0 Replies Latest reply on Aug 15, 2019 9:44 PM by imtrinity94

    Move vCloud director plugin authentication from service account to SSO | vRO

    imtrinity94 Lurker

      Hi,

      There is an ability within the vcloud director plugin to use an sso account (ldap) to enable and authorize access to the vcd hosts. To enable it, a callback action is required to get a saml holder of keys token, and publish it, the action will also have to have renew / refresh capabilities in it.

      For that, VMware has kindly created  a JS model of it, but it needs to be converted to an action, and established in a proper fashion to function

      https://pubs.vmware.com/vsphere-6-5/index.jsp?topic=%2Fcom.vmware.vsphere.vcsapg-rest.doc%2FGUID-12A39922-3E59-4036-B3F3-E84B96AF772D.html

       

      The net desire, is an action that returns the token and can be used to pass the authentication into the vcd plugin or other services that require it

      outcome expectations are that an action is created that retrieves logins via  a credential object and retrieves parameters either programmatically or via a configuration element and returns the token.