Session Manager Login By Token
Log on to the server through token representing principal identity.
The token is obtained from SSO (single sign-on) service. This method fails if the token is not valid, or the principal has no permissions granted. Two type of sso tokens are supported by this method: Bearer and Holder-of-Key (HoK). If the token type obliges the method caller to prove his rights to present this token (HoK), then a signature is supplied as well. The token and the security signature if available are provided in a transport specific way.
If the communication with the VirtualCenter is SOAP based read the WS-Security specification (SAML Token profile) to understand how to transport the SSO token and signature.
Usual login scenario:
- Acquire HoK token from the SSO service. Different authentication mechanisms are available for acquiring token (user/password, certificate, SSPI and so on). For more details consult the SSO documentation. To find the location of your SSO service consult the Virtual Infrastructure documentation.
- Once SSO token is acquired successfully LoginByToken could be invoked.
Required privileges: System.Anonymous
The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId
, in this case SessionManager/{moId}
.
The vSphere release schema. The current specification covers vSphere 8.0.2.0 APIs.
{
"locale": "string"
}
A two-character ISO-639 language ID (like "en") optionally followed by an underscore and a two-character ISO 3166 country ID (like "US").
Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW". Note: The method uses the server default locale when a locale is not provided. This default can be configured in the server configuration file. If unspecified, it defaults to the locale of the server environment or English ("en") if unsupported.
The UserSession object.
{
"_typeName": "string",
"key": "string",
"userName": "string",
"fullName": "string",
"loginTime": "string",
"lastActiveTime": "string",
"locale": "string",
"messageLocale": "string",
"extensionSession": false,
"ipAddress": "string",
"userAgent": "string",
"callCount": 0
}
A unique identifier for this session, also known as the session ID.
The user name represented by this session.
The full name of the user, if available.
Timestamp when the user last logged on to the server.
Timestamp when the user last executed a command.
The locale for the session used for data formatting and preferred for messages.
The locale used for messages for the session.
If there are no localized messages for the user-specified locale, then the server determines this locale.
Whether or not this session belongs to a VC Extension.
The client identity.
It could be IP address, or pipe name depended on client binding
The name of user agent or application
Number of API invocations since the session started
InvalidLogin: if there is no token provided or the token could not be validated.
NoPermission: if the principal is valid, but has no access granted.
InvalidLocale: if the locale is invalid or unknown to the server.
{
"_typeName": "string",
"faultCause": "MethodFault Object",
"faultMessage": [
{
"_typeName": "string",
"key": "string",
"arg": [
{
"_typeName": "string",
"key": "string",
"value": {
"_typeName": "string"
}
}
],
"message": "string"
}
]
}