Vcenter Identity Providers Summary
The Vcenter Identity Providers Summary schema contains commonly used information about an identity provider.
This schema was added in vSphere API 7.0.0.0.
{
"provider": "string",
"name": "string",
"config_tag": "string",
"oauth2": {
"auth_endpoint": "string",
"token_endpoint": "string",
"client_id": "string",
"authentication_header": "string",
"auth_query_params": {
"auth_query_params": [
"string"
]
}
},
"oidc": {
"discovery_endpoint": "string",
"logout_endpoint": "string",
"auth_endpoint": "string",
"token_endpoint": "string",
"client_id": "string",
"authentication_header": "string",
"auth_query_params": {
"auth_query_params": [
"string"
]
}
},
"is_default": false,
"domain_names": [
"string"
],
"auth_query_params": {
"auth_query_params": [
"string"
]
},
"federation_type": "string"
}
The identifier of the provider
This property was added in vSphere API 7.0.0.0.
When clients pass a value of this schema as a parameter, the property must be an identifier for the resource type: com.vmware.vcenter.identity.Providers
. When operations return a value of this schema as a response, the property will be an identifier for the resource type: com.vmware.vcenter.identity.Providers
.
The user friendly name for the provider
This property was added in vSphere API 7.0.0.0.
This property is optional because it was added in a newer version than its parent node.
The config type of the identity provider
For more information see: Vcenter Identity Providers ConfigType.
This property was added in vSphere API 7.0.0.0.
OAuth2 Summary
This property was added in vSphere API 7.0.0.0.
This property is optional and it is only relevant when the value of config_tag is Vcenter Identity Providers ConfigType.oauth2.
OIDC Summary
This property was added in vSphere API 7.0.0.0.
This property is optional and it is only relevant when the value of config_tag is Vcenter Identity Providers ConfigType.oidc.
Specifies whether the provider is the default provider.
This property was added in vSphere API 7.0.0.0.
Set of fully qualified domain names to trust when federating with this identity provider. Tokens from this identity provider will only be validated if the user belongs to one of these domains, and any domain-qualified groups in the tokens will be filtered to include only those groups that belong to one of these domains. If domainNames is an empty set, domain validation behavior at login with this identity provider will be as follows: the user's domain will be parsed from the User Principal Name (UPN) value that is found in the tokens returned by the identity provider. This domain will then be implicitly trusted and used to filter any groups that are also provided in the tokens.
This property was added in vSphere API 7.0.0.0.
This property is optional because it was added in a newer version than its parent node.
key/value pairs that are to be appended to the authEndpoint request.
How to append to authEndpoint request: If the map is not empty, a "?" is added to the endpoint URL, and combination of each k and each string in the v is added with an "&" delimiter. Details:
- If the value contains only one string, then the key is added with "k=v".
- If the value is an empty list, then the key is added without a "=v".
- If the value contains multiple strings, then the key is repeated in the query-string for each string in the value.
This property was added in vSphere API 7.0.0.0.
This property is optional because it was added in a newer version than its parent node.
The type of the identity provider
For more information see: Vcenter Identity FederationType.
This property was added in vSphere API 8.0.1.0.
If no federation type value set earlier.