5.1
Table Of Contents
- vCloud API Programming Guide
- Contents
- vCloud API Programming Guide
- About the VMware vCloud API
- Hello vCloud: A Simplified RESTful Workflow
- Exploring a Cloud
- Summary of vCloud API Browsing Requests
- Retrieve the Login URL and List of Supported API Versions
- Create a Login Session Using the Integrated Identity Provider
- Retrieve a List of Organizations Accessible to You
- Retrieve an Administrative View of a Cloud
- Retrieve a List of vSphere Platform Operations and Objects for a Cloud
- Provisioning an Organization
- Summary of vCloud API Provisioning Requests
- Upload an OVF Package to Create a vApp Template
- Download a vApp Template as OVF
- Upload a Media Image
- Copying and Moving with the vCloud API
- Capturing and Importing vApps
- Cataloging vApp Templates and Media Images
- Creating and Using Independent Disks
- View or Change the Owner of an Object
- Deploying and Operating vApps
- Summary of vCloud API vApp and Virtual Machine Operations Requests
- Create a vApp From a Template
- Compose a vApp From Existing Virtual Machines
- Recompose a vApp to Add or Remove Virtual Machines
- Provide User Input Requested by a Virtual Machine
- Attach or Detach an Independent Disk
- Creating and Using vApp Snapshots
- Operate a vApp
- Configuring vApps and Virtual Machines
- Retrieve the Configuration Links for a vApp
- Retrieve the Configuration Links for a Virtual Machine
- Update Multiple Sections of a Virtual Machine
- Retrieve or Update a Modifiable Section
- Update a vApp Network Configuration
- Update the NetworkConnectionSection of a Virtual Machine
- Retrieve or Modify the CPU Configuration of a Virtual Machine
- Retrieve or Modify the GuestCustomizationSection of a Virtual Machine
- Retrieve or Modify ProductSection Elements
- Retrieve or Modify Groups of Related Sections in a Virtual Machine
- Retrieve or Modify the Hard Disk Configuration of a Virtual Machine
- Update the Storage Profile for a Virtual Machine
- Creating and Managing Organizations
- Summary of Administrative Requests
- Administrator Credentials and Privileges
- Organization Administration
- vDC Administration
- Network Administration
- Catalog Administration
- User and Group Administration
- Working With Roles and Rights
- Controlling Access to vApps and Catalogs
- Managing and Monitoring a Cloud
- Summary of vSphere Platform Extension Requests
- Retrieve or Update System Settings
- Attach a vCenter Server
- Finding Available vCenter Resources
- Create a Provider vDC
- Create an External Network
- Create a Network Pool
- Import a Virtual Machine from vCenter
- Relocate a Virtual Machine to a Different Datastore
- Truststore and Keytab Maintenance
- Retrieve the vSphere URL of an Object
- Working With Object Metadata
- Using the Query Service
- Configuring and Using Blocking Tasks and Notifications
- vCloud Director Extension Services
- XML Representations in the vCloud API
- Index
Table 3-2. Authorization Header Attributes and Values
Attribute Name Attribute Value
token
The compressed, encoded identity assertion from your
SAML identity provider.
org
The name of your vCloud Director organization.
See “Example: Create a Login Session Using a SAML Identity Provider,” on page 47.
5 Examine the response.
The response code indicates whether the request succeeded, or how it failed.
n
If the authentication header is missing, the server returns HTTP response code 403.
n
If the credentials supplied in the authentication header are invalid, the server returns HTTP response
code 401.
n
If the request is successful, the server returns HTTP response code 200 (OK) and headers that include
an authorization header of the form:
x-vcloud-authorization:
token
This header must be included in each subsequent vCloud API request.
The Session element returned from a successful login contains one or more URLs from which you can
begin browsing.
The list of URLs in the Session object is based on the role and privileges of the authenticated user. A Session
object expires after a configurable interval of client inactivity. To change the length of this client inactivity
timeout, a system administrator can change the value of SessionTimeoutMinutes in the system's
GeneralSettings. See “Retrieve or Update System Settings,” on page 197.
A Session object can be deleted by its owner or an administrator. After your Session expires or is deleted, you
are not authenticated.
Example: Create a Login Session Using a SAML Identity Provider
This example shows a login request and response for a user of a SAML identity provider logging in to the
Finance organization of a cloud whose login URL is https://vcloud.example.com/api/sessions. The user
name is included in the encoded credentials.
Request:
POST https://vcloud.example.com/api/sessions
Authorization: SIGN token="
compressed-encoded-credentials
",org="Finance"
Accept: application/*+xml;version=5.1
Response:
200 OK
x-vcloud-authorization: cn9uYmdugN8E2j96+5Lqrc3YBvFsEgDHXzyfJrJ/6bM=
Content-Type: application/vnd.vmware.vcloud.session+xml
...
<Session
xmlns="http://www.vmware.com/vcloud/v1.5"
user="bob"
org="Finance"
... >
<Link
rel="down"
type="application/vnd.vmware.vcloud.orgList+xml"
href="https://vcloud.example.com/api/org"/>
Chapter 3 Exploring a Cloud
VMware, Inc. 47