Vcenter Authorization PrivilegeChecks list
Queries the privilege checks matching given criteria.
This operation was added in vSphere API 8.0.0.0.
Returns an authorization error if you do not have all of the privileges described as follows:
- Operation execution requires
Sessions.CollectPrivilegeChecks.
Contains optional settings for pagination of the result.
if unset, the oldest privilege checks recorded are returned, paged by the default page size.
The default page size can be changed from config.vpxd.privilegeChecks.pageSize advanced option.
Request body for invoking operation: list
{
"filter": "Vcenter Authorization PrivilegeChecks FilterSpec Object"
}The Vcenter Authorization PrivilegeChecks FilterSpec schema contains properties based on which privilege checks can be filtered. Any privilege check matching at least one of the conditions is returned.
This schema was added in vSphere API 8.0.0.0.
Detailed information about the privileges collected so far.
"Vcenter Authorization PrivilegeChecks ListResult Object"Privilege checks that match the specifiedVcenter Authorization PrivilegeChecks FilterSpec and Vcenter Authorization PrivilegeChecks IterationSpec in chronological order as they were performed. Each check is recorded only the first time it is made. If more than one privilege check matches a given Vcenter Authorization PrivilegeChecks FilterSpec (for example, two different opIDs checked System.Read for the same object and the same principal, a FilterSpec which specifies only the principal will only contain the first check).
This property was added in vSphere API 8.0.0.0.
An opaque marker indicating the last returned privilege check. If there are more privilege checks collected than were returned, the next ones can be retrieved directly by passing this value to another call to com.vmware.vcenter.authorization.PrivilegeChecks.list.
This property was added in vSphere API 8.0.0.0.
In case Vcenter Authorization PrivilegeChecks IterationSpec.marker was specified and valid, but the privilege check indicated by it is no longer stored, ListResult.truncated is set to True to indicate that some privilege checks are potentially missing.
The number of privilege checks stored is determined by the value of config.vpxd.privilegeChecks.bufferSize advanced option.
This property was added in vSphere API 8.0.0.0.
if filter or iteration spec contain invalid values.
"Vapi Std Errors InvalidArgument Object"if the user can not be authenticated.
"Vapi Std Errors Unauthenticated Object"Indicates the authentication challenges applicable to the target API provider. It can be used by a client to discover the correct authentication scheme to use. The exact syntax of the value is defined by the specific provider, the protocol and authentication schemes used.
For example, a provider using REST may adhere to the WWW-Authenticate HTTP header specification, RFC7235, section 4.1. In this case an example challenge value may be: SIGN realm="27da1358-2ba4-11e9-b210-d663bd873d93",sts="http://vcenter/sso?vsphere.local", Basic realm="vCenter"
This property was added in vSphere API 7.0.0.0.
This property is optional because it was added in a newer version than its parent node.
if the iteration spec contains a marker that could not be found.
"Vapi Std Errors NotFound Object"if there is a generic error.
"Vapi Std Errors Error Object"Stack of one or more localizable messages for human error consumers.
The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.
Each subsequent message in the stack describes the "cause" of the prior message.
Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.
Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.
The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.
Some operations will not set this property when reporting errors.
Discriminator field to help API consumers identify the structure type.
For more information see: Vapi Std Errors Error Type.
This property was added in vSphere API 6.7.2.
Can be missing or null for compatibility with preceding implementations.
curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{}' https://{api_host}/api/vcenter/authorization/privilege-checks?action=list