When performing a PATCH operation on credential objects via the /api/credentials API. The PATCH operation is intended to perform a partial update of the credential object. however, password fields that are not included in the PATCH request are being unintentionally updated. This leads to validation failures of the credential object, even when the object was valid before the PATCH operation, and a 500 Internal Server Error when performing a subsequent connection test.

The issue is specifically observed with a credential object, where updating one password field causes connection test failures. Other fields, such as usernames and hostnames, are unaffected.

Aria Operations  8.18.0

This unintended modification of password fields causes the credential object to fail validation. As a result, when a connection test is performed, it fails with an HTTP 500 Internal Server Error because the credential object is no longer valid.

A fix for this issue is planned for the Next Major Release. 

Until the fix is available, the following actions can be taken as a workaround:

Avoid Updating Password Fields via PATCH: As a temporary measure, avoid including password fields in the PATCH request. If a password needs to be updated, perform the change manually via the UI or use a full PUT request to ensure complete control over the fields being updated.

The PATCH operation is expected to perform a partial update, but this issue indicates that password fields are not being handled correctly in certain scenarios.
When the PATCH operation updates password fields that are not included in the request, the credential fails validation, which causes the connection test to fail with a 500 error.
The PATCH response does not include the password fields by default, which makes it difficult to directly observe which fields were unintentionally updated. However, manual correction of the password fields via the UI resolves the issue.