---
layout: docs
page_title: credentials create - Command
description: |-
The "credentials create" command lets you create Boundary credential resources.
---
# credentials create
Command: `boundary credentials create`
The `credentials create` command lets you create Boundary credential resources.
## Examples
The following example defines a new username password credential within a static credential store with the ID `credup_J15mtU4qmy`:
```shell-session
$ boundary credentials create username-password \
-name ssh-user \
-credential-store-id credup_J15mtU4qmy\
-username ssh-user \
-password env://SSH_USER_PASS
```
**Example output:**
```plaintext
Credential information:
Created Time: Tue, 22 Aug 2023 15:56:07 PDT
Credential Store ID: csst_5GGWwRngd7
ID: credup_J15mtU4qmy
Name: ssh-user
Type: username_password
Updated Time: Tue, 22 Aug 2023 15:56:07 PDT
Version: 1
Scope:
ID: p_1zMlAwGHtH
Name: quick-start-project
Parent Scope ID: o_R0wbo0H6Zl
Type: project
Authorized Actions:
no-op
read
update
delete
Attributes:
Password HMAC: bXhHJHgaGz6fpolEpQPd0azcICSgmbVuSLfyhJhmqJY
Username: ssh-user
```
## Usage
```shell-session
$ boundary credentials create [type] [sub command] [options] [args]
```
### Command options
- `-credential-store-id` `(string: "")` - The credential-store resource in which to create the credential.
You can also specify the credential store using the **BOUNDARY_CREDENTIAL_STORE_ID** environment variable.
- `-description` `(string: "")` - A description to set on the credential.
- `-name` `(string: "")` - A name to set on the credential.
#### Usages by type
The available types are `json`, `ssh-private-key`, and `username-password`.
The `credentials create json` command lets you create a JSON type credential.
#### Example
The following example creates a JSON credential in a credential store with the ID `csst_1234567890`:
```shell-session
$ boundary credentials create json \
-credential-store-id csst_1234567890 \
-object file:///home/user/secret
```
#### Usage
```shell-session
$ boundary credentials create json [options] [args]
```
#### JSON object credential options
The following options are specific to JSON credentials in addition to the command options:
- `-bool-kv` `(map: {})` – A key=value Boolean value to add to the request's object map.
You can specify this option multiple times.
This value can be a reference to a file on disk (`file://`) or an environment variable (`env://`) from which Boundary reads the value.
- `-kv` `(map: {})` – A key=value pair to add to the request's object map.
This option can also be a key value only which will set a JSON null as the value.
If you provide a value, Boundary automatically infers the type.
Use `-string-kv`,`-bool-kv`, or `-num-kv` to override the type.
You can specify this option multiple times.
This value can be a reference to a file on disk (`file://`) or an environment variable (`env://`) from which Boundary reads the value.
- `-num-kv` `(map: {})` – A key=value numeric value to add to the request's object map.
You can specify this option multiple times.
This value can be a reference to a file on disk (`file://`) or an environment variable (`env://`) from which Boundary reads the value.
- `-object` `(string: "")` - A JSON map value to use as the entirety of the request's object map.
Usually this is sourced from a file using `file://` syntax.
This option is exclusive with the other kv flags.
- `-string-kv` `(map: {})` – A key=value string value to add to the request's object map.
You can specify this option multiple times.
This value can be a reference to a file on disk (`file://`) or an environment variable (`env://`) from which Boundary reads the value.
The `credentials create ssh-private-key` command lets you create an SSH private key credential type.
#### Example
The following example creates an SSH private key credential in a credential store with the ID `csvlt_1234567890`:
```shell-session
$ boundary credentials create ssh-private-key \
-credential-store-id csvlt_1234567890 \
-username user \
-private-key file:///home/user/.ssh/id_ed25519
```
#### Usage
```shell-session
$ boundary credentials create ssh-private-key [options] [args]
```
#### SSH private key credential options
The following options are specific to SSH private key credentials in addition to the command options:
- `-private-key` `(string: "")` - The SSH private key associated with the
credential.
This value can be a reference to a file on disk (`file://`) or an environment variable (`env://`) from which Boundary reads the value.
- `-private-key-passphrase` `(string: "")` - The passphrase associated with the
SSH private key.
Boundary ingores this value if the private key does not require a passphrase or if you do not supply a private key.
This value can be a reference to a file on disk (`file://`) or an environment variable (`env://`) from which Boundary reads the value.
If you leave this option empty, and the key requires a passphrase, you can enter it manually.
- `-username` `(string: "")` - The username associated with the credential.
The `credentials create username-password` command lets you create a username password type credential.
#### Example
The following example creates a username password credential in a credential store with the ID `csvlt_1234567890`:
```shell-session
$ boundary credentials create username-password \
-credential-store-id csvlt_1234567890 \
-username user -password pass
```
#### Usage
```shell-session
$ boundary credentials create username-password -credential-store-id [options] [args]
```
#### Username password credential options
The following options are specific to username password credentials in addition to the command options:
- `-password` `(string: "")` - The password associated with the credential.
This value can be a reference to a file on disk (`file://`) or an environment variable (`env://`) from which Boundary reads the value.
- `-username` `(string: "")` - The username associated with the credential.
@include 'cmd-option-note.mdx'