REST API - authentication_info

authentication_info

The authentication_info structure describes the authentication information. Authentication information could be specified for a package element, service elenent or an operation element.

Using the authentication scheme information, a client invoking an API call from any service can figure out what kind of credentials are needed for that API call.

Representations:

JSON
XML

{
    "scheme": "string",
    "scheme_type": "SESSIONLESS",
    "session_manager": "string"
}

<?xml version="1.0" ?>
<ns0:AuthenticationInfo xmlns:ns0="http://vmware.com/vapi/metadata/authentication" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <scheme_type>SESSIONLESS</scheme_type>
  <scheme>string</scheme>
  <session_manager>string</session_manager>
</ns0:AuthenticationInfo>

Attributes:

Name Type Required Description

Name	Type	Required	Description
scheme_type *	com.vmware.vapi.metadata.authentication.authentication_info.scheme_type	Yes	The type of the authentication scheme. The `scheme_type` enumerated type provides enumeration values for the set of valid authentication scheme types. Values one of SESSIONLESS: Indicates that the scheme is a session less authentication scheme, the user is authenticated on every operation. There is no explicit session establishment. SESSION_AWARE: Indicates that the scheme is a session aware authentication scheme. It requires an explicit login before executing a operation and logout when a session terminates. A service might choose to have a session aware scheme if it wants to associate some state corresponding to the user until the user logs out or if it wants to mitigate the cost of authenticating the user on every operation.
session_manager	string	No. This field is optional and it is only relevant when the value of `scheme_type` is SESSION_AWARE.	In a session aware authentication scheme, a session manager is required that supports `create`, `delete` and `keepAlive` operations. The fully qualified service name of the session manager is provided in com.vmware.vapi.metadata.authentication.authentication_info.session_manager field. This service is responsible for handling sessions. Required if scheme_type has value SESSION_AWARE.
scheme *	string	Yes	String identifier of the authentication scheme. Following are the supported authentication schemes by the infrastructure: The identifier `com.vmware.vapi.std.security.saml_hok_token` for SAML holder of key token based authentication mechanism. The identifier `com.vmware.vapi.std.security.bearer_token` for SAML bearer token based authentication mechanism. The identifier `com.vmware.vapi.std.security.session_id` for session based authentication mechanism. The identifier `com.vmware.vapi.std.security.user_pass` for username and password based authentication mechanism.

scheme_type

com.vmware.vapi.metadata.authentication.authentication_info.scheme_type

Yes

The type of the authentication scheme.
The scheme_type enumerated type provides enumeration values for the set of valid authentication scheme types.
Values one of
SESSIONLESS: Indicates that the scheme is a session less authentication scheme, the user is authenticated on every operation. There is no explicit session establishment.
SESSION_AWARE: Indicates that the scheme is a session aware authentication scheme. It requires an explicit login before executing a operation and logout when a session terminates. A service might choose to have a session aware scheme if it wants to associate some state corresponding to the user until the user logs out or if it wants to mitigate the cost of authenticating the user on every operation.

session_manager string No. This field is optional and it is only relevant when the value of scheme_type is SESSION_AWARE. In a session aware authentication scheme, a session manager is required that supports create, delete and keepAlive operations. The fully qualified service name of the session manager is provided in com.vmware.vapi.metadata.authentication.authentication_info.session_manager field. This service is responsible for handling sessions. Required if scheme_type has value SESSION_AWARE.

scheme

string

Yes

String identifier of the authentication scheme.

Following are the supported authentication schemes by the infrastructure:

The identifier com.vmware.vapi.std.security.saml_hok_token for SAML holder of key token based authentication mechanism.
The identifier com.vmware.vapi.std.security.bearer_token for SAML bearer token based authentication mechanism.
The identifier com.vmware.vapi.std.security.session_id for session based authentication mechanism.
The identifier com.vmware.vapi.std.security.user_pass for username and password based authentication mechanism.