vCloud Air includes APIs for full, user lifecycle management.

Schema for User Management Resources

vCloud Air implements user management by using attributes from the common System for Cross-Domain Identity Management (SCIM) specification, which is designed for managing user identity in cloud-based applications, and adds schema extensions for functions unique to vCloud Air.

Common Elements from the SCIM Schema

Element

Description

email

Email address for the user

Note

The userName and email attributes must contain the same values.

familyName

Family name or last name for the user

givenName

First name of the user

roles

The roles to which the user is assigned

name

Name of the roles assigned to the user

You can assign a user to the following roles:

Account Administrator

Virtual Infrastructure Administrator

Network Administrator

Read-Only Administrator

End User

The roles are mutually exclusive with the exception of the Network Administrator and Virtual Infrastructure Administrator roles; meaning, you can assign a user to the Network Administrator and Virtual Infrastructure Administrator roles, or the Account Administrator, Read-Only Administrator, or End User role.

For information about the rights available for each predefined role in vCloud Air, see Role-based User Account Management in the vCloud Air Virtual Private Cloud OnDemand User's Guide.

Schema Extensions for User Management

Extension

Description

state

State of the user—active or inactive

id

Unique ID of the user

Created automatically when you create the user.

companyId

ID of the company to which the user belongs

Created automatically when VMware creates your Virtual Private Cloud OnDemand account.

customerNumber

Not used by the API

serviceGroupIds

The service group ID associated with the user

When you sign up for Virtual Private Cloud OnDemand, VMware creates your account and assigns a service group ID to your account. VMware uses your service group ID as part of its billing system. The service group ID indicates which billing account to charge for resource usage.

tosAccepted

Whether the Terms of Service has been accepted by the user

Note

You cannot update the tosAccepted element for a user.

tosAcceptDate

When the user accepted the Terms of Service

Note

You cannot update the tosAcceptDate element for a user.

userName

Name of the user in email format

Note

The userName and email attributes must contain the same values.

Summary of User Management Operations

As shown in the following sequence diagram, the APIs for Virtual Private Cloud OnDemand include the common CRUD (create, read, update, and delete) methods for the user management operations.

User Management API Sequence Diagram
User Management API Sequence Diagram

Additionally, the APIs include an operation to handle a forgotten password. See Retrieve Forgotten Password for information.