vapi metadata authentication component: get

Retrieves authentication information about the component element corresponding to component_id.

The vapi.metadata.authentication.component_data contains the authentication information about the component element and it's fingerprint. It contains information about all the package elements that belong to this component element.

Request:

HTTP request

GET https://{server}/rest/com/vmware/vapi/metadata/authentication/component/id:{component_id}

Path Parameters

Name Type Description
Required
component_id string Identifier of the component element.

Response:

HTTP Status Code: 200

Representations:

{
    "value"{
        "fingerprint""string",
        "info"{
            "packages"[
                {
                    "key""obj-103",
                    "value"{
                        "schemes"[
                            {
                                "scheme""string",
                                "scheme_type""SESSIONLESS",
                                "session_manager""string"
                            },
                            {
                                "scheme""string",
                                "scheme_type""SESSIONLESS",
                                "session_manager""string"
                            }
                        ],
                        "services"[
                            {
                                "key""obj-103",
                                "value"{
                                    "operations"[
                                        {
                                            "key""obj-103",
                                            "value"{
                                                "schemes"[
                                                    {
                                                        "scheme""string",
                                                        "scheme_type""SESSIONLESS",
                                                        "session_manager""string"
                                                    },
                                                    {
                                                        "scheme""string",
                                                        "scheme_type""SESSIONLESS",
                                                        "session_manager""string"
                                                    }
                                                ]
                                            }
                                        }
                                    ],
                                    "schemes"[
                                        {
                                            "scheme""string",
                                            "scheme_type""SESSIONLESS",
                                            "session_manager""string"
                                        },
                                        {
                                            "scheme""string",
                                            "scheme_type""SESSIONLESS",
                                            "session_manager""string"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    }
}
<?xml version="1.0" ?>
<ns0:Get-Result xmlns:ns0="http://vmware.com/vapi/metadata/authentication/component" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <value>
    <fingerprint>string</fingerprint>
    <info>
      <packages-array>
        <array-item>
          <value>
            <services-array>
              <array-item>
                <value>
                  <schemes-array>
                    <array-item>
                      <scheme_type>SESSIONLESS</scheme_type>
                      <scheme>string</scheme>
                      <session_manager>string</session_manager>
                    </array-item>
                    <array-item>
                      <scheme_type>SESSIONLESS</scheme_type>
                      <scheme>string</scheme>
                      <session_manager>string</session_manager>
                    </array-item>
                  </schemes-array>
                  <operations-array>
                    <array-item>
                      <value>
                        <schemes-array>
                          <array-item>
                            <scheme_type>SESSIONLESS</scheme_type>
                            <scheme>string</scheme>
                            <session_manager>string</session_manager>
                          </array-item>
                          <array-item>
                            <scheme_type>SESSIONLESS</scheme_type>
                            <scheme>string</scheme>
                            <session_manager>string</session_manager>
                          </array-item>
                        </schemes-array>
                      </value>
                      <key>obj-103</key>
                    </array-item>
                  </operations-array>
                </value>
                <key>obj-103</key>
              </array-item>
            </services-array>
            <schemes-array>
              <array-item>
                <scheme_type>SESSIONLESS</scheme_type>
                <scheme>string</scheme>
                <session_manager>string</session_manager>
              </array-item>
              <array-item>
                <scheme_type>SESSIONLESS</scheme_type>
                <scheme>string</scheme>
                <session_manager>string</session_manager>
              </array-item>
            </schemes-array>
          </value>
          <key>obj-103</key>
        </array-item>
      </packages-array>
    </info>
  </value>
</ns0:Get-Result>

Response Type:

Name Type Description
bold = required
value component_data The vapi.metadata.authentication.component_data instance that corresponds to component_id.
value.info component_info Authentication information of the component. This includes information about all the API in the component.

value.info.packages list Authentication information of all the package elements. The key in the key/value pairs is the identifier of the package element and the value in the key/value pairs is the authentication information for the package element.

For an explanation of authentication information containment within package elements, see vapi.metadata.authentication.package.

When clients pass a value of this structure as a parameter, the key in the field key/value pairs must be an identifier for the resource type: com.vmware.vapi.package. When operations return a value of this structure as a result, the key in the field key/value pairs will be an identifier for the resource type: com.vmware.vapi.package.List of {"key": string, "value": package_info}

value.info.packages[].key string
value.info.packages[].value package_info
value.info.packages[].value.schemes authentication_info[] List of authentication schemes to be used for all the operation elements contained in this package element. If a particular service or operation element has no explicit authentications defined in the authentication defintion file, these authentication schemes are used for authenticating the user.

value.info.packages[].value.schemes[].scheme_type string The type of the authentication scheme.

Provides enumeration values for the set of valid authentication scheme types. Value is one of:
SESSIONLESS: Indicates that the scheme is a session less authentication scheme, the user is authenticated on every operation. There is no explicit session establishment.
SESSION_AWARE: Indicates that the scheme is a session aware authentication scheme. It requires an explicit login before executing a operation and logout when a session terminates. A service might choose to have a session aware scheme if it wants to associate some state corresponding to the user until the user logs out or if it wants to mitigate the cost of authenticating the user on every operation.

value.info.packages[].value.schemes[].session_manager string In a session aware authentication scheme, a session manager is required that supports create, delete and keepAlive operations. The fully qualified service name of the session manager is provided in vapi.metadata.authentication.authentication_info.session_manager field. This service is responsible for handling sessions.

Optional. It is only relevant when scheme_type has value SESSION_AWARE. This field is optional and it is only relevant when the value of scheme_type is SESSION_AWARE.

value.info.packages[].value.schemes[].scheme string String identifier of the authentication scheme.

Following are the supported authentication schemes by the infrastructure:

  • The identifier com.vmware.vapi.std.security.saml_hok_token for SAML holder of key token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.bearer_token for SAML bearer token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.session_id for session based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.user_pass for username and password based authentication mechanism.

value.info.packages[].value.services list Information about all service elements contained in this package element that contain authentication information. The key in the key/value pairs is the identifier of the service element and the value in the key/value pairs is the authentication information for the service element.

For an explanation of authentication information containment within service elements, see vapi.metadata.authentication.service.

When clients pass a value of this structure as a parameter, the key in the field key/value pairs must be an identifier for the resource type: com.vmware.vapi.service. When operations return a value of this structure as a result, the key in the field key/value pairs will be an identifier for the resource type: com.vmware.vapi.service.List of {"key": string, "value": service_info}

value.info.packages[].value.services[].key string
value.info.packages[].value.services[].value service_info
value.info.packages[].value.services[].value.schemes authentication_info[] List of authentication schemes to be used for all the operation elements contained in this service element. The authentication scheme specified on the package element corresponding to this service element is ignored.

value.info.packages[].value.services[].value.schemes[].scheme_type string The type of the authentication scheme.

Provides enumeration values for the set of valid authentication scheme types. Value is one of:
SESSIONLESS: Indicates that the scheme is a session less authentication scheme, the user is authenticated on every operation. There is no explicit session establishment.
SESSION_AWARE: Indicates that the scheme is a session aware authentication scheme. It requires an explicit login before executing a operation and logout when a session terminates. A service might choose to have a session aware scheme if it wants to associate some state corresponding to the user until the user logs out or if it wants to mitigate the cost of authenticating the user on every operation.

value.info.packages[].value.services[].value.schemes[].session_manager string In a session aware authentication scheme, a session manager is required that supports create, delete and keepAlive operations. The fully qualified service name of the session manager is provided in vapi.metadata.authentication.authentication_info.session_manager field. This service is responsible for handling sessions.

Optional. It is only relevant when scheme_type has value SESSION_AWARE. This field is optional and it is only relevant when the value of scheme_type is SESSION_AWARE.

value.info.packages[].value.services[].value.schemes[].scheme string String identifier of the authentication scheme.

Following are the supported authentication schemes by the infrastructure:

  • The identifier com.vmware.vapi.std.security.saml_hok_token for SAML holder of key token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.bearer_token for SAML bearer token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.session_id for session based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.user_pass for username and password based authentication mechanism.

value.info.packages[].value.services[].value.operations list Information about all operation elements contained in this service element that contain authentication information. The key in the key/value pairs is the identifier of the operation element and the value in the key/value pairs is the authentication information for the operation element.

For an explanation of containment of authentication information within operation elements, see vapi.metadata.authentication.service.operation.

When clients pass a value of this structure as a parameter, the key in the field key/value pairs must be an identifier for the resource type: com.vmware.vapi.operation. When operations return a value of this structure as a result, the key in the field key/value pairs will be an identifier for the resource type: com.vmware.vapi.operation.List of {"key": string, "value": operation_info}

value.info.packages[].value.services[].value.operations[].key string
value.info.packages[].value.services[].value.operations[].value operation_info
value.info.packages[].value.services[].value.operations[].value.schemes authentication_info[] List of authentication schemes used by an operation element. The authentication scheme specified on the service element corresponding to this operation element is ignored.

value.info.packages[].value.services[].value.operations[].value.schemes[].scheme_type string The type of the authentication scheme.

Provides enumeration values for the set of valid authentication scheme types. Value is one of:
SESSIONLESS: Indicates that the scheme is a session less authentication scheme, the user is authenticated on every operation. There is no explicit session establishment.
SESSION_AWARE: Indicates that the scheme is a session aware authentication scheme. It requires an explicit login before executing a operation and logout when a session terminates. A service might choose to have a session aware scheme if it wants to associate some state corresponding to the user until the user logs out or if it wants to mitigate the cost of authenticating the user on every operation.

value.info.packages[].value.services[].value.operations[].value.schemes[].session_manager string In a session aware authentication scheme, a session manager is required that supports create, delete and keepAlive operations. The fully qualified service name of the session manager is provided in vapi.metadata.authentication.authentication_info.session_manager field. This service is responsible for handling sessions.

Optional. It is only relevant when scheme_type has value SESSION_AWARE. This field is optional and it is only relevant when the value of scheme_type is SESSION_AWARE.

value.info.packages[].value.services[].value.operations[].value.schemes[].scheme string String identifier of the authentication scheme.

Following are the supported authentication schemes by the infrastructure:

  • The identifier com.vmware.vapi.std.security.saml_hok_token for SAML holder of key token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.bearer_token for SAML bearer token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.session_id for session based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.user_pass for username and password based authentication mechanism.

value.fingerprint string Fingerprint of the metadata of the component.

Authentication information could change when there is an infrastructure update. Since the data present in vapi.metadata.authentication.component_data.info could be quite large, fingerprint provides a convenient way to check if the data for a particular component is updated.

You should store the fingerprint associated with a component. After an update, by invoking the fingerprint operation, you can retrieve the new fingerprint for the component. If the new fingerprint and the previously stored fingerprint do not match, clients can then use the get to retrieve the new authentication information for the component.

Errors:

HTTP Status Code Type Description
404 not_found if the component element associated with component_id does not have any authentication information.