Class: ProgrammaticCredential
The Programmatic Credential object describes service-specific credentials used
for direct API access and system integration. These credentials are typically
issued by individual services or platforms for accessing their APIs and
resources, focusing on credential lifecycle management and usage tracking.
Examples include API keys, service account keys, client certificates, and
vendor-specific access tokens.
URI: ocsf:ProgrammaticCredential
classDiagram
class ProgrammaticCredential
click ProgrammaticCredential href "../ProgrammaticCredential/"
Object <|-- ProgrammaticCredential
click Object href "../Object/"
ProgrammaticCredential : last_used_time
ProgrammaticCredential : type
ProgrammaticCredential : uid
Inheritance
- OcsfObject
- Object
- ProgrammaticCredential
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| last_used_time | 0..1 TimestampT |
The timestamp when this programmatic credential was last used for | direct |
| type | 0..1 recommended String |
The type or category of programmatic credential, normalized to the caption of | direct |
| uid | 1 String |
The unique identifier of the programmatic credential | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| IdentityActivityMetrics | programmatic_credentials | range | ProgrammaticCredential |
| User | programmatic_credentials | range | ProgrammaticCredential |
In Subsets
Aliases
- Programmatic Credential
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:ProgrammaticCredential |
| native | ocsf:ProgrammaticCredential |
LinkML Source
Direct
name: ProgrammaticCredential
description: 'The Programmatic Credential object describes service-specific credentials
used
for direct API access and system integration. These credentials are typically
issued by individual services or platforms for accessing their APIs and
resources, focusing on credential lifecycle management and usage tracking.
Examples include API keys, service account keys, client certificates, and
vendor-specific access tokens.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Programmatic Credential
is_a: Object
slots:
- last_used_time
- type
- uid
slot_usage:
last_used_time:
name: last_used_time
description: 'The timestamp when this programmatic credential was last used for
authentication or API access. This helps track credential usage patterns,
identify dormant credentials that may pose security risks, and support
credential lifecycle management. The timestamp should reflect the most recent
successful authentication or API call using this credential.'
type:
name: type
description: 'The type or category of programmatic credential, normalized to the
caption of
the type_id value. In the case of ''Other'', it is defined by the event source.
Examples include ''API Key'', ''Service Account Key'', ''Access Token'', ''Client
Certificate'', ''OAuth Token'', ''Personal Access Token'', etc.'
recommended: true
uid:
name: uid
description: 'The unique identifier of the programmatic credential. This could
be an API key
ID, service account key ID, access token identifier, certificate serial number,
or other unique identifier that distinguishes this credential from others.
Examples: AWS Access Key ID, GCP Service Account Key ID, Azure Application ID,
or OAuth2 token identifier.'
required: true
Induced
name: ProgrammaticCredential
description: 'The Programmatic Credential object describes service-specific credentials
used
for direct API access and system integration. These credentials are typically
issued by individual services or platforms for accessing their APIs and
resources, focusing on credential lifecycle management and usage tracking.
Examples include API keys, service account keys, client certificates, and
vendor-specific access tokens.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Programmatic Credential
is_a: Object
slot_usage:
last_used_time:
name: last_used_time
description: 'The timestamp when this programmatic credential was last used for
authentication or API access. This helps track credential usage patterns,
identify dormant credentials that may pose security risks, and support
credential lifecycle management. The timestamp should reflect the most recent
successful authentication or API call using this credential.'
type:
name: type
description: 'The type or category of programmatic credential, normalized to the
caption of
the type_id value. In the case of ''Other'', it is defined by the event source.
Examples include ''API Key'', ''Service Account Key'', ''Access Token'', ''Client
Certificate'', ''OAuth Token'', ''Personal Access Token'', etc.'
recommended: true
uid:
name: uid
description: 'The unique identifier of the programmatic credential. This could
be an API key
ID, service account key ID, access token identifier, certificate serial number,
or other unique identifier that distinguishes this credential from others.
Examples: AWS Access Key ID, GCP Service Account Key ID, Azure Application ID,
or OAuth2 token identifier.'
required: true
attributes:
last_used_time:
name: last_used_time
description: 'The timestamp when this programmatic credential was last used for
authentication or API access. This helps track credential usage patterns,
identify dormant credentials that may pose security risks, and support
credential lifecycle management. The timestamp should reflect the most recent
successful authentication or API call using this credential.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Last Used Time
rank: 1000
alias: last_used_time
owner: ProgrammaticCredential
domain_of:
- PrivilegeInfo
- ProgrammaticCredential
- ServicePrivilegeAnalysis
range: TimestampT
type:
name: type
description: 'The type or category of programmatic credential, normalized to the
caption of
the type_id value. In the case of ''Other'', it is defined by the event source.
Examples include ''API Key'', ''Service Account Key'', ''Access Token'', ''Client
Certificate'', ''OAuth Token'', ''Personal Access Token'', etc.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Type
rank: 1000
alias: type
owner: ProgrammaticCredential
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- PrivilegeInfo
- ProgrammaticCredential
- RelatedEvent
- San
- Sbom
- Script
- SoftwareComponent
- StartupItem
- ThreatActor
- Ticket
- Timespan
- TlsExtension
- Token
- Dns
- Resource
- Account
- Agent
- Analytic
- ApplicationObject
- AuthenticationToken
- ClassifierDetails
- Cve
- Database
- Databucket
- DiscoveryDetails
- DnsAnswer
- DomainContact
- EncryptionDetails
- Endpoint
- Enrichment
- File
- Graph
- Group
- Ja4Fingerprint
- Kernel
- ManagedEntity
- Metadata
- Module
- NetworkEndpoint
- NetworkInterface
- Node
- PeripheralDevice
- Policy
- Rule
- Scan
- Trait
- UnmannedAerialSystem
- UnmannedSystemOperatingArea
- User
- WebResource
- Device
- DatastoreActivity
- FtpActivity
- RegValue
- WinResource
range: string
recommended: true
uid:
name: uid
description: 'The unique identifier of the programmatic credential. This could
be an API key
ID, service account key ID, access token identifier, certificate serial number,
or other unique identifier that distinguishes this credential from others.
Examples: AWS Access Key ID, GCP Service Account Key ID, Azure Application ID,
or OAuth2 token identifier.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: ProgrammaticCredential
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
required: true