I too had this same problem and tried all the suggestions above. The work-around I settled on was to keep the field type as "password" in setup.xml, but the actual create/update of the password in the password store was done in code in a custom endpoint. So only the password is in the password store, I kept the associated username in the conf file. If anyone has arrived at a better solution, I'd love to know.
setup.xml
<setup>
<block title="My Configuration" endpoint="admin/myconfig" entity="config">
<input field="user">
<label>Username</label>
<type>text</type>
</input>
<input field="password">
<label>Password</label>
<type>password</type>
</input>
</block>
</setup>
myapp_handler.py
def handleEdit(self, confInfo):
username = self.callerArgs.data['user'][0]
password = self.callerArgs.data['password'][0]
self.callerArgs.data['password'][0] = ''
self.writeConf('resilient', 'config', self.callerArgs.data)
r = requests.post(url=splunk.getLocalServerInfo()+'/servicesNS/nobody/myapp/storage/passwords/%3Amyapppassword%3A?output_mode=json',
data={'password': password},
headers={'Authorization': 'Splunk ' + self.getSessionKey()},
verify=False)
... View more