Session Manager Login Extension By Certificate

Session Manager Login Extension By Certificate

Deprecated as of vSphere API 6.0, use SSO style of login instead LoginByToken.

Creates a special privileged session that includes the Sessions.ImpersonateUser privilege.

Requires that the client connect over SSL and provide an X.509 certificate for which they hold the private key. The certificate must match the certificate used in an earlier call to SetExtensionCertificate.

NOTE: Verification of the received certificate (such as expiry, revocation, and trust chain) is not required for successful authentication using this method. If certificate verification is desired, use the LoginExtensionBySubjectName method instead.

Required privileges: System.Anonymous

Request
URI
POST
https://{vcenter-host}/sdk/vim25/{release}/SessionManager/{moId}/LoginExtensionByCertificate
COPY
Path Parameters
string
moId
Required

The unique identifier for the managed object to which the method attaches; the serialized managed object reference for a request has the form moType/moId, in this case SessionManager/{moId}.

string
release
Required

The vSphere release schema. The current specification covers vSphere 8.0.2.0 APIs.

Request Body
LoginExtensionByCertificateRequestType of type(s) application/json
Required 
{
    "extensionKey": "string",
    "locale": "string"
}
string
extensionKey
Required

Key of extension that is logging in.

string
locale
Optional

A two-character ISO-639 language ID (like "en") optionally followed by an underscore and a two-character ISO 3166 country ID (like "US").

Examples are "de", "fr_CA", "zh", "zh_CN", and "zh_TW". Note: The method uses the server default locale when a locale is not provided. This default can be configured in the server configuration file. If unspecified, it defaults to the locale of the server environment or English ("en") if unsupported.

Authentication
This operation uses the following authentication methods.
Responses
200

OK

Returns UserSession of type(s) application/json
This response body class contains all of the following: DataObject 
{
    "_typeName": "string",
    "key": "string",
    "userName": "string",
    "fullName": "string",
    "loginTime": "string",
    "lastActiveTime": "string",
    "locale": "string",
    "messageLocale": "string",
    "extensionSession": false,
    "ipAddress": "string",
    "userAgent": "string",
    "callCount": 0
}
string
key
Required

A unique identifier for this session, also known as the session ID.

string
userName
Required

The user name represented by this session.

string
fullName
Required

The full name of the user, if available.

string As date-time As date-time
loginTime
Required

Timestamp when the user last logged on to the server.

string As date-time As date-time
lastActiveTime
Required

Timestamp when the user last executed a command.

string
locale
Required

The locale for the session used for data formatting and preferred for messages.

string
messageLocale
Required

The locale used for messages for the session.

If there are no localized messages for the user-specified locale, then the server determines this locale.

boolean
extensionSession
Required

Whether or not this session belongs to a VC Extension.

string
ipAddress
Required

The client identity.

It could be IP address, or pipe name depended on client binding

string
userAgent
Required

The name of user agent or application

integer As int64 As int64
callCount
Required

Number of API invocations since the session started


500

InvalidLogin: if the extension is not registered, or the certificate does not match the expected value.

InvalidLocale: if the supplied locale is not valid

NoClientCertificate: if no certificate was used by the client to connect

Returns VimFault of type(s) application/json
This response body class contains all of the following: MethodFault 
{
    "_typeName": "string",
    "faultCause": "MethodFault Object",
    "faultMessage": [
        {
            "_typeName": "string",
            "key": "string",
            "arg": [
                {
                    "_typeName": "string",
                    "key": "string",
                    "value": {
                        "_typeName": "string"
                    }
                }
            ],
            "message": "string"
        }
    ]
}

On This Page
Session Manager Operations
POST
Session Manager Acquire Clone Ticket
POST
Session Manager Acquire Generic Service Ticket
POST
Session Manager Acquire Local Ticket
POST
Session Manager Clone Session
GET
Session Manager Get Current Session
GET
Session Manager Get Default Locale
GET
Session Manager Get Message
GET
Session Manager Get Message Locale List
GET
Session Manager Get Session List
GET
Session Manager Get Supported Locale List
POST
Session Manager Impersonate User
POST
Session Manager Login
POST
Session Manager Login By SSPI
POST
Session Manager Login By Token
POST
Session Manager Login Extension
POST
Session Manager Login Extension By Certificate
POST
Session Manager Login Extension By Subject Name
POST
Session Manager Logout
POST
Session Manager Session Is Active
POST
Session Manager Set Locale
POST
Session Manager Terminate Session
POST
Session Manager Update Service Message