Hello Ilian,, I did include those 2 link at the end of my question..

I did noticed that you were original poster of the source code used in vmwarebits. Your part of the code works perfectly fine. The only issue I have is the code vmwarebits inserted code to check vcenter backup part list giving me authentication problem.

This part of his code giving me authentication error:::

//get the possible backup parts: common (Inventory and Configuration) is always present

//and mandatory (vCenter and PSC) but SEAT (Stats, Events, Alarms, and Tasks) is only available for vCenter

partsRequest = restHosts[hostCounter].createRequest("GET", "https://" + appliance + "/rest/appliance/recovery/backup/parts", "");

var partsResponse = partsRequest.executeWithCredentials(ssoUser, ssoPassword);

This is more a Javascript / Rest syntax problem I am experiencing. In Curl and Powershell I am able to get response using the session Id. But in VRO it doesn't seem to work. The sessionID should have been inserted to the RestRequest in some way for this to work and I haven't been able to figure out.

Omitting this part of the code will make it work but will be nice to get the backup/parts to better automate VCSA65 backup jobs.

Thanks,,,

I tried it again in my environment, and it seems to work - I got status 200 and some JSON as response.

Could you show your exact code? Is there a chance that the host object you use tn the first call to create auth session is different than the host object you use in the second call to get backup parts (ie. the second host object is a transient object created from the first one)?

I started with the original code vmwarebit website, ran into issues trying to do a "GET"  --> /rest/appliance/recovery/backup/parts, it is throwing authentication error...

Here is the it the part of code i am having trouble with:

//set main variables for the script based on workflow attributes
//I have made the assumption that your rest host name is identical to the FQDN for the host
var appliance = restHosts[hostCounter].name;
System.log("Starting backup process for host: "+appliance);

//create an authentication session for the rest host
var request = restHosts[hostCounter].createRequest("POST", "https://" + appliance + "/rest/com/vmware/cis/session", "");
var response = request.executeWithCredentials(ssoUser, ssoPassword);
var sessionid = JSON.parse(response.contentAsString).value;

//System.log("response code: " + response.statusCode);
//System.log("response body: " + response.contentAsString);
System.log("sessionid: " + sessionid);

//get the possible backup parts: common (Inventory and Configuration) is always present
//and mandatory (vCenter and PSC) but SEAT (Stats, Events, Alarms, and Tasks) is only available for vCenter
partsRequest = restHosts[hostCounter].createRequest("GET", "https://" + appliance + "/rest/appliance/recovery/backup/parts", "");
var partsResponse = partsRequest.executeWithCredentials(ssoUser, ssoPassword);

//System.log("get parts list response code: " + partsResponse.statusCode);
//System.log("get parts list response body: " + partsResponse.contentAsString);

Based on API Documentation the session id needs to be passed somehow.

How do you compute restHosts and restCounter?

In this case - This is all part of the workflow package publisher posted in his website..

restHosts - is a Array/Rest:RestHost object and at the moment there is only 1

restCounter - just returns number of host

//Get number of hosts

numberOfHoststoBackup = restHosts.length;

System.log("Number of Host to Backup: "+ numberOfHoststoBackup);

Link to vco backup package http://vmwarebits.com/sites/default/files/images/vCenterOrchestrator/com.vmwarebits.vcenterbackup.zi...

OK, I imported the attached package, changed ssoUser/ssoPassword attributes, added my host to restHosts array attribute, and added some code to stop the workflow after the call to get parts (as I don't have FTP site/credentials atm). Ran the workflow, and it worked.

Not sure what could be the issue in your environment. Maybe the way your REST host is registered? What name/URL/session mode/credentials did you use when registering the host?

My host config:

name -> FQDN

URL -> https://FQDN/rest

mode -> Shared Session

user -> administrator@vsphere.local

pass -> ******

Normally you wont see the error... You need to uncomment the 2 lines below and you will see the unable to authorize user id error message..

- open "Appliance Backup to"

- uncomment 2 lines right bellow "get parts list response code and body"

- if you run you should see the error:

[2017-09-18 15:46:06.085] [I] get parts list response code: 403

[2017-09-18 15:46:06.087] [I] get parts list response body: {"type":"com.vmware.vapi.std.errors.unauthorized","value":{"messages":[{"args":[],"default_message":"Unable to authorize user","id":"vapi.security.authorization.invalid"}]}}

I've tried with Curl and Powershell with no issues. Both I can use the session ID to authenticate. I am not sure how publisher managed to authenticate using username and password.

If you look at the curl command it uses the 'vmware-api-session-id', sessionid to authenticate.

[2017-09-18 23:10:05.203] [I] get parts list response code: 200

[2017-09-18 23:10:05.206] [I] get parts list response body: {"value":[{"selected_by_default":true,"name":{"args":[],"default_message":"common","id":"com.vmware.applmgmt.backup.common_part_name"},"description":{"args":[],"default_message":"Inventory and configuration.","id":"com.vmware.applmgmt.backup.common_part_description"},"optional":false,"id":"common"},{"selected_by_default":true,"name":{"args":[],"default_message":"Stats, Events, Alarms, and Tasks","id":"com.vmware.applmgmt.backup.seat_part_name"},"description":{"args":[],"default_message":"Historical data (Statistics, Events and Tasks) in vCenter Server database.","id":"com.vmware.applmgmt.backup.seat_part_description"},"optional":true,"id":"seat"}]}

wow... it must be my environment..

I am running vRo 7.2.0.4629841 build number 4629841

The test vCenter I am trying to backup is 6.5.10000

Thanks for your time.. At least now I know the workflow works and I am the one having problems...

The fact that it works in curl and powershell using sessionid only is what got me confused..

I tested with vRO 7.3.

Its possible that something got fixed in REST plug-in between 7.2 and 7.3. So one option if you are willing to try it is is to deploy vRO 7.3, and another option is to get the REST plug-in bundled in vRO 7.3 and deploy it in your 7.2 (it should be backward compatible).

I upgraded my vRO to 7.3 and I am still having this issue. My environment is just cursed...

You are able to perform request below without issues?

//get the possible backup parts: common (Inventory and Configuration) is always present

//and mandatory (vCenter and PSC) but SEAT (Stats, Events, Alarms, and Tasks) is only available for vCenter

partsRequest = restHosts[hostCounter].createRequest("GET", "https://" + appliance + "/rest/appliance/recovery/backup/parts", "");

var partsResponse = partsRequest.executeWithCredentials(ssoUser, ssoPassword);

System.log("get parts list response code: " + partsResponse.statusCode);

System.log("get parts list response body: " + partsResponse.contentAsString);

Is there any authentication/security setting that I might need to enable in the vCenter perhaps??

I get same error in vcenter apiexplorer..