> ## Documentation Index > Fetch the complete documentation index at: https://conductorone-docs-mcp-bridge-private-server.mintlify.site/llms.txt > Use this file to discover all available pages before exploring further. # Create Bridge Credential > CreateBridgeCredential mints a credential for a bridge. If the bridge already has an active credential, it is revoked. The plaintext client_secret is returned exactly once on the response. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/iam/tunnel/bridges/{bridge_id}/credentials openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/iam/tunnel/bridges/{bridge_id}/credentials: post: tags: - Tunnel summary: Create Bridge Credential description: |- CreateBridgeCredential mints a credential for a bridge. If the bridge already has an active credential, it is revoked. The plaintext client_secret is returned exactly once on the response. operationId: c1.api.iam.v1.TunnelCredentialsService.CreateBridgeCredential parameters: - in: path name: bridge_id required: true schema: description: The bridge to mint a credential for. type: string requestBody: content: application/json: schema: $ref: >- #/components/schemas/c1.api.iam.v1.TunnelCredentialsServiceCreateBridgeCredentialRequestInput responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.iam.v1.TunnelCredentialsServiceCreateBridgeCredentialResponse description: Successful response x-codeSamples: - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.tunnelCredentials.createBridgeCredential({ bridgeId: "", }); console.log(result); } run(); components: schemas: c1.api.iam.v1.TunnelCredentialsServiceCreateBridgeCredentialRequestInput: description: The TunnelCredentialsServiceCreateBridgeCredentialRequest message. title: Tunnel Credentials Service Create Bridge Credential Request type: object x-speakeasy-name-override: TunnelCredentialsServiceCreateBridgeCredentialRequest c1.api.iam.v1.TunnelCredentialsServiceCreateBridgeCredentialResponse: description: The TunnelCredentialsServiceCreateBridgeCredentialResponse message. properties: credential: oneOf: - $ref: '#/components/schemas/c1.api.iam.v1.TunnelCredential' - type: 'null' title: Tunnel Credentials Service Create Bridge Credential Response type: object x-speakeasy-name-override: TunnelCredentialsServiceCreateBridgeCredentialResponse c1.api.iam.v1.TunnelCredential: description: >- TunnelCredential is the API view of one OAuth credential within a bridge. The plaintext client_secret is only populated on the CreateBridgeCredential response. properties: bridgeId: description: The bridge this credential belongs to. readOnly: true type: - string - 'null' clientId: description: The client_id (full ${id}@${tenant_domain}/tcc form). readOnly: true type: - string - 'null' clientSecret: description: |- The plaintext client_secret. ONLY populated on the CreateBridgeCredential response; empty on Get / List. readOnly: true type: - string - 'null' createdAt: format: date-time readOnly: true type: - string - 'null' credentialStatus: description: Lifecycle status of this credential record. enum: - TUNNEL_CREDENTIAL_STATUS_UNSPECIFIED - TUNNEL_CREDENTIAL_STATUS_ACTIVE - TUNNEL_CREDENTIAL_STATUS_REVOKED - TUNNEL_CREDENTIAL_STATUS_EXPIRED readOnly: true type: - string - 'null' x-speakeasy-unknown-values: allow deletedAt: format: date-time readOnly: true type: - string - 'null' expiresTime: format: date-time readOnly: true type: - string - 'null' id: description: The id field. readOnly: true type: - string - 'null' lastUsedAt: format: date-time readOnly: true type: - string - 'null' revokedAt: format: date-time readOnly: true type: - string - 'null' updatedAt: format: date-time readOnly: true type: - string - 'null' title: Tunnel Credential type: object x-speakeasy-name-override: TunnelCredential securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````