1. Types
  2. vapi
  3. metadata
  4. authentication

vapi metadata authentication: operation info

The operation_info structure contains authentication information of an operation element.

Representation:

{
    "schemes"[
        {
            "session_manager""string",
            "scheme""string",
            "scheme_type""SESSIONLESS"
        },
        {
            "session_manager""string",
            "scheme""string",
            "scheme_type""SESSIONLESS"
        }
    ]
}

Attributes:

Name Type Description
Required
schemes authentication_info[] List of authentication schemes used by an operation element. The authentication scheme specified on the service element corresponding to this operation element is ignored.
schemes[].scheme_type string The type of the authentication scheme.

Provides enumeration values for the set of valid authentication scheme types. Value is one of:
SESSIONLESS: Indicates that the scheme is a session less authentication scheme, the user is authenticated on every operation. There is no explicit session establishment.
SESSION_AWARE: Indicates that the scheme is a session aware authentication scheme. It requires an explicit login before executing a operation and logout when a session terminates. A service might choose to have a session aware scheme if it wants to associate some state corresponding to the user until the user logs out or if it wants to mitigate the cost of authenticating the user on every operation.
schemes[].scheme string String identifier of the authentication scheme.

Following are the supported authentication schemes by the infrastructure:

  • The identifier com.vmware.vapi.std.security.saml_hok_token for SAML holder of key token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.bearer_token for SAML bearer token based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.session_id for session based authentication mechanism.
  • The identifier com.vmware.vapi.std.security.user_pass for username and password based authentication mechanism.

Optional
schemes[].session_manager string In a session aware authentication scheme, a session manager is required that supports create, delete and keepAlive operations. The fully qualified service name of the session manager is provided in vapi.metadata.authentication.authentication_info.session_manager field. This service is responsible for handling sessions.

Optional. It is only relevant when scheme_type has value SESSION_AWARE. This field is optional and it is only relevant when the value of scheme_type is SESSION_AWARE.