com.vmware.vcenter.identity.broker package

Submodules

com.vmware.vcenter.identity.broker.tenants_client module

The com.vmware.vcenter.identity.broker.tenants_client module provides classes to manage external authentication broker tenant data.

class com.vmware.vcenter.identity.broker.tenants_client.AdminClient(config)

Bases: VapiInterface

The AdminClient interface provides methods to read the token info of tenant admin client. The tenant client belongs to the pre-configured tenant(s), that were created at bootstrap of vcenter trustmanagement service. The tenant admin client tokens can be used to perform API invocations within a tenant entity. This class was added in vSphere API 8.0.1.0.

Parameters:

config (vmware.vapi.bindings.stub.StubConfiguration) – Configuration to be used for creating the stub.

get(tenant)

Returns the tenant admin client token info associated with pre-configured tenant(s) owned by vcenter trustmanagment service. This method was added in vSphere API 8.0.1.0.

Parameters:

tenant (str) – The tenant name for which the admin client token needs to be returned. The parameter must be an identifier for the resource type: com.vmware.vcenter.identity.broker.tenant.

Return type:

TokenInfo

Returns:

TokenInfo class that contains a newly issued tenant admin client token.

Raise:

com.vmware.vapi.std.errors_client.Error if any other error occurs.

Raise:

com.vmware.vapi.std.errors_client.NotFound if no tenant owned by vcenter trustmanagment service, with the input parameter found.

Raise:

com.vmware.vapi.std.errors_client.Unauthenticated if not authenticated.

Raise:

com.vmware.vapi.std.errors_client.Unauthorized if not authorized to invoke the operation.

Raise:

com.vmware.vapi.std.errors_client.Unauthorized if you do not have all of the privileges described as follows:

  • Method execution requires VcIdentityProviders.Manage.

class com.vmware.vcenter.identity.broker.tenants_client.OperatorClient(config)

Bases: VapiInterface

The OperatorClient interface provides methods to read the token info of operator client. The operator client belongs to the pre-configured HWS tenant, that was created at bootstrap/installation of broker. The operator client tokens can be used to call the tenant management APIs like create, get and delete of tenant entity. This class was added in vSphere API 8.0.1.0.

Parameters:

config (vmware.vapi.bindings.stub.StubConfiguration) – Configuration to be used for creating the stub.

get()

Return the operator client token info in Broker. The operator client was created at bootstrap or installation of broker. This token can be used to manage tenant entity APIs. This method was added in vSphere API 8.0.1.0.

Return type:

TokenInfo

Returns:

TokenInfo class that contains a newly issued operator client token.

Raise:

com.vmware.vapi.std.errors_client.Error if any other error occurs.

Raise:

com.vmware.vapi.std.errors_client.NotFound if no operator client details found.

Raise:

com.vmware.vapi.std.errors_client.Unauthenticated if not authenticated.

Raise:

com.vmware.vapi.std.errors_client.Unauthorized if not authorized to invoke the operation.

Raise:

com.vmware.vapi.std.errors_client.Unauthorized if you do not have all of the privileges described as follows:

  • Method execution requires VcIdentityProviders.Manage.

class com.vmware.vcenter.identity.broker.tenants_client.StubFactory(stub_config)

Bases: StubFactoryBase

Initialize StubFactoryBase

Parameters:

stub_config (vmware.vapi.bindings.stub.StubConfiguration) – Stub config instance

class com.vmware.vcenter.identity.broker.tenants_client.TokenInfo(token_type=None, access_token=None, expires_in=None)

Bases: VapiStruct

The TokenInfo class contains detailed information about the tenant token. This class was added in vSphere API 8.0.1.0.

Tip

The arguments are used to initialize data attributes with the same names.

Parameters:
  • token_type (str) –

    The type of the token issued. The access token type provides the client with the information required to successfully utilize the access token to make a protected resource request (along with type-specific attributes). The client MUST NOT use an access token if it does not understand the token type.

    ”Bearer” token type as defined in RFC 6750 is supported.. This attribute was added in vSphere API 8.0.1.0.

  • access_token (str) – Tenant client access token issued by the authorization server. This attribute was added in vSphere API 8.0.1.0.

  • expires_in (long or None) – The lifetime in seconds of the access token. For example, the value “3600” denotes that the access token will expire in one hour from the time the response was generated. This attribute was added in vSphere API 8.0.1.0. None if not applicable for issued token.

BEARER_TOKEN_METHOD_TYPE = 'Bearer'

Class attribute indicating that the security token is a bearer token. This class attribute was added in vSphere API 8.0.1.0.