demisto · MosheEichler · Oct 25, 2023 · Oct 17, 2023 · Oct 18, 2023 · Oct 18, 2023
diff --git a/Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.py b/Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.py
@@ -1,5 +1,6 @@
 import demistomock as demisto  # noqa: F401
 from CommonServerPython import *  # noqa: F401
+
 """Recorded Future Identity Integration for Demisto."""
 from typing import Dict, Any, Union, Optional
 import requests
@@ -125,10 +126,13 @@ def main() -> None:
         base_url = demisto_params.get("server_url", "").rstrip("/")
         verify_ssl = not demisto_params.get("unsecure", False)
         proxy = demisto_params.get("proxy", False)
-        # If user has not set password properties we will get empty string but client require empty list
+        api_token = demisto_params.get("credential", {}).get("password") or demisto_params.get("token")
+        if not api_token:
+            return_error('Please provide a valid API token')
 
+        # If user has not set password properties we will get empty string but client require empty list
         headers = {
-            "X-RFToken": demisto_params["token"],
+            "X-RFToken": api_token,
             "X-RF-User-Agent": f"xsoar-identity/{__version__} rfclient (Cortex_XSOAR_"
             f'{demisto.demistoVersion()["version"]})',
         }

diff --git a/Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.yml b/Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.yml
@@ -4,7 +4,6 @@ commonfields:
 name: Recorded Future Identity
 display: Recorded Future Identity
 category: Data Enrichment & Threat Intelligence
-image:
 description: Recorded Future Identity Integration that provides access to Recorded Future Identity module data.
 configuration:
 - display: Server URL (e.g., https://api.recordedfuture.com/gw/xsoar-identity)
@@ -15,7 +14,13 @@ configuration:
 - display: API Token
   name: token
   type: 4
-  required: true
+  required: false
+  hidden: true
+- displaypassword: API Token
+  name: credential
+  type: 9
+  required: false
+  hiddenusername: true
 - display: Trust any certificate (not secure)
   name: unsecure
   defaultvalue: "false"
@@ -54,19 +59,19 @@ configuration:
   required: true
   additionalinfo: List of domains.
 script:
-  script: '-'
+  script: ''
   type: python
   subtype: python3
-  dockerimage: demisto/python3:3.10.13.72123
+  dockerimage: demisto/python3:3.10.13.78960
   commands:
   - name: recordedfuture-identity-search
-    description: Search for identities in Recorded Future Identity Dataset
+    description: Search for identities in Recorded Future Identity Dataset.
     arguments:
     - name: latest-downloaded
       defaultValue: "All time"
-      description: Time period for last downloaded time.(e.g. "7 days ago", "Three months ago", "Last Year", "All time")
+      description: Time period for last downloaded time (e.g. "7 days ago", "Three months ago", "Last Year", "All time").
     - name: domains
-      description: Domains list separated by comma. (e.g. norsegods.online, norsegods.online ). If not specified, domains from app instance will be used.
+      description: Domains list separated by comma (e.g. norsegods.online, norsegods.online ). If not specified, domains from app instance will be used.
     - name: domain-type
       description: Type of identities to search for (Authorization or Email). If not specified use All.
       auto: PREDEFINED
@@ -108,12 +113,12 @@ script:
     arguments:
     - name: identities
       required: true
-      description: Identities for the lookup separated by comma.(e.g. "09719@norsegods.online, 1000739@norsegods.online").
+      description: Identities for the lookup separated by comma (e.g. "09719@norsegods.online, 1000739@norsegods.online").
     - name: domains
-      description: Domains list separated by comma. (e.g. norsegods.online, norsegods.online )
+      description: Domains list separated by comma (e.g. norsegods.online, norsegods.online).
     - name: first-downloaded
       defaultValue: "All time"
-      description: Time period for first downloaded time.(e.g. "7 days ago", "Three months ago", "Last Year", "All time")
+      description: Time period for first downloaded time (e.g. "7 days ago", "Three months ago", "Last Year", "All time").
     outputs:
     - contextPath: RecordedFuture.Credentials.Identities.identity.subjects
       description: Identity value.
@@ -170,7 +175,7 @@ script:
       description: Exposed secret hash value.
       type: String
     - contextPath: RecordedFuture.Credentials.Identities.credentials.exposed_secret.effectively_clear
-      description: Exposed secret clear or not
+      description: Exposed secret clear or not.
       type: Boolean
     - contextPath: RecordedFuture.Credentials.Identities.credentials.exposed_secret.details.properties
       description: Exposed secret properties.

diff --git a/Packs/IdentityRecordedFuture/ReleaseNotes/1_2_0.md b/Packs/IdentityRecordedFuture/ReleaseNotes/1_2_0.md
@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### Recorded Future Identity
+
+- Added the credential support for API token.
+- Updated the Docker image to: *demisto/python3:3.10.13.78960*.
diff --git a/Packs/IdentityRecordedFuture/pack_metadata.json b/Packs/IdentityRecordedFuture/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Recorded Future Identity",
     "description": "Recorded Future App for Identity",
     "support": "partner",
-    "currentVersion": "1.1.4",
+    "currentVersion": "1.2.0",
     "author": "Recorded Future",
     "url": "https://www.recordedfuture.com/integrations/",
     "email": "support@recordedfuture.com",