# Agent Service Credentials

{% hint style="info" %}
This is an older version of the document. To view the most recent version of the document, click [here](https://docs.opsmx.com/products/opsmx-intelligent-software-delivery-platform/system-setup/opsmx-agent/service-credentials).
{% endhint %}

For most service types, credentials can be provided.  The types of credentials allowed depends on the service type, but generally several are available.

### No authentication

Credential type "none" indicates that the service endpoint does not require any authentication.

### HTTP Basic Authentication

A credential type of "basic" requires a username and a password to be provided in the configmap or in a Kubernetes secret.  These are passed to the target via HTTP Basic authentication.<br>

If secrets are provided in the configmap (not recommended) they must be base64 encoded.<br>

Example (with literal contents, not recommended):<br>

```
services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: basic
            username: bm90LWEtZ29vZC11c2VybmFtZQ==
            password: YWxzby1ub3QtZ29vZC1wYXNzd29yZA==
```

&#x20;Example (with Kubernetes secret of type 'kubernetes.io/basic-auth'):<br>

```
services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: basic
            secretName: dev-jenkins-secret
```

&#x20;  The secret must be created, and have keys for "username" and "password".<br>

### HTTP Bearer Authentication

A credential type of "bearer"  requires a token to be provided in the configmap or in a Kubernetes secret.  These are passed to the target via HTTP Bearer authentication.  <br>

If secrets are provided in the configmap (not recommended) they must be base64 encoded.

Example (with literal contents, not recommended):<br>

```
services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: bearer
            token: YWxzby1ub3QtZ29vZC1wYXNzd29yZA==

```

Example (with Kubernetes secret of type Opaque):

```
services:
      - name: dev jenkins
        type: jenkins
        enabled: true
        config:
          url: https://dev.jenkins.example.com:8080
          credentials:
            type: bearer
            secretName: dev-jenkins-secret
```

&#x20;The secret must be created, and have a key for "token".<br>

### HTTP "Token" Authentication

While "bearer" should generally be used, some services require a small change, and require the authentication type to be called "token" in the HTTP headers sent to authenticate.  Other than that change, "token" and "bearer" are identical in configuration methods.<br>