --password password --client-id clientIdentity and --client-secret clientSecret parameters to specify the credentials for connecting to a Microsoft Dynamics 365 for Finance and Operations account.

  • msexcel:

    Specify this value to set credentials for authenticating a connection to Microsoft Excel Online.

    You can use the following parameters to specify the credentials for connecting to a Microsoft Excel Online account:
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • msexchange:

    Specify this value to set credentials for authenticating a connection to Microsoft Exchange.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Microsoft Exchange account.

  • msonedrive:

    Specify this value to set credentials for authenticating a connection to Microsoft OneDrive for Business.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Microsoft OneDrive for Business account.

  • msonenote:

    Specify this value to set credentials for authenticating a connection to Microsoft OneNote.

    You can use the following parameters to specify the credentials for connecting to a Microsoft OneNote account:
    • --auth-type basicClientId --username userName and --password password --client-id clientIdentity --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • mspowerbi:

    Specify this value to set credentials for authenticating a connection to Microsoft Power BI.

    You can use the following parameters to specify the credentials for connecting to a Microsoft Power BI account:
    • --auth-type basicClientId --username userName and --password password --client-id clientIdentity --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
    • --auth-type client --client-id clientIdentity --client-secret clientSecret
  • mssharepoint:

    Specify this value to set credentials for authenticating a connection to Microsoft SharePoint.

    You can use the following parameters to specify the credentials for connecting to a Microsoft SharePoint account:
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
    • --auth-type basic --username userName and --password password
  • msteams:

    Specify this value to set credentials for authenticating a connection to Microsoft Teams.

    You can use the --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken parameters to specify the credentials for connecting to a Microsoft Teams account.

  • mstodo:

    Specify this value to set credentials for authenticating a connection to Microsoft To Do.

    You can use the following parameters to specify the credentials for connecting to a Microsoft To Do account:
    • --auth-type basicClientId --username userName and --password password --client-id clientIdentity --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • odbc:

    Specify this value to set credentials for an Open Database Connectivity (ODBC) data source name (DSN) that is accessed from a message flow.

    You can use the --username userName and --password password parameters to specify the credentials for accessing an ODBC DSN from a message flow.

  • odm:

    Specify this value to set credentials for an IBM Operational Decision Manager (ODM) Rule Execution Server that is accessed from a message flow by using an ODM Server policy.

    You can use the --username userName and --password password parameters to specify the credentials for accessing an ODM Rule Execution Server from a message flow.

  • oracleebs:

    Specify this value to set credentials for authenticating a connection to Oracle E-Business Suite.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an Oracle E-Business Suite account.

  • oraclehcm:

    Specify this value to set credentials for authenticating a connection to Oracle Human Capital Management.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an Oracle Human Capital Management account.

  • rest:

    Specify this value to set credentials for authenticating a connection to an external REST API.

    You can use the following parameters to specify the credentials for connecting to an external REST API:
    • --auth-type apiKey and --api-key apiKey
    • --auth-type basic --username userName and --password password
    • --auth-type basicApiKey --api-key apiKey --username userName and --password password
  • salesforce:

    Specify this value to set credentials for authenticating a connection to Salesforce.

    You can use the following parameters to specify the credentials for accessing a Salesforce account:
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • salesforceae:

    Specify this value to set credentials for authenticating a connection to Salesforce Account Engagement.

    You can use the following parameters to specify the credentials for connecting to a Salesforce Account Engagement account:
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • salesforcemc:

    Specify this value to set credentials for authenticating a connection to Salesforce Marketing Cloud.

    You can use the following parameters to specify the credentials for accessing a Salesforce Marketing Cloud account:
    • --auth-type client --client-id clientIdentity and --client-secret clientSecret
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken and --refresh-token refreshToken.
  • sapariba:

    Specify this value to set credentials for authenticating a connection to SAP Ariba.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to SAP Ariba.

  • sapodata:

    Specify this value to set credentials for authenticating a connection to SAP OData.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to SAP OData.

  • sapsuccessfactors:

    Specify this value to set credentials for authenticating a connection to SAP SuccessFactors.

    You can use the following parameters to specify the credentials for connecting to a SAP SuccessFactors account:
    • --auth-type basic --username userName --password password
    • --auth-type accessClientKey --client-id clientIdentity --client-secret clientSecret and --access-key-id accessKeyId.
  • servicenow:

    Specify this value to set credentials for authenticating a connection to ServiceNow.

    You can use the following parameters to specify the credentials for accessing a ServiceNow account:
    • --auth-type basic --username userName and --password password
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
  • sfcommerceclouddata:

    Specify this value to set credentials for authenticating a connection to Salesforce Commerce Cloud Digital Data.

    You can use the --client-id clientIdentity and --client-secret clientSecret parameters to specify the credentials for connecting to Salesforce Commerce Cloud Digital Data.

  • sftp:

    Specify this value to set credentials for authenticating a connection to an SFTP server.

    To access an SFTP server, you must specify either the --password password or --ssh-identity-file identityFile parameter, but not both. If you specify an identity file, you must also specify a passphrase by using the --passphrase parameter. If the identify file does not require a passphrase, you must supply an empty passphrase.

  • shopify:

    Specify this value to set credentials for authenticating a connection to Shopify.

    You can use the following parameters to specify the credentials for connecting to a Shopify account:
    • --auth-type accessToken --access-token accessToken
    • --auth-type clientAccessToken --client-id clientIdentity --client-secret clientSecret and --access-token accessToken.
  • slack:

    Specify this value to set credentials for authenticating a connection to Slack.

    You can use the --access-token accessToken parameter to specify the credentials for connecting to Slack.

  • smtp:

    Specify this value to set credentials for authenticating a connection to an SMTP server.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to an SMTP server.

    Alternatively, if you are using OAuth, use the --client-id EmailId and --access-token accessToken parameters to specify the credentials for connecting to an SMTP server.

  • snowflake:

    Specify this value to set credentials for authenticating a connection to Snowflake.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to Snowflake.

  • soap:

    Specify this value to set credentials for static ID identity propagation with SOAP request and reply nodes when using WS-Security while connecting to or replying from a web service (SOAPRequest, SOAPAsyncRequest, and SOAPReply nodes).

    You can use the --username userName and --password password parameters to specify the credentials for these connections.

  • square:

    Specify this value to set credentials for authenticating a connection to Square.

    You can use the following parameters to specify the credentials for connecting to a Square account.

    • --auth-type apiKey --api-key apiKey
    • --auth-type oauth --client-id clientIdentity --client-secret clientSecret --access-token accessToken --refresh-token refreshToken
  • surveymonkey:

    Specify this value to set credentials for authenticating a connection to SurveyMonkey.

    You can use the --access-token accessToken parameter to specify the credentials for connecting to SurveyMonkey.

  • trello:

    Specify this value to set credentials for authenticating a connection to Trello.

    You can use the --client-id clientIdentity and --access-token accessToken parameters to specify the credentials for connecting to Trello.

  • truststore:

    Specify this value to set credentials for connecting to an integration server truststore.

    You can use the --password password parameter to specify the credentials for connecting to a truststore.

  • truststorekey:

    Specify this value to set credentials for opening a key inside the integration server truststore.

    You can use the --password password parameter to specify the credentials for opening the key inside the truststore (for use when the key inside the truststore is protected by a password that is different from the password that is used to open the truststore).

  • twilio:

    Specify this value to set credentials for authenticating a connection to Twilio.

    You can use the --username userName and --password password parameters to specify the credentials for connecting to Twilio.

  • watsondiscovery:

    Specify this value to set credentials for authenticating a connection to IBM Watson Discovery.

    You can use the --username userName, --password password, and --api-key apiKey parameters to specify the credentials for connecting to an IBM Watson Discovery account.

  • wordpress:

    Specify this value to set credentials for authenticating a connection to WordPress.

    You can use the --access-token accessToken parameter to specify the credentials for connecting to a WordPress account.

  • wsrr:

    Specify this value to set credentials for connecting to a WebSphere Service Registry and Repository

    You can use the --username userName and --password password parameters to specify the credentials for accessing a WebSphere Service Registry and Repository.

  • wufoo:

    Specify this value to set credentials for authenticating a connection to Wufoo.

    You can use the --api-key apiKey parameter to specify the credentials for connecting to a Wufoo account.

  • wxs:

    Specify this value to set credentials for connecting to a secure WebSphere eXtreme Scale grid.

    You can use the --username userName and --password password parameters to specify the credentials for accessing a WebSphere eXtreme Scale grid.

  • yammer:

    Specify this value to set credentials for authenticating a connection to Microsoft Viva Engage.

    You can use the --access-token accessToken parameter to specify the credentials for connecting to Microsoft Viva Engage.

  • yapily:

    Specify this value to set credentials for authenticating a connection to Yapily.

    You can use the --api-key apiKey, --access-token accessToken, and --secret-access-key secretAccessKey parameters to specify the credentials for connecting to a Yapily account.

  • zendeskservice:

    Specify this value to set credentials for authenticating a connection to Zendesk Service.

    You can use the following parameters to specify the credentials for accessing a Zendesk Service account:
    • --auth-type basicClientId --username userName --password password --client-id clientIdentity and --client-secret clientSecret
    • --auth-type basic --username userName and --password password
    • --auth-type accessToken and --access-token accessToken
    • --auth-type usernameApiKey --username userName and --api-key apiKey
--archive-location archiveLocation
(Optional) The location of the zip archive file to be imported from or exported to.
--archive-key archiveKey
(Optional) The password required to access the --archive-location.
--vault-key vaultKey
(Optional) The vault key that is used to access the vault where the credential is stored. You can specify either the --vault-key, --ext-vault-key, or --vaultrc-location parameter, or you can set the MQSI_VAULT_KEY, MQSI_EXT_VAULT_KEY, or MQSI_VAULTRC_LOCATION environment variable. If you specify none of these, the .mqsivaultrc file is looked for in your HOME directory.
--ext-vault-key externalDirectoryVaultKey
(Optional) The vault key that is used to access the external directory vault where the credential is stored. You can specify either the --ext-vault-key, --vault-key, or --vaultrc-location parameter, or you can set the MQSI_EXT_VAULT_KEY, MQSI_VAULT_KEY, or MQSI_VAULTRC_LOCATION environment variable. If you specify none of these, the .mqsivaultrc file is looked for in your HOME directory.
--vaultrc-location mqsivaultrc_file_location
(Optional) The location of the .mqsivaultrc file that contains the vault key. You can specify either the --vaultrc-location, --vault-key, or --ext-vault-key parameter, or you can set the MQSI_VAULTRC_LOCATION, MQSI_VAULT_KEY, or MQSI_EXT_VAULT_KEY environment variable. If you specify none of these, the .mqsivaultrc file is looked for in your HOME directory.
--username userId
(Optional) The user ID to be associated with this resource.
--password password
(Optional) The password to be associated with this resource.

If you specify a password by using the --password parameter and the password includes characters that have special meaning to the command shell, you must use quotation marks around the password or escape the characters. Use single quotation marks on Linux and AIX systems. Use double quotation marks on Windows systems. For a full list of reserved characters, and the rules that are associated with those characters when you use quotation marks and escape characters, see the documentation that is supplied with the shell.

However, you can avoid the need to use quotation marks or to escape special characters if you omit to specify a password with the --password parameter. If you specify the parameter with no password, you are prompted to enter a password during the invocation of the command. The password that you specify after being prompted can include characters that have special meaning to the command shell with no need for you to use quotation marks or to escape these characters.

--client-id clientIdentity
This parameter specifies either of the following values:
  • (Optional) The name of the consumer key of your Salesforce Connected App to be used for authentication with Salesforce systems
  • (Optional) The name of the client ID of your connected LoopBack application to be used for authentication with LoopBack connectors
--client-secret clientSecret
This parameter specifies either of the following values:
  • (Optional) The consumer secret of your Salesforce Connected App to be used for authentication with Salesforce systems.
  • (Optional) The client secret of your connected LoopBack application to be used for authentication with LoopBack connectors.
--api-key apiKey
(Optional) The API key to be used for authentication with REST APIs. You can specify only a REST API key to be used for authentication, or you can specify a REST API key together with a user ID and password.
--ssh-identity-file identityFile
(Optional) The name of an identity file, in PEM format, to be used for authentication with SFTP in place of a password. You must specify either a password or an identity file, but not both. If you specify an identity file, you can also specify a passphrase with the --passphrase parameter.
--passphrase passphrase
(Optional) The passphrase that is used for authentication with SFTP. This parameter is valid only when the --ssh-identity-file parameter is also specified. The passphrase is used during decryption of the identity file.
--trace traceFileName
(Optional) This parameter writes debug trace information about the command to the specified output file.

Examples

The following examples show the setting of security credentials by using the mqsicredentials command:

ODBC Data source names

The following examples show the use of the mqsicredentials command to associate credentials for ODBC connections:

Create ODBC credentials on integration server myIntegrationServer1, which is managed by integration node myIntegrationNode1, when the integration node and server are running:
mqsicredentials myIntegrationNode1 --create --integration-server myIntegrationServer1 
--credential-type odbc --credential-name myDSN1 --username user1 --password myPassword1
Create ODBC credentials on integration server myIntegrationServer1, which is managed by integration node myIntegrationNode1, when the integration node or server is stopped:
mqsicredentials myIntegrationNode1 --create --integration-server myIntegrationServer1 --vault-key
AAIAmAVaultKey 
--credential-type odbc --credential-name myDSN1 --username user1 --password myPassword1
Delete ODBC credentials on integration server myIntegrationServer1, which is managed by integration node myIntegrationNode1: 
mqsicredentials myIntegrationNode1 --delete --integration-server myIntegrationServer1 
--vault-key myVaultKey --credential-type odbc --credential-name myDSN1

You can delete the credentials only when the integration node is stopped, and you must specify a vault key.

LDAP servers

Create credentials on integration node myIntegrationNode1 to access LDAP:
mqsicredentials myIntegrationNode1 --create --credential-type ldap --credential-name adminAuthentication 
--password myPassword1

Salesforce servers

Create credentials for all integration servers managed by the specified integration node to access Salesforce:
mqsicredentials -i localHost -p 4416 --all-integration-servers --create  --credential-type salesforce 
--credential-name mySF --username sfuser1 --password mysfpassword --client-id myclientid --client-secret myclientsecret

Authenticating incoming requests

You can use the local credentials for a configured alias name in the integration server's vault to authenticate incoming requests. For example:
Create a credential of type 'local' on the independent integration server work directory c:\mywrk\myaceworkdir to authenticate against when used with a security profile that has an authentication type of 'Local' and authenticationConfig of 'LocalCredentialsAlias':
mqsicredentials --work-dir c:\mywrk\myaceworkdir --create --vault-key abcd1234 --credential-type local 
--credential-name LocalCredentialsAlias --username SecUserName --password SecPwd

For more information about authenticating incoming requests, see Authenticating incoming requests by using credentials stored in the vault.