Hey community,
I have a problem in my environment authenticating against the vRO REST API with a Bearer-Token which was request from vRA.
Since last week we have a standalone vRO configured with authentication source "vRealize Automation".
Test Connection in the controlcenter always suceed and login into the vRO Client succeeds aswell.
I wrote a PowerShell script which gets a bearer token from vRA by this code:
$body = '{"username" : "ThatsMyUser", "password" : "ThatsMySecretPassword", "tenant" : "vsphere.local"}'
$response = Invoke-Webrequest -Uri https://vRA-Loadbalancer.com/identity/api/tokens -Method POST -Headers @{"accept"="application/json"} -Body $body -ContentType "application/json"
$content = response | ConvertFrom-Json
$id = $content.id
It returns a ID and if we validate it the vRA Rest API returns that it´s valid (mentioned here: https://docs.vmware.com/en/vRealize-Automation/7.3/com.vmware.vra.programming.doc/GUID-45E4204A-4E9C... )
So authentication against the vRO REST should work... I guess
Now I tried to simply list all packages in vRO by this code:
$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Authorization", "Bearer " + $id) # $id is the same as returned by the upper code
$headers.Add("accept","application/json")
Invoke-Webrequest -Uri https://vRO-Appliance.com:8281/vco/api/packages -Method GET -Headers $headers
And it returns and error "401 Unauthorized" ... And I have no clue why.
I tried the same in different languages... vRO itself, C# and PowerShell.
Anyone have a suggestion? ´This made me kinda crazy over the last few days.
additional note: I hope there are no typos in the PowerShell code... copy paste didn´t work argh... yes each url is typed by myself
Hi,
i installed PowerShell core and tried it again.
It works for me now and throws no more errors.
Additional for testing i set the parameter "com.vmware.011n.sso.basi-authentication.enabled = true" in the vmo.properties file on the vco.
The file is stored in /etc/vco/app-server/
Hi,
Try to get a token as described here - https://kb.vmware.com/s/article/2148518
Hi,
it still fails with the procedure mentioned in the kb.
I got the following error:
Invoke-Webrequest: The underlying connection was closed: An unexpected error occurred on a send.
Hi,
Could you check if it works with some other REST client, like curl or Postman? I tested the folowing in my environment and it seemed to work (I got an error similar to yours when trying to call it with PowerShell):
curl -ikv -H "Authorization: Bearer ..." -X GET https://vro-appliance:8281/vco/api/packages
Hi,
it seems to work in Postman (the way mentioned in the KB). But only if I disable certificate validation.
Any idea how to bring this to a programming / scripting language?
Sadly it fails in PowerShell.
Hi,
i installed PowerShell core and tried it again.
It works for me now and throws no more errors.
Additional for testing i set the parameter "com.vmware.011n.sso.basi-authentication.enabled = true" in the vmo.properties file on the vco.
The file is stored in /etc/vco/app-server/