CredentialButton
A credential action button that opens a password or secret update flow in a controlled popper.
Import
import { CredentialButton } from "@schukai/monster/source/components/form/credential-button.mjs";Source
'%3E%3Cpath style='stroke:none;fill-rule:nonzero;fill:%23f03c2e;fill-opacity:1' d='M90.156 41.965 50.036 1.848a5.918 5.918 0 0 0-8.372 0l-8.328 8.332 10.566 10.566a7.03 7.03 0 0 1 7.23 1.684 7.034 7.034 0 0 1 1.669 7.277l10.187 10.184a7.028 7.028 0 0 1 7.278 1.672 7.04 7.04 0 0 1 0 9.957 7.05 7.05 0 0 1-9.965 0 7.044 7.044 0 0 1-1.528-7.66l-9.5-9.497V59.36a7.04 7.04 0 0 1 1.86 11.29 7.04 7.04 0 0 1-9.957 0 7.04 7.04 0 0 1 0-9.958 7.06 7.06 0 0 1 2.304-1.539V33.926a7.049 7.049 0 0 1-3.82-9.234L29.242 14.272 1.73 41.777a5.925 5.925 0 0 0 0 8.371L41.852 90.27a5.925 5.925 0 0 0 8.37 0l39.934-39.934a5.925 5.925 0 0 0 0-8.371'/%3E%3C/g%3E%3C/svg%3E "View source code")
Package
Since
3.91.0
Introduction
The Monster CredentialButton opens a focused credential update flow from a single trigger. Use it for password changes, secret rotation or similar account-security tasks that should stay compact and contextual.
When to use CredentialButton
- Use it for password and secret changes: The component keeps the flow behind one deliberate action.
- Use it when the edit surface should stay temporary: A popper avoids navigating away from the current page.
- Do not use it for broad account settings: Larger profile forms usually deserve a dedicated page or panel.
Typical mistakes
Keep the credential flow explicit and secure. Avoid overloading the component with unrelated account preferences, and surface validation rules clearly when password complexity matters.
Credential Button Simple
This example opens the credential popper, accepts a new password, and submits it against a mocked endpoint.
import "@schukai/monster/source/components/form/credential-button.mjs"; const button = document.getElementById("credential-button-demo-run"); const originalFetch = window.fetch.bind(window); window.fetch = (input, init = {}) => { const url = typeof input === "string" ? input : input?.url; if (url === "/mock/credential-button") { return Promise.resolve( new Response(JSON.stringify({ ok: true }), { status: 200, headers: { "content-type": "application/json" }, }), ); } return originalFetch(input, init); }; button.setOption("url", "/mock/credential-button"); button.setOption("labels.button", "Change password"); button.setOption("labels.title", "Password"); button.setOption("labels.description", "Enter a new password and submit it.");
Javascript
import "@schukai/monster/source/components/form/credential-button.mjs";
const button = document.getElementById("credential-button-demo");
const originalFetch = window.fetch.bind(window);
window.fetch = (input, init = {}) => {
const url = typeof input === "string" ? input : input?.url;
if (url === "/mock/credential-button") {
return Promise.resolve(
new Response(JSON.stringify({ ok: true }), {
status: 200,
headers: { "content-type": "application/json" },
}),
);
}
return originalFetch(input, init);
};
button.setOption("url", "/mock/credential-button");
button.setOption("labels.button", "Change password");
button.setOption("labels.title", "Password");
button.setOption("labels.description", "Enter a new password and submit it.");<script type="module">import "@schukai/monster/source/components/form/credential-button.mjs";
const button = document.getElementById("credential-button-demo-run");
const originalFetch = window.fetch.bind(window);
window.fetch = (input, init = {}) => {
const url = typeof input === "string" ? input : input?.url;
if (url === "/mock/credential-button") {
return Promise.resolve(
new Response(JSON.stringify({ ok: true }), {
status: 200,
headers: { "content-type": "application/json" },
}),
);
}
return originalFetch(input, init);
};
button.setOption("url", "/mock/credential-button");
button.setOption("labels.button", "Change password");
button.setOption("labels.title", "Password");
button.setOption("labels.description", "Enter a new password and submit it.");</script>HTML
<monster-credential-button id="credential-button-demo">
Change password
</monster-credential-button>Stylesheet
/** no additional stylesheet is defined **/Credential Button Retry
This example demonstrates the failure and retry flow of monster-credential-button with a mocked endpoint.
import "@schukai/monster/source/components/form/credential-button.mjs"; const button = document.getElementById("credential-button-retry-demo-run"); const status = document.getElementById("credential-button-retry-status-run"); const originalFetch = window.fetch.bind(window); let attempts = 0; window.fetch = (input, init = {}) => { const url = typeof input === "string" ? input : input?.url; if (url === "/mock/credential-button-retry") { attempts += 1; status.textContent = "Submit attempt " + attempts; if (attempts === 1) { return Promise.resolve( new Response(JSON.stringify({ message: "Temporary policy check failed." }), { status: 400, headers: { "content-type": "application/json" }, }), ); } return Promise.resolve( new Response(JSON.stringify({ ok: true }), { status: 200, headers: { "content-type": "application/json" }, }), ); } return originalFetch(input, init); }; button.setOption("url", "/mock/credential-button-retry"); button.setOption("labels.button", "Rotate API key"); button.setOption("labels.title", "New credential"); button.setOption("labels.description", "Submit once to see the failure state, then retry."); button.setOption("payload.data", { scope: "deployments" });
Javascript
import "@schukai/monster/source/components/form/credential-button.mjs";
const button = document.getElementById("credential-button-retry-demo");
const status = document.getElementById("credential-button-retry-status");
const originalFetch = window.fetch.bind(window);
let attempts = 0;
window.fetch = (input, init = {}) => {
const url = typeof input === "string" ? input : input?.url;
if (url === "/mock/credential-button-retry") {
attempts += 1;
status.textContent = "Submit attempt " + attempts;
if (attempts === 1) {
return Promise.resolve(
new Response(JSON.stringify({ message: "Temporary policy check failed." }), {
status: 400,
headers: { "content-type": "application/json" },
}),
);
}
return Promise.resolve(
new Response(JSON.stringify({ ok: true }), {
status: 200,
headers: { "content-type": "application/json" },
}),
);
}
return originalFetch(input, init);
};
button.setOption("url", "/mock/credential-button-retry");
button.setOption("labels.button", "Rotate API key");
button.setOption("labels.title", "New credential");
button.setOption("labels.description", "Submit once to see the failure state, then retry.");
button.setOption("payload.data", { scope: "deployments" });<script type="module">import "@schukai/monster/source/components/form/credential-button.mjs";
const button = document.getElementById("credential-button-retry-demo-run");
const status = document.getElementById("credential-button-retry-status-run");
const originalFetch = window.fetch.bind(window);
let attempts = 0;
window.fetch = (input, init = {}) => {
const url = typeof input === "string" ? input : input?.url;
if (url === "/mock/credential-button-retry") {
attempts += 1;
status.textContent = "Submit attempt " + attempts;
if (attempts === 1) {
return Promise.resolve(
new Response(JSON.stringify({ message: "Temporary policy check failed." }), {
status: 400,
headers: { "content-type": "application/json" },
}),
);
}
return Promise.resolve(
new Response(JSON.stringify({ ok: true }), {
status: 200,
headers: { "content-type": "application/json" },
}),
);
}
return originalFetch(input, init);
};
button.setOption("url", "/mock/credential-button-retry");
button.setOption("labels.button", "Rotate API key");
button.setOption("labels.title", "New credential");
button.setOption("labels.description", "Submit once to see the failure state, then retry.");
button.setOption("payload.data", { scope: "deployments" });</script>HTML
<div style="display:grid;gap:1rem;">
<monster-credential-button id="credential-button-retry-demo">
Rotate API key
</monster-credential-button>
<div id="credential-button-retry-status">First submit will fail, second will succeed.</div>
</div>Stylesheet
/** no additional stylesheet is defined **/Component Design
The button extends the shared form action model and adds credential-specific handling so secure actions can be requested with a focused UI element.
Styling Hooks
labels: Adjusts button text and related messaging.dataset: Connects the action to surrounding workflow data.::part(button): Styles the visible trigger.
HTML Structure
<monster-credential-button></monster-credential-button>JavaScript Initialization
const element = document.createElement('monster-credential-button');
document.body.appendChild(element);Exported
CredentialButtonDerived from
PopperButtonOptions
The Options listed in this section are defined directly within the class. This class is derived from several parent classes, including the CustomElement class. Therefore, it inherits Options from these parent classes. If you cannot find a specific Options in this list, we recommend consulting the documentation of the PopperButton.
Option
Type
Default
Description
templates
object
Template definitions
templates.main
string
undefined
Main template
labels
object
undefined
Label definitions
labels.button
string
undefined
Button label
labels.title
string
undefined
Field-set title
labels.password
string
undefined
Password label
labels.description
string
undefined
Description text
labels.submit
string
undefined
Submit button label
labels.messageEmptyPassword
string
undefined
Empty password message
labels.messageNotConfigured
string
undefined
Not configured message
labels.messageSuccess
string
undefined
Success message
labels.messageFailed
string
undefined
Failure message
url
string
API URL
fetch
object
Fetch options
fetch.redirect
string
error
Fetch redirect option
fetch.method
string
POST
Fetch method
fetch.mode
string
same-origin
Fetch mode
fetch.credentials
string
same-origin
Fetch credentials
fetch.headers
object
undefined
Fetch headers
mapping
object
undefined
Mapping configuration
mapping.password
string
undefined
Key for the password field in the payload
mapping.data
object|function
undefined
Additional payload data or builder
payload
object
Payload configuration
payload.password
string
password
Key for the password field in the payload
payload.data
object|function
Additional payload data or builder
placeholder
object
Placeholder configuration
placeholder.password
string
Password placeholder
autocomplete
object
Autocomplete configuration
autocomplete.password
string
new-password
Password autocomplete
classes
object
undefined
Class definitions
layout
object
Layout configuration
layout.containerStyle
string
width: 20rem;
Inline style for the container
layout.submitStyle
string
margin-top: var(--monster-space-4);
Inline style for the submit button
timeoutForMessage
number
3500
Duration in milliseconds to show messages
timeoutForSuccess
number
1200
Duration in milliseconds for success state
features
object
Feature flags
features.closeOnSuccess
boolean
true
Close popper on success
features.clearOnSuccess
boolean
true
Clear password on success
- since
- deprecated
Properties and Attributes
The Properties and Attributes listed in this section are defined directly within the class. This class is derived from several parent classes, including the CustomElement class and ultimately from HTMLElement. Therefore, it inherits Properties and Attributes from these parent classes. If you cannot find a specific Properties and Attributes in this list, we recommend consulting the documentation of the PopperButton.
data-monster-options: Sets the configuration options for the collapse component when used as an HTML attribute.data-monster-option-[name]: Sets the value of the configuration option[name]for the collapse component when used as an HTML attribute.
Methods
The methods listed in this section are defined directly within the class. This class is derived from several parent classes, including the CustomElement class and ultimately from HTMLElement. Therefore, it inherits methods from these parent classes. If you cannot find a specific method in this list, we recommend consulting the documentation of the PopperButton.
Static methods
[instanceSymbol]()Returns
- {symbol}
This method is called by the
instanceof operator.getCSSStyleSheet()Returns
- {CSSStyleSheet[]}
getTag()Returns
- {string}
Lifecycle methods
Lifecycle methods are called by the environment and are usually not intended to be called directly.
[assembleMethodSymbol]()Returns
- {CredentialButton}
Events
The component emits the following events:
monster-credential-submitmonster-credential-successfulmonster-credential-failed
For more information on how to handle events, see the mdn documentation.