vCenter Single Sign-On Client API

The vCenter Single Sign-On client API is described in the WSDL (Web Service Definition Language) file that is included in the vCenter Single Sign-On SDK. This API defines a set of request operations that correspond to the WS-Trust 1.4 bindings. The set of operations includes Issue, Renew, Validate, and Challenge requests.

• Issue – Obtains a token from a vCenter Single Sign-On server.
• Renew – Renews an existing token.
• Validate – Validates an existing token.
• Challenge – Part of a negotiation with a vCenter Single Sign-On server to obtain a token.

The vCenter Single Sign-On SDK includes Java bindings for the vCenter Single Sign-On WSDL. The SDK also contains sample code that demonstrates client-side support for the WS-SecurityPolicy standard. Security policies specify the elements that provide SOAP message security. To secure SOAP messages, a client inserts digital signatures, certificates, and SAML tokens into the SOAP headers for vCenter Single Sign-On requests.

The Java sample includes a JAX-WS implementation of SOAP header methods that support the vCenter Single Sign-On security policies.

See vCenter Single Sign-On Security Policies and vCenter Single Sign-On SDK.