Vcenter Namespaces Access set

Vcenter Namespaces Access set

Set new access control on the namespace for the subject on given domain.

This operation was added in vSphere API 7.0.0.0.

Returns an authorization error if you do not have all of the privileges described as follows:

  • The resource com.vmware.vcenter.namespaces.Instance referenced by the parameter namespace requires Namespaces.Configure.
Request
URI
PUT
https://{api_host}/api/vcenter/namespaces/instances/{namespace}/access/{domain}/{subject}
COPY
Path Parameters
string
namespace
Required

Identifier for the namespace.

The parameter must be an identifier for the resource type: com.vmware.vcenter.namespaces.Instance.

string
domain
Required

The domain of the subject.

string
subject
Required

The principal for this operation.

Query Parameters
string
type
Required

The type of subject (USER or GROUP).

For more information see: Vcenter Namespaces Access SubjectType.

Request Body

Information about the new access control to be assigned.

Vcenter Namespaces Access SetSpec of type(s) application/json
Required

Show optional properties

{
    "role": "string"
}
{
    "role": "string",
    "identity_provider": "string"
}
string
role
Required

Role to be assigned.

For more information see: Vcenter Namespaces Access Role.

This property was added in vSphere API 7.0.0.0.

string
identity_provider
Optional

UUID of an external identity provider for the user, if any. Use this field if the user is coming from an external identity provider configured via the Vcenter NamespaceManagement Supervisors Identity Providers service.

This property was added in vSphere API 8.0.0.1.

If unset, vCenter Single Sign-On will be used as the identity provider.

When clients pass a value of this schema as a parameter, the property must be an identifier for the resource type: com.vmware.vcenter.namespace_management.identity.Provider. When operations return a value of this schema as a response, the property will be an identifier for the resource type: com.vmware.vcenter.namespace_management.identity.Provider.

Authentication
This operation uses the following authentication methods.
Responses
204

Success!

Operation doesn't return any data structure

400

Vapi Std Errors NotAllowedInCurrentState if the namespace is marked for deletion or the associated cluster is being disabled.

Vapi Std Errors Unsupported if the specified principal on given domain is not associated with the namespace, or when changing to OWNER permission for a user or group coming from an external identity provider.

Vapi Std Errors InvalidArgument if spec contains any errors or if an invalid type is specified.

Returns Vapi Std Errors Error of type(s) application/json 
"Vapi Std Errors Error Object"
array of object
messages
Required

Stack of one or more localizable messages for human error consumers.

The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.

Each subsequent message in the stack describes the "cause" of the prior message.

object
data
Optional

Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.

Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.

The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.

Some operations will not set this property when reporting errors.

string
error_type
Required

Discriminator field to help API consumers identify the structure type.

For more information see: Vapi Std Errors Error Type.

This property was added in vSphere API 6.7.2.

Can be missing or null for compatibility with preceding implementations.


401

if the user can not be authenticated.

Returns Vapi Std Errors Unauthenticated of type(s) application/json
This response body class contains all of the following: InlineVapi Std Errors Unauthenticated0 
"Vapi Std Errors Unauthenticated Object"
string
challenge
Optional

Indicates the authentication challenges applicable to the target API provider. It can be used by a client to discover the correct authentication scheme to use. The exact syntax of the value is defined by the specific provider, the protocol and authentication schemes used.

For example, a provider using REST may adhere to the WWW-Authenticate HTTP header specification, RFC7235, section 4.1. In this case an example challenge value may be: SIGN realm="27da1358-2ba4-11e9-b210-d663bd873d93",sts="http://vcenter/sso?vsphere.local", Basic realm="vCenter"

This property was added in vSphere API 7.0.0.0.

This property is optional because it was added in a newer version than its parent node.


403

if the user does not have Namespaces.Configure privilege or the namespace identifier begins with "vmware-system" prefix.

Returns Vapi Std Errors Unauthorized of type(s) application/json
This response body class contains all of the following: InlineVapi Std Errors Unauthorized0 
"Vapi Std Errors Unauthorized Object"

404

if namespace cannot be located.

Returns Vapi Std Errors NotFound of type(s) application/json
This response body class contains all of the following: InlineVapi Std Errors NotFound0 
"Vapi Std Errors NotFound Object"

500

if the system reports an error while responding to the request.

Returns Vapi Std Errors Error of type(s) application/json 
"Vapi Std Errors Error Object"
array of object
messages
Required

Stack of one or more localizable messages for human error consumers.

The message at the top of the stack (first in the list) describes the error from the perspective of the operation the client invoked.

Each subsequent message in the stack describes the "cause" of the prior message.

object
data
Optional

Data to facilitate clients responding to the operation reporting a standard error to indicating that it was unable to complete successfully.

Operations may provide data that clients can use when responding to errors. Since the data that clients need may be specific to the context of the operation reporting the error, different operations that report the same error may provide different data in the error. The documentation for each each operation will describe what, if any, data it provides for each error it reports.

The Vapi Std Errors ArgumentLocations, Vapi Std Errors FileLocations, and Vapi Std Errors TransientIndication schemas are intended as possible values for this property. Vapi Std DynamicID may also be useful as a value for this property (although that is not its primary purpose). Some resources may provide their own specific schemas for use as the value of this property when reporting errors from their operations.

Some operations will not set this property when reporting errors.

string
error_type
Required

Discriminator field to help API consumers identify the structure type.

For more information see: Vapi Std Errors Error Type.

This property was added in vSphere API 6.7.2.

Can be missing or null for compatibility with preceding implementations.


Code Samples
COPY
                    curl -X PUT -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '{"role:"string"}' https://{api_host}/api/vcenter/namespaces/instances/{namespace}/access/{domain}/{subject}
On This Page
Vcenter Namespaces Operations
GET
Vcenter Namespaces Access get
PUT
Vcenter Namespaces Access set
POST
Vcenter Namespaces Access create
DELETE
Vcenter Namespaces Access delete