1. Types
  2. esx
  3. authentication
  4. trust
  5. security token issuers

esx authentication trust security token issuers: create spec

The create_spec structure contains fields to be specified for creating a new security token issuer trust. The structure includes an alias identifier, an issuer and a list of certificate chains.

Representation:

{
    "issuer_alias""obj-103",
    "signing_cert_chains"[
        {
            "cert_chain"[
                "string",
                "string"
            ]
        },
        {
            "cert_chain"[
                "string",
                "string"
            ]
        }
    ],
    "issuer""string"
}

Attributes:

Name Type Description
Required
issuer_alias string A unique string selected by the user.

When clients pass a value of this structure as a parameter, the field must be an identifier for the resource type: com.vmware.esx.authentication.trust.security-token-issuer. When operations return a value of this structure as a result, the field will be an identifier for the resource type: com.vmware.esx.authentication.trust.security-token-issuer.
issuer string Who created and signed the security token.

A unique string used by the security token issuer and added to all tokens. It must match the issuer field in the security token.

For example:

  • vCenter SAML issuer: https://vsphere1.example.com/websso/SAML2/Metadata/vsphere.local
  • vCenter JWT issuer: https://vsphere2.example.com/openidconnect/vsphere.local

signing_cert_chains x509_cert_chain[] List of token signing certificate chains. Private key is not included. JWT and SAML token issuer certificates are supported with public-private keys. Symmetric keys are not supported.
signing_cert_chains[].cert_chain string[] Certificate chain in base64 format