SAML Token Authentication for a JSON Client

To authenticate by SAML token, you must use SOAP message protocol rather than the JSON protocol. After authentication, you can send authenticated requests over the JSON protocol.

SAML token authentication using the SOAP protocol is described in the

vCenter Single Sign-On Programming Guide

. Use the Single-Sign-On server to exchange the principal's credentials for a SAML token, then invoke the

LoginByToken

method of the

SessionManager

to exchange the SAML token for a session ID token.

The

SessionManager

returns the session ID token in a cookie header. Use the value of the cookie as the value of

vmware-api-session-id

in request message headers, as described in Authenticating a JSON Client with the Session Manager.

Authenticating a JSON Client with the Session Manager

Content feedback and comments

VMware vSphere SDKs and Tools 8.0

SAML Token Authentication for a JSON Client