Trusted credentials

Trusted credentials are used for users who must perform a task or process, but do not have sufficient access permissions for entries that contain sensitive data, such as database signons and group memberships. Users with more extensive access permissions, who own the entries, can authorize a trusted user to use their credentials to access the entries.

Trusted credentials are also used to run scheduled requests when users are not logged on to IBM® Cognos® software, for example, overnight. When the request runs, a user session is created. The trusted credential is used to log on to IBM Cognos software as the user the trusted credential represents and the user's access permissions are used to run the report or the job.

Trusted credentials are stored as part of the account object in the namespace.

By default, trusted credentials are automatically renewed once a day. An administrator can change the default renewal frequency by specifying the expiryRenewedTC property in IBM Cognos Configuration, under Security > Authentication > Advanced properties. Only integers, which represent number of days, can be used as values for this property. The minimum value is 1.

When you change your password, you should renew your credentials manually. Otherwise, if the credentials are used before they are automatically renewed, they might not work. For example, a scheduled job that is using these credentials might fail. For information about renewing trusted credentials manually, see Creating trusted credentials.

Parent topic: Access Permissions and Credentials