This assumes you have already obtained a Bearer Token.

AVOID TROUBLE

In order to display credential details, you will need to have the security:manage scope when obtaining a Bearer Token.

You may want to first list the credentials to determine if the credential exists.

The following curl command can be used to return the JSON of a credential. In this example, the request is to return the "foo" credential.

curl
--insecure
--request POST
--header "Authorization: Bearer abc123"
--header "Content-Type: application/json"
--data '{ "CredentialPath": "\\VED\\Policy\\Credentials\\foo" }'
--url https://tpp.example.com/vedsdk/Credentials/Retrieve

If the credential does not exist, the following should be returned.

{
    "Result": 400
}

If the credential exists, something like this should be returned. In this example, the "foo" credential exists.

AVOID TROUBLE

The "Name" key does not contain the actual password. The "Name" key will almost always be "Password".

This Venafi article says the Master Admin permission is needed to return the actual password. 

{
    "Classname": "Password Credential",
    "Description": "Example Description",
    "Expiration": "/Date(1894637754000-0600)/",
    "FriendlyName": "Password",
    "Result": 1000,
    "Values": [
        {
            "Name": "Password"
        }
    ]
}

If the request is being made with a user that has the Master Admin permission, the actual password will be returned.

{
    "Classname": "Password Credential",
    "Description": "Example Description",
    "Expiration": "/Date(1894637754000-0600)/",
    "FriendlyName": "Password",
    "Result": 1000,
    "Values": [
        {
            "Name": "Password",
            "Type": "string",
            "Value": "itsasecret"
        }
    ]
}