VMware Aria Operations
API REST Requests
VMware Aria Operations
API REST RequestsTo retrieve object
representations, clients make HTTP requests to object references.
Security
The HTTP link between an API client and server is
established using SSL. API clients configure token-based authentication to
communicate with the server.
Scenario: Provide user
credentials to obtain details about alert with ID 123

With token-based
authentication, you POST a login request to the
VMware Aria Operations
API server,
supplying valid user credentials to obtain an authentication token. The following
example presents a token-based authentication scenario.- You obtain valid user credentials for yourVMware Aria Operationsinstance. This is applicable for non-SSO authenticaton.
- POST a request to the REST endpoint for authentication.https://RESTendpoint.example.com/suite-api/api/auth/token/acquireThe request body includes the user name, password, and authentication source.
- In the response body, the endpoint returns the token, expiry date, and time.
- For further communication, you include the token object in the Authorization header with the format :Authorization: OpsToken <vROps_token>The old format,
continues to be supported inAuthorization: vRealizeOpsToken <vROps_token>VMware Aria Operations.If you acquired the token externally from an SSO source (without using/suite-api/api/auth/token/acquire API), the Authorization header is of the format:Authorization: SSO2Token <SSO_SAML_TOKEN> - You can invalidate the token before the expiration date and time by sending a POST request to the logout endpoint.POST https://RESTendpoint.example.com/suite-api/api/auth/token/release
Request
Headers
The following HTTP headers are
typically included in API requests:
Accept-Language | To specify the
language desired in responses, use the
Accept-Language request header. Message strings
in
ErrorType responses are
localized. To request a response with message strings localized to French, use
the following header:
|
Authorization
| All requests to create an API session must
include an
Authorization header of the form prescribed by
the identity provider that your organization uses |
Content-Type
| Requests that include a body must include an
appropriate HTTP
Content-Type header.
|
Accept | To specify the desired response
format , include the
Accept request header.
|
Request Bodies in
XML
For a request body written in XML,
VMware Aria Operations
uses a
validating XML parser that requires elements in a request body to agree with the
schema in order and number. Request bodies are rejected as invalid unless they meet
the following criteria: - XML namespace attributes must be supplied for all namespaces represented by elements in the request.
- If multiple namespaces are represented in the request, XML namespace attributes must include an identifying prefix, and that prefix must be used with all elements from that namespace.
- All required elements must appear in request bodies. All elements that appear in request bodies must appear in the order that the schema establishes, and with content that conforms to the type constraint that the schema specifies.