Cis Session create

Cis Session create

Creates a session with the API. This is the equivalent of login. This operation exchanges user credentials supplied in the security context for a session token that is to be used for authenticating subsequent calls.

To authenticate subsequent calls clients are expected to include the session token. For REST API calls the HTTP vmware-api-session-id header field should be used for this.

Request
URI
POST
https://{api_host}/api/session
COPY
Authentication
This operation uses the following authentication methods.
Responses
201

Newly created session token to be used for authenticating further requests.

Returns string of type(s) application/json
Operation doesn't return any data structure

401

if the session creation fails due to request specific issues. Due to the security nature of the API the details of the error are not disclosed.

Please check the following preconditions if using a SAML token to authenticate:

  • the supplied token is delegate-able.
  • the time of client and server system are synchronized.
  • the token supplied is valid.
  • if bearer tokens are used check that system configuration allows the API endpoint to accept such tokens.
Returns Vapi Std Errors Unauthenticated of type(s) application/json
This response body class contains all of the following: InlineVapi Std Errors Unauthenticated0
{
    "messages": [
        {
            "id": "string",
            "default_message": "string",
            "args": [
                "string"
            ],
            "params": {
                "params": {
                    "s": "string",
                    "dt": "string",
                    "i": 0,
                    "d": "number",
                    "l": "Vapi Std NestedLocalizableMessage Object",
                    "format": "string",
                    "precision": 0
                }
            },
            "localized": "string"
        }
    ],
    "data": {},
    "error_type": "string",
    "challenge": "string"
}
string
challenge
Optional

Indicates the authentication challenges applicable to the target API provider. It can be used by a client to discover the correct authentication scheme to use. The exact syntax of the value is defined by the specific provider, the protocol and authentication schemes used.

For example, a provider using REST may adhere to the WWW-Authenticate HTTP header specification, RFC7235, section 4.1. In this case an example challenge value may be: SIGN realm="27da1358-2ba4-11e9-b210-d663bd873d93",sts="http://vcenter/sso?vsphere.local", Basic realm="vCenter"

This property was added in vSphere API 7.0.0.0.

This property is optional because it was added in a newer version than its parent node.


503

if session creation fails due to server specific issues, for example connection to a back end component is failing. Due to the security nature of this API further details will not be disclosed in the error. Please refer to component health information, administrative logs and product specific documentation for possible causes.

Returns Vapi Std Errors ServiceUnavailable of type(s) application/json
This response body class contains all of the following: InlineVapi Std Errors ServiceUnavailable0
"Vapi Std Errors ServiceUnavailable Object"

Code Samples
COPY
                    curl -X POST -H 'Authorization: <value>' https://{api_host}/api/session