Retrieve a SAML Token

The vCenter Single Sign-On service provides authentication mechanisms for securing the operations that your client application performs in the virtual environment. Client applications use SAML security tokens for authentication.

Client applications use the vCenter Single Sign-On service to retrieve SAML tokens. For more information about how to acquire a SAML security token, see the vCenter Single Sign-On Programming Guide documentation.

Prerequisites

Verify that you have the vCenter Single Sign-On URL. You can use the Lookup Service on the Platform Services Controller to obtain the endpoint URL. For information about retrieving service endpoints, see Retrieving Service Endpoints.

Procedure

Create a connection object to communicate with the vCenter Single Sign-On service.

Pass the vCenter Single Sign-On endpoint URL, which you can get from the Lookup Service.

Issue a security token request by sending valid user credentials to the vCenter Single Sign-On service on the Platform Services Controller.

The vCenter Single Sign-On service returns a SAML token.

What to do next

You can present the SAML token to the vSphere Automation API Endpoint or other endpoints, such as the vSphere Web Services Endpoint. The endpoint returns a session ID and establishes a persistent session with that endpoint. Each endpoint that you connect to uses your SAML token to create its own session.

Subtopics

JavaScript Example of Retrieving a SAML Token

Java Example of Retrieving a SAML Token

Python Example of Retrieving a SAML Token