Session Manager Acquire Local Ticket

Acquires a one-time ticket for mutual authentication between a server and client.

The caller of this operation can use the user name and file content of the returned object as the userName and password arguments for login operation. The local ticket that is returned becomes invalid either after it is used or after a server-determined ticket expiration time passes. This operation can be used by servers and clients to avoid re-entering user credentials after authentication by the operating system has already happened.

For example, service console utilities that connect to a host agent should not require users to re-enter their passwords every time the utilities run. Since the one-time password file is readable only by the given user, the identity of the one-time password user is protected by the operating system file permission.

Only local clients are allowed to call this operation. Remote clients receive an InvalidRequest fault upon calling this operation.

Required privileges: System.Anonymous

Request

URI

POST

https://{vcenter-host}/sdk/vim25/{release}/SessionManager/{moId}/AcquireLocalTicket

COPY

Path Parameters

string

moId

Required

The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId, in this case SessionManager/{moId}.

string

release

Required

The vSphere release schema. The current specification covers vSphere 8.0.2.0 APIs.

Request Body

AcquireLocalTicketRequestType of type(s) application/json

Required

{
    "userName": "string"
}

string

userName

Required

User requesting one-time password.

Authentication

This operation uses the following authentication methods.

Session

Responses

200

LocalTicket object containing userName and path to file containing one-time password for use in login operation.

Returns SessionManagerLocalTicket of type(s) application/json

This response body class contains all of the following: DataObject

{
    "_typeName": "string",
    "userName": "string",
    "passwordFilePath": "string"
}

string

userName

Required

User name to be used for logon.

string

passwordFilePath

Required

Absolute local path to the file containing a one-time password.

500

InvalidLogin: if the userName is invalid.

NoPermission: if the user and password are valid, but the user has no access granted.

NotSupported: if the server does not support this operation.

Returns InvalidLogin of type(s) application/json

This response body class contains all of the following: VimFault

{
    "_typeName": "string",
    "faultCause": "MethodFault Object",
    "faultMessage": [
        {
            "_typeName": "string",
            "key": "string",
            "arg": [
                {
                    "_typeName": "string",
                    "key": "string",
                    "value": {
                        "_typeName": "string"
                    }
                }
            ],
            "message": "string"
        }
    ]
}

On This Page

Description

Request

Path Parameters

Request Body

Authentication

Response

200 Response Body

Errors

Session Manager Operations