2 Replies Latest reply on May 27, 2019 1:52 AM by RahulDiyewarArkin

    how to nsx-t REST API authentication against VIDM?

    eric.krejci Enthusiast
    vExpert

      Hello,

       

      I have a NSX-T 2.3.1 integrated with vIDM for the "remote authentication"

       

      I'm trying to find documentation about running REST API call with an authentication done through the vIDM.

       

      is this possible with NSX-T or only basic authentication is currently implemented?

       

      many thanks

       

      Eric

        • 1. Re: how to nsx-t REST API authentication against VIDM?
          RagsRachamadugu Novice

          I have the same question here for NSX-T 2.4. Appreciate if someone could provide any information in this regard.

           

          Thanks Rags

          • 2. Re: how to nsx-t REST API authentication against VIDM?
            RahulDiyewarArkin Lurker

            Authenticating to vIDM

            When NSX-T is configured to use VMware Identity Manager (vIDM) for authentication, you supply an Authorization header with an authentication type of "Remote". Te header content should consist of a base64-encoded string containing the username@domain and password separated by a single colon (":") character, as specified in RFC 1945 section 11.1.

            For example, to authenticate a request using the credentials of user jsmith@example.com with passwordSk2LkPM!, include the following header with the request:

            Authorization: Remote anNtaXRoQGV4YW1wbGUuY29tOlNrMkxrUE0h

            The following cURL command will authenticate to the manager using basic authentication and will issue a GET request for logical ports:

            curl -k -H "Authorization: Remote BASE64" https://MANAGER/api/v1/logical-ports

            where:
            BASE64 is the base64-encoded string containing the username@domain and password separated by a single colon (":"), and
            MANAGER is the IP address or host name of the NSX manager

            For example:

            curl -k H "Authorization: Remote anNtaXRoQGV4YW1wbGUuY29tOlNrMkxrUE0h" https://192.168.22.32/api/v1/logical-ports

            Note: the -k argument instructs cURL to skip verifying the manager's self-signed X.509 certificate.