This API has a deprecated equivalent from v7.0U1.
List Providers
Retrieve all identity providers. if you do not have all of the privileges described as follows: - Operation execution requires VcIdentityProviders.Read and VcIdentityProviders.Manage.
Request
URLURL
https://{api_host}/api/vcenter/identity/providers
Header Parameters
Header Parameters
string
vmware-api-session-id
Required
Required session ID, acquired from Create Session API under CIS product
vmware-api-session-id example
"b00db39f948d13ea1e59b4d6fce56389"
Authentication
This operation uses the following authentication methods.
Response
Response
Response BodyResponse Body
200 OK returns
array of
IdentityProvidersSummary
of type application/json
Commonly used information about the identity providers.
[
{
"auth_query_params": {
"key": "string"
},
"config_tag": "Oauth2",
"domain_names": [
"string"
],
"federation_type": "DIRECT_FEDERATION",
"is_default": false,
"name": "string",
"oauth2": {
"auth_endpoint": "string",
"auth_query_params": {
"key": "string"
},
"authentication_header": "string",
"client_id": "string",
"token_endpoint": "string"
},
"oidc": {
"auth_endpoint": "string",
"auth_query_params": {
"key": "string"
},
"authentication_header": "string",
"client_id": "string",
"discovery_endpoint": "string",
"logout_endpoint": "string",
"token_endpoint": "string"
},
"provider": "string"
}
]
config_tag
Required
The Providers.ConfigType structure contains the possible types of vCenter Server identity providers.
Oauth2 : Config for OAuth2
Oidc : Config for OIDC
Possible values are: Oauth2 , Oidc
string
provider
Required
The identifier of the provider When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.vcenter.identity.Providers. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.vcenter.identity.Providers.
boolean
is_default
Required
Specifies whether the provider is the default provider.
map of
string
auth_query_params
Optional
key/value pairs that are to be appended to the authEndpoint request.
How to append to authEndpoint request: If the map is not empty, a “?” is added to the endpoint URL, and combination of each k and each string in the v is added with an “&” delimiter. Details: - If the value contains only one string, then the key is added with “k=v”. - If the value is an empty list, then the key is added without a “=v”. - If the value contains multiple strings, then the key is repeated in the query-string for each string in the value.
This field is optional because it was added in a newer version than its parent node.
federation_type
Optional
The FederationType enumerated type contains the possible types of federation paths for, vCenter Server identity providers configuration.
DIRECT_FEDERATION : vCenter Server federated directly to the external identity provider.
INDIRECT_FEDERATION : vCenter Server federated indirectly to the external identity provider, by means of an intermediary federation broker.
Possible values are: DIRECT_FEDERATION , INDIRECT_FEDERATION
string
name
Optional
The user friendly name for the provider This field is optional because it was added in a newer version than its parent node.
oauth2
Optional
OAuth2 Summary This field is optional and it is only relevant when the value of Providers.Summary.config-tag is Oauth2.
oidc
Optional
OIDC Summary This field is optional and it is only relevant when the value of Providers.Summary.config-tag is Oidc.
array of
string
domain_names
Optional
Set of fully qualified domain names to trust when federating with this identity provider. Tokens from this identity provider will only be validated if the user belongs to one of these domains, and any domain-qualified groups in the tokens will be filtered to include only those groups that belong to one of these domains. If domainNames is an empty set, domain validation behavior at login with this identity provider will be as follows: the user’s domain will be parsed from the User Principal Name (UPN) value that is found in the tokens returned by the identity provider. This domain will then be implicitly trusted and used to filter any groups that are also provided in the tokens. This field is optional because it was added in a newer version than its parent node.
Errors
default
‘Default’ means this response is used for all HTTP codes that are not covered individually for this operation.
Code Samples
PowerCLI Client SDK Example
Invoke-ListIdentityProviders
cURL Command
curl -H "vmware-api-session-id: b00db39f948d13ea1e59b4d6fce56389" https://{api_host}/api/vcenter/identity/providers
Vendor Extensions
This operation contains the following vendor extensions defined in the spec:
x-vmw-doc-deprecated-method: get
x-vmw-doc-deprecated-path: /rest/vcenter/identity/providers
x-vmw-doc-operation: list
Availability
Added in 7.0U2
On This Page
Providers Operations
get
post
get
patch
delete
