vcenter trusted infrastructure trust authority clusters consumer principals: create-task
Creates a profile with the specified connection information on all hosts from a Trust Authority Cluster. This operation was added in vSphere API 7.0.0.
Request:
HTTP request
POST https://{server}/api/vcenter/trusted-infrastructure/trust-authority-clusters/{cluster}/consumer-principals
?vmw-task=true
?vmw-task=true
{
"principal" : {
"id" : {
"domain" : "string",
"name" : "string"
},
"type" : "STS_USER"
},
"certificates" : [
{
"cert_chain" : [
"string",
"string"
]
},
{
"cert_chain" : [
"string",
"string"
]
}
],
"issuer_alias" : "obj-103",
"issuer" : "string"
}
"principal" : {
"id" : {
"domain" : "string",
"name" : "string"
},
"type" : "STS_USER"
},
"certificates" : [
{
"cert_chain" : [
"string",
"string"
]
},
{
"cert_chain" : [
"string",
"string"
]
}
],
"issuer_alias" : "obj-103",
"issuer" : "string"
}
Path Parameters
| Name | Type | Description |
|---|---|---|
| Required | ||
| cluster | string | The ID of the Trust Authority Cluster to configure. |
Body Parameters:
| Name | Type | Description |
|---|---|---|
| bold = required | ||
| - | create_spec | The CreateSpec specifying the connection information. |
| -.certificates | x509_cert_chain[] | The certificates used by the vCenter STS to sign tokens. This attribute was added in vSphere API 7.0.0. |
| -.certificates[].cert_chain | string[] | Certificate chain in base64 format. This attribute was added in vSphere API 7.0.0. |
| -.issuer_alias | string | A user-friendly alias of the service which created and signed the security token. This attribute was added in vSphere API 7.0.0. When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.esx.authentication.trust.security-token-issuer. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.esx.authentication.trust.security-token-issuer. |
| -.issuer | string | The service which created and signed the security token. This attribute was added in vSphere API 7.0.0. |
| -.principal | sts_principal | The principal used by the vCenter to retrieve tokens. This attribute was added in vSphere API 7.0.0. |
| -.principal.id | sts_principal_id | The principal's ID. This attribute was added in vSphere API 7.0.0. |
| -.principal.id.name | string | The principal's username. This attribute was added in vSphere API 7.0.0. |
| -.principal.id.domain | string | The principal's domain. This attribute was added in vSphere API 7.0.0. |
| -.principal.type | string | The type of the principal (user or group). This attribute was added in vSphere API 7.0.0. The sts_principal_type enum can be either users or groups. This enumeration was added in vSphere API 7.0.0. Value is one of:STS_USER: The principal is a user. This constant was added in vSphere API 7.0.0. STS_GROUP: The principal is a group. This constant was added in vSphere API 7.0.0. |
Response:
HTTP Status Code: 202
Response Body Structure:
"obj-103"
Headers:
NoneType:
| Name | Type | Description |
|---|---|---|
| bold = required | ||
| - | string | a unique identifier of the profile. |
Errors:
| HTTP Status Code | Type | Description |
|---|---|---|
| 400 | already_exists | if a profile for the issuer already exists. |
| 500 | error | if there is a generic error. |
| 404 | not_found | if there is no such cluster. |
| 401 | unauthenticated | if the user can not be authenticated. |