The WS-Management (WS-MAN) service is an internal service that can be used for programmatic interactions with the API Gateway. This API is SOAP-based and is typically interfaced with using our Gateway Management Client. This API is capable of printing out a list of stored passwords but that output will not contain the actual stored credentials. This article will describe the steps necessary to publish an API that can consume the WS-MAN API and return a list of stored password items within a SOAP response
This policy will return a SOAP message containing the names of all of the stored password objects. These names will be located in the element located at the following XPath pointer: /env:Envelope/env:Body/wsen:PullResponse/wsen:Items/l7:StoredPassword/l7:Name. The content of this element can be used to return a decrypted plaintext password using the request.passwordname.plaintext variable--where passwordname reflects the value of the l7:Name element.
Good work Eric! Thought this looked familiar!