Use vRO 8.x to connect to vIDM (3.3) via REST API

In this article, I will describe a usecase on HOWTO use vRO 8.x to connect to vIDM (3.3) via REST API

With sysadmin or architect infra background, when starting a well advanced cloud automation project, one can evaluate immediately the complexity of vRA/ vRO.

The context is the following:

  • you want to list the users and groups,
  • and to perform operations based on these users and groups in vIDM.

As a result, you can assign these vRO workflows to a vRA blueprint.

Specifically, when you want to connect to vIDM directly using REST API, based on the API documentation, you will have to use and provide the base64-encoded Client ID and Client Secret to obtain the token. To that end, you will be able to use the token in header in the REST operation just like in every REST client.

Foundationally as a pre-req., you should be familiar with the documentation for reference:

VMware Code
  • Documentation for vIDM – In the following documentation there is a section for acquiring tokens under the login section – It describes the details of the login/authorize APIs of vIDM:

Then, after your reading, here is what to do:
a) Create the vIDM client; Follow the guide from github:
Integrating Client Credentials app with OAuth2
https://github.com/vmware/idm/wiki/Integrating-Client-Credentials-app-with-OAuth2

b) Encode clientId and client secrete. For this purpose, you can use: https://www.base64encode.org/

c) Run the workflow to add REST host “Add a REST host

d) Run the Workflow “Add a REST operation” to get the token with the following parameters:
Url template: /SAAS/auth/oauthtoken
method: POST 
defaultContentType: application/x-www-form-urlencoded

e) Run the workflow “Add a REST operation” to get display vIDM users with following parameter:
urlTemplate: /SAAS/jersey/manager/api/scim/Users

f) Run the workflow “Generate a new workflow from a REST operation“. This will create the workflows to obtain the token and get the users, as per example below:
‘get-token: POST /SAAS/auth/oauthtoken’
‘Get-Users: GET /SAAS/jersey/manager/api/scim/Users’

g) Edit the workflow to do what we need to obtain the data

f) the workflow  “get-HZN-users-using-REST” is created to wrap those 2 workflows 

Now, in order to run the workflow, you just need the clientAndSecret value which is the encoded clientId and secret from point B.

It’s basic stuff. However you can now use vRO 8.x to connect to vIDM (3.3) via REST API 🙂

But it should help to start with building your workflows as there is no Horizon plugin for VRA 8 and no workflows that will interact with VIDM!

Naturally, if you need more advanced stuff, you will have to talk with VMware local representative to engage with PSO, or your local partner!

2 Replies to “Use vRO 8.x to connect to vIDM (3.3) via REST API”

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code