Keyfactor · spbsoluble · Feb 5, 2026 · Jan 27, 2026 · Feb 4, 2026 · Feb 4, 2026
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,11 @@
+# v1.9.1
+
+## Fixes
+
+### CLI
+
+- `pam-types`: Fix issue that caused CLI to crash when attempting to read pam-types as store-types
+
 # v1.9.0
 
 ## Features

diff --git a/cmd/integration_manifest.go b/cmd/integration_manifest.go
@@ -18,23 +18,42 @@ import (
 	"github.com/Keyfactor/keyfactor-go-client/v3/api"
 )
 
-type IntegrationManifest struct {
-	Schema          string `json:"$schema"`
-	IntegrationType string `json:"integration_type"`
-	Name            string `json:"name"`
-	Status          string `json:"status"`
-	LinkGithub      bool   `json:"link_github"`
-	UpdateCatalog   bool   `json:"update_catalog"`
-	SupportLevel    string `json:"support_level"`
-	ReleaseDir      string `json:"release_dir"`
-	ReleaseProject  string `json:"release_project"`
-	Description     string `json:"description"`
-	About           About  `json:"about"`
+type IntegrationManifestV2 struct {
+	Schema          string  `json:"$schema"`
+	IntegrationType string  `json:"integration_type"`
+	Name            string  `json:"name"`
+	Status          string  `json:"status"`
+	LinkGithub      bool    `json:"link_github"`
+	UpdateCatalog   bool    `json:"update_catalog"`
+	SupportLevel    string  `json:"support_level"`
+	ReleaseDir      string  `json:"release_dir"`
+	ReleaseProject  string  `json:"release_project"`
+	Description     string  `json:"description"`
+	About           AboutV2 `json:"about"`
 }
 
-type About struct {
+type IntegrationManifestV3 struct {
+	Schema          string  `json:"$schema"`
+	IntegrationType string  `json:"integration_type"`
+	Name            string  `json:"name"`
+	Status          string  `json:"status"`
+	LinkGithub      bool    `json:"link_github"`
+	UpdateCatalog   bool    `json:"update_catalog"`
+	SupportLevel    string  `json:"support_level"`
+	ReleaseDir      string  `json:"release_dir"`
+	ReleaseProject  string  `json:"release_project"`
+	Description     string  `json:"description"`
+	About           AboutV3 `json:"about"`
+}
+
+type AboutV2 struct {
 	Orchestrator Orchestrator `json:"orchestrator,omitempty"`
-	PAM          PAM          `json:"pam,omitempty"`
+	PAM          PAMV2        `json:"pam,omitempty"`
+}
+
+type AboutV3 struct {
+	Orchestrator Orchestrator `json:"orchestrator,omitempty"`
+	PAM          PAMV3        `json:"pam,omitempty"`
 }
 
 type Orchestrator struct {
@@ -44,7 +63,15 @@ type Orchestrator struct {
 	StoreTypes               []api.CertificateStoreType `json:"store_types"`
 }
 
-type PAM struct {
+type PAMV2 struct {
+	Name                    string                                   `json:"providerName"`
+	AssemblyName            string                                   `json:"assemblyName"`
+	DBName                  string                                   `json:"dbName"`
+	FullyQualifiedClassName string                                   `json:"fullyQualifiedClassName"`
+	PAMTypes                map[string]api.ProviderTypeCreateRequest `json:"pam_types"`
+}
+
+type PAMV3 struct {
 	Name                    string                          `json:"providerName"`
 	AssemblyName            string                          `json:"assemblyName"`
 	DBName                  string                          `json:"dbName"`

diff --git a/cmd/pam.go b/cmd/pam.go
@@ -55,7 +55,7 @@ var deprecatedPamTypesListCmd = &cobra.Command{
 
 var deprecatedPamTypesCreateCmd = &cobra.Command{
 	Use:        "types-create",
-	Deprecated: "use `pam types create`.",
+	Deprecated: "use `pam-types create`.",
 	Short:      "Creates a new PAM provider type.",
 	Long: `Creates a new PAM Provider type, currently only supported from JSON file and from GitHub. To install from 
 Github. To install from GitHub, use the --repo flag to specify the GitHub repository and optionally the branch to use. 

diff --git a/cmd/pamTypes.go b/cmd/pamTypes.go
@@ -570,7 +570,7 @@ func getPAMTypesInternet(gitRef string, repo string) (map[string]interface{}, er
 	url := fmt.Sprintf(baseUrl, repo, escapedGitRef, fileName)
 	log.Debug().
 		Str("url", url).
-		Msg("Getting store types from internet")
+		Msg("Getting PAM types from internet")
 
 	// Define the timeout duration
 	timeout := MinHttpTimeout * time.Second
@@ -594,7 +594,7 @@ func getPAMTypesInternet(gitRef string, repo string) (map[string]interface{}, er
 	if jErr != nil {
 		log.Warn().Err(jErr).Msg("Unable to decode JSON file, attempting to parse an integration manifest")
 		// Attempt to parse as an integration manifest
-		var manifest IntegrationManifest
+		var manifest IntegrationManifestV2
 		log.Debug().Msg("Decoding JSON file as integration manifest")
 		// Reset the file pointer
 
@@ -610,7 +610,7 @@ func getPAMTypesInternet(gitRef string, repo string) (map[string]interface{}, er
 		}
 		return output, nil
 	}
-	output, sErr := formatStoreTypes(&result)
+	output, sErr := formatPAMTypes(&result)
 	if sErr != nil {
 		return nil, err
 	} else if output == nil {
@@ -842,22 +842,38 @@ func createPAMTypeFromFile(filename string, kfClient *keyfactor.Client) ([]keyfa
 	if err != nil || (pamType.Name == "" || pamType.Parameters == nil) {
 		log.Warn().Err(err).Msg("Unable to decode JSON file, attempting to parse an integration manifest")
 		// Attempt to parse as an integration manifest
-		var manifest IntegrationManifest
+		var manifest IntegrationManifestV3
 		log.Debug().Msg("Decoding JSON file as integration manifest")
 		// Reset the file pointer
 		_, err = file.Seek(0, 0)
 		decoder = json.NewDecoder(file)
 		mErr := decoder.Decode(&manifest)
 		if mErr != nil {
-			return nil, err
+			log.Error().Err(err).Msg("Unable to decode JSON file as integration manifest V3")
+			log.Debug().Msg("Attempting to decode as a V2 integration manifest")
+			var v2Manifest IntegrationManifestV2
+			_, err = file.Seek(0, 0)
+			decoder = json.NewDecoder(file)
+			v2MErr := decoder.Decode(&v2Manifest)
+			if v2MErr != nil {
+				log.Error().Err(err).Msg("Unable to decode JSON file as integration manifest V2")
+				return nil, fmt.Errorf("invalid integration manifest format")
+			}
+			v2pamTypes := v2Manifest.About.PAM.PAMTypes
+			log.Debug().Msg("Converting V2 manifest to V3")
+			for _, v2pamType := range v2pamTypes {
+				pamTypes = append(pamTypes, v2pamType)
+			}
+		} else {
+			log.Debug().Msg("Decoded JSON file as integration manifest V3")
+			pamTypes = manifest.About.PAM.PAMTypes
 		}
-		log.Debug().Msg("Decoded JSON file as integration manifest")
-		pamTypes = manifest.About.PAM.PAMTypes
 	} else {
 		log.Debug().Msg("Decoded JSON file as single pam type")
 		pamTypes = []keyfactor.ProviderTypeCreateRequest{pamType}
 	}
 
+	log.Debug().Msg("successfully decoded JSON file")
 	output := make([]keyfactor.ProviderTypeResponse, 0)
 	for _, pt := range pamTypes {
 		log.Debug().Msgf("Creating certificate pam type %s", pt.Name)