Creating password aliases in the password map

A password map alias provides the mapping of an alias to plaintext password.

About this task

Each domain has a password map. With an alias, you keep the real password a secret because its plaintext value is stored in an encrypted file. The passwords in a password map are extracted by the DataPower® Gateway when necessary.

Attention: When you create an application domain, the password map configuration for this domain inherits any defined password aliases from the default domain.
  • If you do not need these password aliases in this application domain, delete them.
  • If password aliases in the default domain are added or deleted or the password changes for a password alias, the password aliases in the application domain are not added, deleted, or changed. You must independently manage the password map in each domain after initial creation.
With a password map, the following behavior applies.
  • The alias is a publicly known reference and included in configuration files and exports.
  • The password for the alias cannot be viewed or accessed by anyone. Only the DataPower Gateway can extract the password that it uses internally.
  • No passwords in a map are written to configuration files.
  • The password-to-alias map is not part of a backup or export operation.
  • The password-to-alias map is part of the secure backup-restore operations.

When a configuration uses an alias instead of a password, the alias must be defined in the password map.


  1. In the search field, enter Password.
  2. From the search results, click Password Map Alias.
  3. Click Add or New.
  4. Define the basic properties: Name, administrative state, and descriptive summary.
  5. In the Password fields, enter the plaintext password to alias.
  6. Click Apply to save the changes to the running configuration.
  7. Click Save Configuration or Save changes to save the changes to the persisted configuration.