Skip to main content
PUT
/
vault
Update vault entry
curl --request PUT \
  --url https://api.cloudcruise.com/vault \
  --header 'Content-Type: application/json' \
  --header 'cc-key: <api-key>' \
  --data '
{
  "permissioned_user_id": "<string>",
  "domain": "<string>",
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "user_name": "<string>",
  "password": "<string>",
  "tfa_secret": "<string>",
  "user_alias": "<string>",
  "cookies": [
    {
      "name": "<string>",
      "value": "<string>",
      "domain": "<string>",
      "path": "<string>",
      "httpOnly": true,
      "hostOnly": true,
      "secure": true,
      "session": true,
      "storeId": "<string>",
      "sameSite": "<string>",
      "expirationDate": 123
    }
  ],
  "session_storage": {},
  "local_storage": {},
  "persist_session_storage": true,
  "persist_local_storage": true,
  "persist_cookies": true,
  "cookie_domain_to_store": "<string>",
  "allow_multiple_sessions": true,
  "max_concurrency": 2,
  "prevent_concurrency_during_login": true,
  "expiry_time_from_last_use": "<string>",
  "expiry_time_from_session_data_set": "<string>",
  "tfa_method": "AUTHENTICATOR",
  "ip_address": "127.0.0.1",
  "proxy": {
    "enable": true,
    "target_ip": "127.0.0.1"
  }
}
'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "permissioned_user_id": "<string>",
  "user_name": "<string>",
  "password": "<string>",
  "domain": "<string>",
  "user_alias": "<string>",
  "tfa_secret": "<string>",
  "tfa_method": "AUTHENTICATOR",
  "tfa_email": "<string>",
  "tfa_phone_number": "<string>",
  "workspace_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "user_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "session_storage": {},
  "local_storage": {},
  "cookies": [
    {
      "name": "<string>",
      "value": "<string>",
      "domain": "<string>",
      "path": "<string>",
      "httpOnly": true,
      "hostOnly": true,
      "secure": true,
      "session": true,
      "storeId": "<string>",
      "sameSite": "<string>",
      "expirationDate": 123
    }
  ],
  "persist_local_storage": true,
  "persist_cookies": true,
  "persist_session_storage": true,
  "cookie_domain_to_store": "<string>",
  "allow_multiple_sessions": true,
  "max_concurrency": 123,
  "prevent_concurrency_during_login": true,
  "expiry_time_from_last_use": "<string>",
  "expiry_time_from_session_data_set": "<string>",
  "effective_expires_at": "2023-11-07T05:31:56Z",
  "session_data_set_at": "2023-11-07T05:31:56Z",
  "ip_address": "<string>",
  "location": "<string>",
  "proxy_string": "<string>"
}

Authorizations

cc-key
string
header
required

API key-based authentication. Provide your CloudCruise API key in the cc-key header.

Body

application/json

Comprehensive vault entry configuration for a user. Supports multiple authentication methods and persistence options to maintain user sessions across workflow executions. Credentials have to be encrypted with your own encryption key prior to sending to the API. Learn more about how to encrypt credentials here.

permissioned_user_id
string
required

Unique identifier for referencing this vault entry in workflow executions

domain
string<uri>
required

Target domain for vault entry credential (must be a valid URL)

id
string<uuid>

Vault entry ID. Can be provided for updates to identify the entry to modify.

user_name
string | null

Primary encrypted username or email

password
string | null

Encrypted password credential

tfa_secret
string | null

Two-factor authenticator secret key (TOTP). Required when tfa_method is AUTHENTICATOR. This should be encrypted with your encryption key prior to sending to the API, similar to other credentials. The secret is typically provided in base32 format from authenticator apps.

user_alias
string | null

A human readable identifier for the vault entry in the target system

cookies
object[] | null

Cookies to set for this vault entry

session_storage
object

Session storage data to set for this vault entry

local_storage
object

Local storage data to set for this vault entry

persist_session_storage
boolean | null

Whether to maintain session storage across workflow executions

persist_local_storage
boolean | null

Whether to maintain local storage across workflow executions

persist_cookies
boolean | null

Whether to maintain cookies across workflow executions

cookie_domain_to_store
string<uri> | null

Specific domain to use when storing cookies

allow_multiple_sessions
boolean | null

Controls whether the same set of credentials can be used simultaneously across multiple workflow executions. When set to true, multiple workflows can run in parallel using these credentials. When set to false or not specified, only one workflow can use these credentials at a time. We recommend keeping this as false (default) since some websites do not allow multiple active sessions for the same credentials and may invalidate existing sessions if a new one is detected.

max_concurrency
integer | null

Maximum number of concurrent sessions allowed when allow_multiple_sessions is true (null for unlimited)

Required range: x >= 1
prevent_concurrency_during_login
boolean | null

Whether to prevent other sessions from starting while login is in progress

expiry_time_from_last_use
string | null

Session expiry interval from last activity using PostgreSQL interval format (e.g., "01:30:00" for 1.5 hours)

expiry_time_from_session_data_set
string | null

Session expiry interval from creation using PostgreSQL interval format (e.g., "7 days 00:00:00" for 7 days)

tfa_method
enum<string> | null

Two-factor authentication method:

  • AUTHENTICATOR: Time-based one-time password using provided secret
  • EMAIL: TFA codes sent to CloudCruise email (info+{user_id}+{domain}@cloudcruise.com)
  • SMS: TFA codes sent to CloudCruise phone (+1 415 753-4639)
Available options:
AUTHENTICATOR,
EMAIL,
SMS
ip_address
string<ipv4> | null

Legacy field for target IP address (deprecated, use proxy.target_ip instead)

proxy
object

Controls whether to use a proxy during browser agent runs with these credentials. If target_ip is provided, we will assign a proxy closest to that IP.

Response

Vault entry successfully updated

Complete vault entry including system-generated fields

id
string<uuid>

System-generated unique identifier for the vault entry

permissioned_user_id
string

Unique identifier for referencing this vault entry in workflow executions

user_name
string | null

Encrypted username

password
string | null

Encrypted password

domain
string

Target domain for vault entry credentials

user_alias
string | null

Human readable identifier

tfa_secret
string | null

Two-factor authenticator secret key (TOTP). Required when tfa_method is AUTHENTICATOR. This should be encrypted with your encryption key prior to sending to the API, similar to other credentials. The secret is typically provided in base32 format from authenticator apps.

tfa_method
enum<string> | null

Two-factor authentication method

Available options:
AUTHENTICATOR,
EMAIL,
SMS
tfa_email
string | null

Computed email address for TFA codes when tfa_method is EMAIL. This is automatically generated by CloudCruise in the format: info+{user_id}+{domain}@cloudcruise.com This field is read-only and cannot be set via the API.

tfa_phone_number
string | null

Computed phone number for TFA codes when tfa_method is SMS. This is automatically determined based on workspace configuration or defaults to CloudCruise's default phone number. This field is read-only and cannot be set via the API.

workspace_id
string<uuid>

The workspace this vault entry belongs to

user_id
string<uuid> | null

The user who created this vault entry

created_at
string<date-time> | null

Timestamp when the vault entry was created

updated_at
string<date-time> | null

Timestamp when the vault entry was last updated

session_storage
object

Session storage data

local_storage
object

Local storage data

cookies
object[] | null

Active vault entry cookies

persist_local_storage
boolean

Whether to maintain local storage across sessions

persist_cookies
boolean

Whether to maintain cookies across sessions

persist_session_storage
boolean

Whether to maintain session storage across sessions

cookie_domain_to_store
string | null

Specific domain to use when storing cookies

allow_multiple_sessions
boolean

Whether to allow multiple concurrent sessions

max_concurrency
integer | null

Maximum number of concurrent sessions allowed (null for unlimited)

prevent_concurrency_during_login
boolean | null

Whether to prevent other sessions from starting while login is in progress

expiry_time_from_last_use
string | null

Session expiry interval from last activity (e.g., "01:30:00" for 1.5 hours). Set to null for no expiry from last use.

expiry_time_from_session_data_set
string | null

Session expiry interval from creation (e.g., "7 days 00:00:00" for 7 days). Set to null for no expiry from session data set.

effective_expires_at
string<date-time> | null

Computed timestamp when the session data expires based on expiry settings

session_data_set_at
string<date-time> | null

Timestamp when the session data (cookies, storage) was last set

ip_address
string | null

Legacy field for target IP address (deprecated, use proxy.target_ip instead)

location
string | null

Geographic location associated with this vault entry

proxy_string
string | null

The assigned proxy connection string for this vault entry. This is automatically assigned based on the proxy configuration provided when creating/updating the entry. Format: ip:port (e.g., "91.124.2.237:61234")