Retrieve a SAML Token

The

vCenter Single Sign-On

service provides authentication mechanisms for securing the operations that your client application performs in the virtual environment. Client applications use SAML security tokens for authentication.

Verify that you have the

vCenter Single Sign-On

URL. You can use the Lookup Service on

vCenter Server

to obtain the endpoint URL. For information about retrieving service endpoints, see Retrieving Service Endpoints.

Client applications use the

vCenter Single Sign-On

service to retrieve SAML tokens. For more information about how to acquire a SAML security token, see the

vCenter Single Sign-On Programming Guide

documentation.

Create a connection object to communicate with the

vCenter Single Sign-On

service.

Pass the vCenter Single Sign-On endpoint URL, which you can get from the Lookup Service.

Issue a security token request by sending valid user credentials to the

vCenter Single Sign-On

service on

vCenter Server

The vCenter Single Sign-On service returns a SAML token.

You can present the SAML token to the

vSphere Automation

API endpoint or other endpoints, such as the vSphere Web Services endpoint. The endpoint returns a session ID and establishes a persistent session with that endpoint. Each endpoint that you connect to uses your SAML token to create its own session.

Authentication Mechanisms

Java Example of Retrieving a SAML Token

Python Example of Retrieving a SAML Token

Content feedback and comments

VMware vSphere SDKs and Tools 8.0

Retrieve a SAML Token