Add paragraphs

jenkinsci · Nov 6, 2020 · 29b98c4 · 29b98c4
1 parent a2c356c
commit 29b98c4
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/docs/faq.adoc b/docs/faq.adoc
@@ -13,16 +13,20 @@ Various cloud providers have secrets management and HSMs available for this purp
 
 It's important to understand the access model of credentials in order to organize them most appropriately.
 Credentials are accessed through a combination of scopes and contexts, which are further categorized into types and domains.
+
 The _context_ of a credential is the path in Jenkins where the credentials are accessed.
 Contexts include the root Jenkins context, jobs, users, agents, views, folders, and generally any other item type.
+
 The _scope_ of a credential can be _global, system,_ or _user,_ which determines the visibility of a credential to a context.
 System-scoped credentials are only visible in the root Jenkins context (typically useful for things like agent SSH keys).
 User-scoped credentials are only visible to a context running as that user (such as a user-provided credentials parameter to a build).
 Global-scoped credentials are visible to their associated contexts and any children contexts; this is the default credential scope.
+
 Credentials _stores_ are the underlying storage mechanism for secrets, and credentials _providers_ combine them with the functionality to manage secrets in a context for a certain set of scopes.
 For example, the Jenkins Credentials Provider uses a system-wide credentials store at the root context and supports both system and global scoped credentials.
 Folder plugins provide a Folder Credentials Provider to anchor credentials storage in a folder along with the advanced authorization strategies possible there.
 User-scoped credentials are primarily accessed through the User Credentials Provider which stores secrets with the user profile in Jenkins.
+
 Credentials _types_ include things like username/password, secret text, SSH key, API token, etc.
 Finally, credentials _domains_ provide a way to help organize credentials by domain name, URI, protocol, and other requirements which can make it much easier to identify the appropriate credentials to use from the UI.