After site association is complete, organization administrators at any member site can begin associating their organizations.
To create an association between two organizations (we'll call them Org-A and Org-B here), you must be a system administrator at both sites so that you can log in to each site to retrieve the information required to associate the site with another site, then make a POST request to each site supplying the other site's association information.
The process of associating two organizations can be logically decomposed into two complementary pairing operations. The first operation (in this example) pairs Org-A at Site-A with Org-B at Site-B. You must then go on to pair Org-B at Site-B with Org-A at Site-A. Until both pairings are complete, the association is incomplete.
■
| |
■
|
You must be a system administrator at both sites or an organization administrator at both organizations. |
1 | Log in to Site-A and retrieve the association data from Org-A. Site association data is contained in the OrgAssociations element of the AdminOrg object. GET https://Site-A.example.com/admin/org/30 ... <AdminOrg name="Org-A" ...> ... <Link rel="down" href="https://Site-A.example.com/api/admin/org/30/associations" ... /> ... </AdminOrg> The OrgAssociations element includes a link of the form: <Link rel="down" href="https://Site-A.example.com/api/admin/org/30/associations/localAssociationData"/> Make a GET request to this link to retrieve the OrgAssociationMember element that contains the information required when associating this organization with another with an organization at an associated site. GET https://Site-A.example.com/api/admin/org/30/associations/localAssociationData ... <OrgAssociationMember ...> <Link ...> ... <RestEndpoint>https://Site-A.example.com/api/org/Org-A</RestEndpoint> <RestEndpointCertificate>-----BEGIN CERTIFICATE----- MIIDDTCCAfWgAwIBAgI...Ix0eSE= -----END CERTIFICATE----- </RestEndpointCertificate> <SiteId>urn:vcloud:org:94b78377-a3f8-4970-8e44-662d209f35f7</SiteId> <OrgId>urn:vcloud:org:f47c905d-6e7f-4ef2-a7ec-7136660bdc4f</OrgId> <OrgName>Org-A</OrgName> <OrgPublicKey>-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhki...QQIDAQAB -----END PUBLIC KEY----- </OrgPublicKey> </OrgAssociationMember> Save this response. You'll need it in Step 3. |
2 | Log in to Org-B and retrieve itsadd link for associations. This link is contained in the OrgAssociations element of the AdminOrg object . GET https://Site-B.example.com/admin/org/40 ... <AdminOrg name="Org-B" ...> ... <Link rel="down" href="https://Site-B.example.com/api/admin/org/40/associations" ... /> ... </AdminOrg> Retrieve the OrgAssociations to see this link. GET https://Site-B.example.com/admin/org/40/associations ... <OrgAssociations ... <Link rel="add" href="https://Site-B.example.com/api/admin/org/40/associations" ... /> ... </OrgAssociations> |
3 | POST the OrgAssociationMember response body you retrieved in Step 1 to the orgAssociations link for Site-B. You can include the entire response body. Any Link elements from the response body are ignored in a request. For brevity, this example omits the Link elements. POST https://Site-B.example.com/api/admin/org/40/associations content-type: application/vnd.vmware.admin.organizationAssociation+xml ... <OrgAssociationMember ...> ... <RestEndpoint>https://Site-A.example.com/api/org/Org-A</RestEndpoint> <RestEndpointCertificate>-----BEGIN CERTIFICATE----- MIIDDTCCAfWgAwIBAgI...Ix0eSE= -----END CERTIFICATE----- </RestEndpointCertificate> <SiteId>urn:vcloud:org:94b78377-a3f8-4970-8e44-662d209f35f7</SiteId> <OrgId>urn:vcloud:org:f47c905d-6e7f-4ef2-a7ec-7136660bdc4f</OrgId> <OrgName>Org-A</OrgName> <OrgPublicKey>-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhki...QQIDAQAB -----END PUBLIC KEY----- </OrgPublicKey> </OrgAssociationMember> |