[{"label":"Latest (4.5.0)","version":"latest"},{"version":"4.4.0"},{"version":"4.3.1"},{"link":"https://developer.vmware.com/apis/1127/vmware-cloud-foundation","version":"4.3"},{"link":"https://developer.vmware.com/apis/1078/vmware-cloud-foundation","version":"4.2"},{"link":"https://developer.vmware.com/apis/1033/vmware-cloud-foundation","version":"4.1"},{"link":"https://developer.vmware.com/apis/1003/vmware-cloud-foundation","version":"4.0.1"},{"link":"https://developer.vmware.com/apis/939/vmware-cloud-foundation","version":"4.0"}]
vcf-for-vxrail
VMware Cloud Foundation on Dell EMC VxRail API Reference Guide

Users

APIs for managing Users

Table of Contents

1. Add users

  • This API is used to add users.

1.1. Prerequisites

The following data is required

  • Name of the SSO or AD domain

  • Username

  • Type of the user. For types supported, refer to User

  • Role ID

1.2. Steps

  • Fetch the role ID for the role.

Tip : Refer to Get the Roles

  • Invoke the API to add a user.

Note : For the sake of brevity, the Bearer tokens in the Authorization header has been abbreviated in the code snippets throughout this document.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/users' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '[ {
  "name" : "USER_1@vsphere.local",
  "domain" : "vsphere.local",
  "type" : "USER",
  "role" : {
    "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
  }
}, {
  "name" : "USER_2@vsphere.local",
  "domain" : "vsphere.local",
  "type" : "USER",
  "role" : {
    "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
  }
}, {
  "name" : "SERVICE_USER_1",
  "type" : "SERVICE",
  "role" : {
    "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
  }
} ]'

HTTP Request

POST /v1/users HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 437
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

[ {
  "name" : "USER_1@vsphere.local",
  "domain" : "vsphere.local",
  "type" : "USER",
  "role" : {
    "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
  }
}, {
  "name" : "USER_2@vsphere.local",
  "domain" : "vsphere.local",
  "type" : "USER",
  "role" : {
    "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
  }
}, {
  "name" : "SERVICE_USER_1",
  "type" : "SERVICE",
  "role" : {
    "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
  }
} ]

HTTP Response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 884

{
  "elements" : [ {
    "id" : "618ec78a-a163-4029-b759-9ea8bd0f0e7f",
    "name" : "USER_1@vsphere.local",
    "domain" : "vsphere.local",
    "type" : "USER",
    "role" : {
      "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
    },
    "creationTimestamp" : "2022-09-28T06:43:03.231Z"
  }, {
    "id" : "47982ff1-0197-4375-9858-04754fb6105c",
    "name" : "USER_2@vsphere.local",
    "domain" : "vsphere.local",
    "type" : "USER",
    "role" : {
      "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
    },
    "creationTimestamp" : "2022-09-28T06:43:03.231Z"
  }, {
    "id" : "73447191-6903-4cda-9324-86ee8a395964",
    "name" : "SERVICE_USER_1",
    "domain" : "Nil",
    "type" : "SERVICE",
    "apiKey" : "RGIzIuXrEuipHsV5VX0YwgS7uWN89KWq",
    "role" : {
      "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
    },
    "creationTimestamp" : "2022-09-28T06:43:03.231Z"
  } ]
}

2. Add service users

  • This API is used to add service users.

2.1. Prerequisites

The following data is required

  • Username

  • Type of the user. The type would be SERVICE for service users. For types supported, refer to User.

  • Role ID

2.2. Steps

  • Fetch the role ID for the role.

Tip : Refer to Get the Roles

  • Invoke the API to create a service user.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/users' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '[ {
  "name" : "service_account_1",
  "type" : "SERVICE",
  "role" : {
    "id" : "2115f611-86e6-4f9c-8954-2f6733e24767"
  }
} ]'

HTTP Request

POST /v1/users HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 128
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

[ {
  "name" : "service_account_1",
  "type" : "SERVICE",
  "role" : {
    "id" : "2115f611-86e6-4f9c-8954-2f6733e24767"
  }
} ]

HTTP Response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 337

{
  "elements" : [ {
    "id" : "dcbf3a13-ad5a-433b-ae11-dcc0fbc80583",
    "name" : "service_account_1",
    "domain" : "Nil",
    "type" : "SERVICE",
    "apiKey" : "2XfBsCoRkFTPvsnYX1TL12GaFtZj8lrw",
    "role" : {
      "id" : "2115f611-86e6-4f9c-8954-2f6733e24767"
    },
    "creationTimestamp" : "2022-09-28T06:43:02.322Z"
  } ]
}
  • The response of the API contains the apiKey . With the apiKey, the service user can login and obtain access token.

Obtain access token for a service user

2.3. Prerequisites

The following data is required

  • API key

2.4. Steps

  • Invoke the API with the API key to generate an access token and refresh token.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/tokens' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -d '{
  "username" : "automationapp",
  "apiKey" : "6598S0SIQC04sGjEr0nIeDlZx18GYRoT"
}'

HTTP Request

POST /v1/tokens HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 83
Host: sfo-vcf01.rainpole.io

{
  "username" : "automationapp",
  "apiKey" : "6598S0SIQC04sGjEr0nIeDlZx18GYRoT"
}

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 683

{
  "accessToken" : "eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIxNTFlZWI5Yy1mNWNmLTQ3N2UtYTJhYS0yMzg4ZmFmYzMwNDAiLCJpYXQiOjE1ODIxMzgzMzQsInN1YiI6ImFkbWluaXN0cmF0b3JAdnNwaGVyZS5sb2NhbCIsImlzcyI6InZjZi1hdXRoIiwiYXVkIjoic2RkYy1zZXJ2aWNlcyIsIm5iZiI6MTU4MjEzODMzNCwiZXhwIjoxNTgyMTQxOTM0LCJ1c2VyIjoiYWRtaW5pc3RyYXRvckB2c3BoZXJlLmxvY2FsIiwibmFtZSI6ImFkbWluaXN0cmF0b3JAdnNwaGVyZS5sb2NhbCIsInNjb3BlIjpbIkJBQ0tVUF9DT05GSUdfUkVBRCIsIkNSRURFTlRJQUxfUkVBRCIsIlVTRVJfV1JJVEUiLCJPVEhFUl9XUklURSIsIkJBQ0tVUF9DT05GSUdfV1JJVEUiLCJPVEhFUl9SRUFEIiwiVVNFUl9SRUFEIiwiQ1JFREVOVElBTF9XUklURSJdfQ.ylzrCyo4ymTKtSv1flmUrW-b8mxjRl7T2uV3a8sWWMA",
  "refreshToken" : {
    "id" : "3c6b3c30-3bf2-480b-9539-8483699ab911"
  }
}

3. Get the Users

  • This API is used to get all the users listed in the system.

  • This also gives other details associated with the user like domain, type of user and the role id.

3.1. Steps

  • Invoke the API to fetch all users.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/users' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/users HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 884

{
  "elements" : [ {
    "id" : "618ec78a-a163-4029-b759-9ea8bd0f0e7f",
    "name" : "USER_1@vsphere.local",
    "domain" : "vsphere.local",
    "type" : "USER",
    "role" : {
      "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
    },
    "creationTimestamp" : "2022-09-28T06:43:03.231Z"
  }, {
    "id" : "47982ff1-0197-4375-9858-04754fb6105c",
    "name" : "USER_2@vsphere.local",
    "domain" : "vsphere.local",
    "type" : "USER",
    "role" : {
      "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
    },
    "creationTimestamp" : "2022-09-28T06:43:03.231Z"
  }, {
    "id" : "73447191-6903-4cda-9324-86ee8a395964",
    "name" : "SERVICE_USER_1",
    "domain" : "Nil",
    "type" : "SERVICE",
    "apiKey" : "RGIzIuXrEuipHsV5VX0YwgS7uWN89KWq",
    "role" : {
      "id" : "dce22906-47db-412c-b39a-02995cbda4e1"
    },
    "creationTimestamp" : "2022-09-28T06:43:03.231Z"
  } ]
}

4. Delete a User

  • This API is used to delete a user.

4.1. Prerequisites

The following data is required

  • User ID

4.2. Steps

  • Invoke the API with the “user ID” to be deleted.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/users/618ec78a-a163-4029-b759-9ea8bd0f0e7f' -i -X DELETE \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

DELETE /v1/users/618ec78a-a163-4029-b759-9ea8bd0f0e7f HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 204 No Content

5. Get the Roles

  • This API is used to fetch all the roles supported by VCF.

  • Currently there are three roles that are supported - ADMIN, OPERATOR and VIEWER.

5.1. Prerequisites

None

5.2. Steps

  • Invoke the API to fetch the roles and role IDs

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/roles' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/roles HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 361

{
  "elements" : [ {
    "id" : "31fde0ae-a292-4141-ad25-79724a7c81e1",
    "name" : "ADMIN",
    "description" : "Administrator"
  }, {
    "id" : "429255c8-21d3-40eb-84b5-df7451508e47",
    "name" : "OPERATOR",
    "description" : "Operator"
  }, {
    "id" : "e6e05b87-8a49-4c24-9d9c-0f8f4596e4f1",
    "name" : "VIEWER",
    "description" : "Viewer"
  } ]
}

6. Get SSO Domain

  • This API is used to fetch the SSO domains known to the system.

6.1. Prerequisites

None

6.2. Steps

  • Invoke the API by specifying the “SSO domain name”.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/sso-domains' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/sso-domains HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 38

{
  "elements" : [ "vsphere.local" ]
}

7. Get SSO Domain entities

  • This API is used to fetch all domain entities in a particular domain known to the system.

  • This includes users and subdomains.

7.1. Prerequisites

The following data is required

  • SSO Domain name

7.2. Steps

  • Invoke the API by specifying the “SSO domain name”.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/sso-domains/vsphere.local/entities' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/sso-domains/vsphere.local/entities HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 786

{
  "elements" : [ {
    "id" : "USER_1@vsphere.local",
    "name" : "USER_1",
    "type" : "USER"
  }, {
    "id" : "USER_2@vsphere.local",
    "name" : "USER_2",
    "type" : "USER"
  }, {
    "id" : "USER_3@vsphere.local",
    "name" : "USER_3",
    "type" : "USER"
  }, {
    "id" : "USER_4@vsphere.local",
    "name" : "USER_4",
    "type" : "USER"
  }, {
    "id" : "äUSER_5@vsphere.local",
    "name" : "äUSER_5",
    "type" : "USER"
  }, {
    "id" : "vsphere.local\\\\group_1",
    "name" : "",
    "type" : "GROUP"
  }, {
    "id" : "vsphere.local\\\\group_2",
    "name" : "",
    "type" : "GROUP"
  }, {
    "id" : "vsphere.local\\\\group_3",
    "name" : "",
    "type" : "GROUP"
  }, {
    "id" : "vsphere.local\\\\group_4",
    "name" : "",
    "type" : "GROUP"
  } ]
}

8. Get local account details

  • This API is used to check whether or not the local account is configured.

8.1. Prerequisites

None

8.2. Steps

  • Invoke the API to check whether or not the local account is configured.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/users/local/admin' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/users/local/admin HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 141

{
  "isConfigured" : false,
  "name" : "admin@local",
  "type" : "USER",
  "role" : {
    "id" : "1f5c97f2-7141-4e2c-9ea7-229fe7951ca4"
  }
}

9. Update password for local account

  • This API is used to update the local account password or to configure local account if it wasn’t configured during the bringup

9.1. Prerequisites

  • The following data is required

    • Old Password

    • New Password

Note : Provide only “newPassword” if you are configuring the local account for the first time.

  • New password must be in compliance with these password policies.

    Password requirements:

    • Length: 12-127 characters

    • Allowed special characters: ! % @ $ ^ # ? *

    • At least 1 small letter, capital letter, number and special character should be present

    • At least 2 alphabetic characters should be present

    • A character cannot be repeated more than 3 times consecutively

9.2. Steps

  • Invoke the API to update the local account password or to configure local account.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/users/local/admin' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "oldPassword" : "XXXXXXX",
  "newPassword" : "YYYYYYY"
}'

HTTP Request

PATCH /v1/users/local/admin HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 60
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "oldPassword" : "XXXXXXX",
  "newPassword" : "YYYYYYY"
}

HTTP Response

HTTP/1.1 204 No Content

Last updated 2022-09-28 17:42:27 PDT

Operations



[{"label":"Latest (4.5.0)","version":"latest"},{"version":"4.4.0"},{"version":"4.3.1"},{"link":"https://developer.vmware.com/apis/1127/vmware-cloud-foundation","version":"4.3"},{"link":"https://developer.vmware.com/apis/1078/vmware-cloud-foundation","version":"4.2"},{"link":"https://developer.vmware.com/apis/1033/vmware-cloud-foundation","version":"4.1"},{"link":"https://developer.vmware.com/apis/1003/vmware-cloud-foundation","version":"4.0.1"},{"link":"https://developer.vmware.com/apis/939/vmware-cloud-foundation","version":"4.0"}]
vcf-for-vxrail
Feedback

Was this page helpful?