Credential aliases for Orchestration activities

Washington DC Platform security

Release

washingtondc

ft:locale

en-US

ft:publication_title

Washington DC Platform security

ft:clusterId

psec

bundleId

psec

workflow

Platform

Credential aliases for Orchestration activities

Release version: Washingtondc

Updated February 5, 2026

1 minute to read

Credential alias gives an administrator more control over the credentials used in Orchestration activities.

This is useful when an activity requires specific credentials to perform a task. You can use a credential tag to assign individual credentials to any activity in a Orchestration workflow or assign different credentials to each occurrence of the same activity type in an Orchestration workflow.

Credential alias interacts with credential affinity to determine which credentials should be used for an Orchestration activity.

How credential alias works

A business rule called Insert Discovery Affinity (renamed from Insert Credential Affinity in the Geneva release) runs when a record is inserted into the ECC Queue. This rule determines whether a credential affinity exists for the device and identifies the proper credential_id (the sys_id of the record in the Credentials [discovery_credentials] table) to use. When the platform encounters an affinity with a credential alias value defined (credential_alias in the business rule), the business rule determines if the credential referenced by the affinity has the specified alias. If it does, the business rule selects the credential_id of the credential alias and passes that value to the MID Server. If the credential does not have the specified credential alias, any other affinities that exist for the target system will be checked. If no affinity references an appropriately tagged credential, the MID Server iterates through the Credentials [discovery_credentials] table and selects the credential with the appropriate tag. The MID Server then creates a new affinity for this credential.