Hi everyone.
I'm trying to connect to vco-controlcenter by REST API.
We use vCO 7.3.0.5481809 <api-version>5.5.2</api-version>.
2 vCO nodes configured in cluster.
Authentication provider is set to vRA.
I'm able to connect and use API call's to https://vRO:8281/vco/api using Basic auth,but not to https://vRO:8283/vco-controlcenter/api. Tried to use Beared token from https://vRA/identity/api/tokens but still no luck.
If i open https://vRO:8283/vco-controlcenter/docs/ in browser and enter credentials - all works ok.
But when i try to use curl or postman or poweshell - it redirect any call to authentication page.
Any ideas how to fix this?
Hi,
For Control Center API, I think you should use the root user and the corresponding root password you provided during the deployment. Try something like the following
curl -ikv -u root:YOURROOTPASS https://vRO:8283/vco-controlcenter/api/server/about
It doesn't work like that.
And https://vRO:8283/vco-controlcenter/api/server/about doesn't require authentication.
Try https://vRA:8283/vco-controlcenter/api/cluster/status instead.
And now fun part starts.
It perfectly works in Postman.
But doesn't work in Powershell.
$System = @(Hostname = "vRA hostname";UserName ="username"; Password= "password")
$domain = "domain"
$client_id = "id" //id taken from (grep -i cafe_cli= /etc/vcac/solution-users.properties | sed -e 's/cafe_cli=//') command on vRA appliance.
$URI = "https://$($System.Hostname)/SAAS/t/DPC/auth/oauthtoken?grant_type=password"
$Body = @{"username"=$System.UserName;"password"=$System.Password;"client_id"=$client_id;"domain"=$domain}
$Token = "Bearer " + (Invoke-RestMethod $URI -Method POST -Body $Body -ContentType "application/x-www-form-urlencoded").access_token
This allows me to get a proper bearer token... this part is ok...
But later on when I try to use it in vRO it redirects me to auth page in the output:
$vRO= "vRO hostname"
$Headers = @{"Content-Type"="application/json";"Authorization"=$Token}
$URI = "https://$vRO:8283/vco-controlcenter/api/cluster/status?validationDetails=true"
Invoke-webrequest -Method GET -Headers $Headers -Uri $URI
So i receive :
StatusCode : 200
StatusDescription :
Content : <!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta conten...
RawContent : HTTP/1.1 200
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN,SAMEORIGIN
Pragma: no-cache,public
Cache-Control: no-cache, no-store,must-rev...
Forms : {userStoreForm}
Headers : {[Strict-Transport-Security, max-age=31536000], [X-XSS-Protection, 1; mode=block],
[X-Frame-Options, SAMEORIGIN,SAMEORIGIN], [Pragma, no-cache,public]...}
Images : {@{innerHTML=; innerText=; outerHTML=<img class="login-logo-vmware hide" alt="" src="">;
outerText=; tagName=IMG; class="login-logo-vmware" hide; alt=; src=}, @{innerHTML=; innerText=;
outerHTML=<img width="65" height="10" src="/SAAS/horizon/images/vmware_logo.svg">; outerText=;
tagName=IMG; width=65; height=10; src=/SAAS/horizon/images/vmware_logo.svg}}
InputFields : {@{innerHTML=; innerText=; outerHTML=<input name="isJavascriptEnabled" id="isJavascriptEnabled"
type="hidden">; outerText=; tagName=INPUT; name=isJavascriptEnabled; id=isJavascriptEnabled;
type=hidden}, @{innerHTML=; innerText=; outerHTML=<input name="areCookiesEnabled"
id="areCookiesEnabled" type="hidden">; outerText=; tagName=INPUT; name=areCookiesEnabled;
id=areCookiesEnabled; type=hidden}, @{innerHTML=; innerText=; outerHTML=<input name="dest"
type="hidden" value="https://-------.sepdpc.local/SAAS/auth/oauth2/authorize?response_type=c
ode&client_id=vco-vzSu2SeW9w&state=eyJzZXNzaW9uIjoiQUYxODgyMDQ0RkQ0OEU5QUM0ODJCM0Y4QTY1Qjk0
MTMiLCAicGF0aCI6Ii92Y28tY29udHJvbGNlbnRlci9hcGkvY2x1c3Rlci9zdGF0dXMiLCJ0ZW5hbnQiOiJEUEMifQ&redi
rect_uri=https://-------:8283/vco-controlcenter/redispatcher/">; outerText=; tagName=INPUT;
name=dest; type=hidden; value=https://-------/SAAS/auth/oauth2/authorize?respon
se_type=code&client_id=vco-vzSu2SeW9w&state=eyJzZXNzaW9uIjoiQUYxODgyMDQ0RkQ0OEU5QUM0ODJCM0Y
4QTY1Qjk0MTMiLCAicGF0aCI6Ii92Y28tY29udHJvbGNlbnRlci9hcGkvY2x1c3Rlci9zdGF0dXMiLCJ0ZW5hbnQiOiJEUEMifQ
&redirect_uri=https://-----:8283/vco-controlcenter/redispatcher/}, @{innerHTML=;
innerText=; outerHTML=<input name="useragent" type="hidden" value="">; outerText=; tagName=INPUT;
name=useragent; type=hidden; value=}...}
Links : {@{innerHTML=Close; innerText=Close; outerHTML=<a class="float-r silver-button button
message-box-close _hidden" href="#close">Close</a>; outerText=Close; tagName=A; class="float-r"
silver-button button message-box-close _hidden; href=#close}}
ParsedHtml : mshtml.HTMLDocumentClass
RawContentLength : 10025
Use of vco-vzSu2SeW9w as client_id in token request doesnt't work because this is id from vRO.
Any ideas why it perfrectly works in Postman but cannot work in Powershell?
P.S. Tried different call methods: Invoke-webrequest and using New-Object System.Net.WebClient object. Doesn't work either.