BetterCredentials icon indicating copy to clipboard operation
BetterCredentials copied to clipboard
verified publisher icon Jaykul

Support -Target in Get-Credential

Open brianmccarty opened this issue 7 years ago • 3 comments

In Set-Credential you can specify the -target attribute, it would be nice to support -target in Get-Credential as well.

This would allow setting the target as some short name, and allow easy get requests of the short target name vs username. Mainly for use from CLI.

For example I may want to request the credentials for a client Office 365 login with a username of [email protected] but would set the target to compa and be able to easy recall it with get-credential -target compa

brianmccarty avatar May 26 '18 04:05 brianmccarty

The problem is that when you say $c = Get-Credential -UserName [email protected] -Store, you get a stored credential whose target name is MicrosoftPowerShell:[email protected]. When you say Set-Credential -Credential $c -Target MyTarget, you get a credential whose target name is LegacyGeneric:target=MyTarget. Get-Credential can't find it because it uses [CredentialManagement.Store]::Load to retrieve the credential, and the latter uses FixTarget to prepend MicrosoftPowerShell:user= to the UserName parameter to construct the target name. See CredentialManagement.cs.

You could say $c = Get-Credential -UserName compa -Store but then would have to keep track of the actual user name separately. You could also say Find-Credential '' | Where-Object {$_.Target -match 'MyTarget'} and get the actual user name from the UserName property.

I think the idea of FixTarget is to have a separate namespace for credentials being managed by BetterCredentials. The Target parameter of Set-Credential overrides this. Adding a Target parameter to Get-Credential that similarly overrode FixTarget processing would also address your concern, but with the caveat that name collisions might then be an issue. I'm not sure at this point what I would recommend without putting more thought into it.

jaspain avatar May 27 '18 01:05 jaspain

I'd use the Target parameter for something generic. e.g. -Target Office365

This what I could do a Set-Credentials -Target Office365 in my terminal and use Get-Credentials -Target Office365 in my scripts. If I distribute the scripts, I can just indicate that the Office365 target needs to be set, without tying it all down to my specific username.

metamoof avatar Jun 18 '18 16:06 metamoof

Maybe my use case doesn't match up with the purpose of the module. I currently use the module CredentialManager, but would prefer to not have the DLLs and use the scripts as in this module. I've got about 75 clients that I use the StoredCredentials to login to their Office365

brianmccarty avatar Jun 18 '18 16:06 brianmccarty