Hello Community,
First time poster here!
We have a web application which uses windows with active directory for authentication. It is leveraging Django and pyVmomi to enable employees to upload documents into VMs that they have access to. Currently in order to upload a document, the user is required to enter their password again, which is then passed to pyVmomi and in turn this authenticates them to the Vsphere and allows the users to upload the file to their VM. We have implemented it this way to avoid the use of a vsphere service account to perform the task on the backend. It makes things much more manageable. But we would like to see if there is a way to streamline this process. (i.e not have them enter their password again once they are authenticated to the application).
Is there a way to allow a user to authenticate to our application using windows/AD credentials and then "simply" pass that into vsphere via a token or similar SSO solution? I've done a little research and I see that Vsphere has SSO, if this is the preferred method does anyone have a dead simple method of getting this accomplished? Maybe there is a method the team isn't thinking of that someone else has done? I mean that is why i'm reaching out.
Looking for ideas too,
Thank you in advance.