The site that you are currently viewing is a static version of the Software Factory documentation delivered with the

version v7.2.
For up-to-date documentation, see the latest version.

Secrets, Tokens and Credentials in Coverity

This document lists all secrets, tokens and credentials that can be configured and managed by an administrator user in Coverity.

List of credentials

Credentials typeUsageOfficial documentation linkComment
Tokens
Authentication KeysAPI auth and run Coverity analysis from localAuthentication Keys
Other
Username/passwordUser AuthenticationConfiguring sign-in settings

Credential Configuration Parameters

This section lists all parameters available for credential configuration. Each parameter can be set by an administrator through the Configuration > System

Single Sign-on Authentication

Software Factory recommends implementing SAML-based authentication for Single Sign-On (SSO).

Using native users and groups should be avoided.

Credentials typeParametersConfiguration locationAdmin panel configurationDefault configurationRecommendationOfficial documentation link
Login/passwordEnable Local Password PolicyOnly in UIAdmin > System Settings > Local AuthenticationDisabledEnabled - Software Factory recommends setting up SSO .Configuring password requirements
Minimum password lengthOnly in UIAdmin > System Settings > Local Authentication11 - Software Factory recommends setting up SSO .Configuring password requirements
Number of unsuccessful sign in attemptsOnly in UIAdmin > System Settings > Local Authentication105 - Software Factory recommends setting up SSO .Configuring password requirements
Prompt users to update their passwordOnly in UIAdmin > System Settings > Local AuthenticationDisabledEnabled - Software Factory recommends setting up SSO .Configuring password requirements
Managing Authentication Keys by Admin for other users

According to Coverity official documentation:

Sample command for creating own authentication key

cov-manage-im --url https://cim.company.com --user test \
    --password secret --mode auth-key --create --output-file myFile \
    --set description:"test user authentication file" \
    --set expiration:"after_90_days"

Sample command for revoking authentication key by admin

cov-manage-im --mode auth-key --revoke 12345
Last modified 26.03.2026: Coverity secrets hardening (21beeb2)