NSX-T Data Center REST API

Associated URIs:

API Description	API Path
Return the list of OpenID Connect end-points.	GET /api/v1/trust-management/oidc-uris
Update a OpenID Connect end-point's thumbprint Update a OpenID Connect end-point's thumbprint used to connect to the oidc_uri through SSL	POST /api/v1/trust-management/oidc-uris?action=update_thumbprint
Add an OpenID Connect end-point. This request also fetches the issuer and jwks_uri meta-data from the OIDC end-point and stores it.	POST /api/v1/trust-management/oidc-uris
Get an OpenID Connect end-point. When ?refresh=true is added to the request, the meta-data is newly fetched from the OIDC end-point.	GET /api/v1/trust-management/oidc-uris/{id}
Refresh an OpenID Connect end-point Refresh an OpenID Connect end-point by re-reading data from the OIDC URI.	POST /api/v1/trust-management/oidc-uris/{id}?action=refresh
Update an OpenID Connect end-point. Update the properties of an OpenID Connect end-point. The oidc_uri property may not be changed. If you need to update the oidc_uri, you should delete the OIDC end-point and create a new one with the correct oidc_uri. This request also re-fetches the issuer, jwks_uri, and other meta-data from the OIDC end-point and stores it.	PUT /api/v1/trust-management/oidc-uris/{id}
Check the health of an OpenID Connect end-point Connect to the OpenID Connect end-point and verify that it appears to be functioning properly.	GET /api/v1/trust-management/oidc-uris/{id}/health
Configure NSX for OIDC authentication with VC/WS1B Configures NSX to use VC/WS1B for OIDC authentication. Using the provided JWT token, NSX will create an OAuth app on VC/WS1B, creating a client ID and client secret. NSX will subsequently use that client ID/secret to authenticate user, and will support single sign-on across VMware products.	POST /api/v1/trust-management/oidc-uris/action/configure-ws1b-oidc-endpoint
Unconfigure NSX for OIDC authentication with VC/WS1B Removes the OAuth app on VC/W1B and deletes the associated OIDC endpoint from NSX.	POST /api/v1/trust-management/oidc-uris/action/remove-ws1b-oidc-endpoint
Return the list of principal identities Returns the list of principals registered with a certificate.	GET /api/v1/trust-management/principal-identities
Register a name-certificate combination. Associates a principal's name with a certificate that is used to authenticate. The combination name and node_id needs to be unique across token-based and certificate-based principal identities.	POST /api/v1/trust-management/principal-identities (Deprecated)
Update a principal identity's certificate Update a principal identity's certificate	POST /api/v1/trust-management/principal-identities?action=update_certificate
Delete a principal identity Delete a principal identity. It does not delete the certificate.	DELETE /api/v1/trust-management/principal-identities/{principal-identity-id}
Get a principal identity Get a stored principal identity	GET /api/v1/trust-management/principal-identities/{principal-identity-id}
Register a name-certificate combination. Create a principal identity with a new, unused, certificate. The combination name and node_id needs to be unique across token-based and certificate-based principal identities.	POST /api/v1/trust-management/principal-identities/with-certificate
Return the list of token-based principal identities. \| These don't have certificate or role information.	GET /api/v1/trust-management/token-principal-identities
Register a token-based principal identity. Register a principal identity that is going to be authenticated through a token. The combination name and node_id needs to be unique across token-based and certificate-based principal identities.	POST /api/v1/trust-management/token-principal-identities
Delete a token-based principal identity Delete a token-based principal identity.	DELETE /api/v1/trust-management/token-principal-identities/{principal-identity-id}
Get a token-based principal identity Get a stored token-based principal identity	GET /api/v1/trust-management/token-principal-identities/{principal-identity-id}