Basic Authentication for the JSON Protocol

Basic authentication relies on username and password. These credentials are transported over HTTPS with TLS encryption, but for stricter security consider using SAML token authentication instead.

To authenticate with username and password, do the following steps.

Prerequisites

Basic authentication requires that you have a username and corresponding password that have privileges on the vCenter Server instance to which you connect. You also need the IP address or fully qualified domain name of the vCenter Server instance.

Procedure

  1. Prepare a JSON serialization of your credentials. This will be the body of your request. 
    body_string = '{"userName": "[email protected]", "password": "betyoucantguess"}'
  2. Get the SessionManager managed object reference from the ServiceInstance content. Format it for the resource portion of the service URL. 
    moref = si_content['sessionManager']
url_moref = '{}/{}'.format(moref['type'], moref['value'])
  3. Assemble the complete URL for a request to invoke the Login method of the SessionManager. 
    scheme = 'https://'
domain = 'vcenter.example.com'
endpoint = '/sdk/vim25'
version = '8.0.1.0'
method = 'Login'
url = scheme + domain + endpoint + '/' + version + '/' + url_moref + '/' + method
print(url)
    https://vcenter.example.com/sdk/vim25/8.0.1.0/SessionManager/SessionManager/Login
  4. Set the request header 'Content-Type' = 'application/json'. 
    request_headers = {}
request_headers['Content-Type'] = 'application/json'
  5. Send the URL and the body in an HTTP POST request. 
    from urllib.request import urlopen, Request
import ssl
# Skip certificate verification on test systems only:
unverified_context = ssl._create_unverified_context()
request = Request(url, headers=request_headers)
with urlopen(request, context=unverified_context) as response :
  response_headers = response.headers
  response_body = response.read()
  6. Extract the session token from the authentication header in the response. 
    token = response_headers['vmware-api-session-id']

Results

The token you extracted is your current session ID and is required to access most managed object properties and methods with the API.

Example:

What to do next

Save the token. Add the token header to all subsequent requests before sending.
request_headers['vmware-api-session-id'] = token