Using the /api/ni/auth/token API to Obtain an Authentication Token with a Local Account in Aria Operations for Networks (formerly vRNI)
search cancel

Using the /api/ni/auth/token API to Obtain an Authentication Token with a Local Account in Aria Operations for Networks (formerly vRNI)

book

Article ID: 313764

calendar_today

Updated On:

Products

VMware Aria Operations for Networks

Issue/Introduction

The POST /api/ni/auth/token API endpoint can generate an authentication token for a local account. However, a 401 Unauthorized response may occur if the request payload is not formatted correctly for a local account.

For example, the following request may result in a 401 Unauthorized error:

Request:

POST https://<hostFQDN>/api/ni/auth/token
Content-Type: application/json
{ "username": "user@domain",
"password": "password",
"domain": {
   "domain_type": "LDAP",
   "value": "example.com"
   }
}

 

Response:

{ "code": 401,
"message": "Unauthorized",
"details": []
}

This occurs because the request includes a domain field specifying an LDAP domain, which is not applicable for local accounts.

Resolution

The POST /api/ni/auth/token API endpoint supports generating an authentication token for a local account. It is important to note that the "domain" field is mandatory, and for local accounts, "domain_type": "LOCAL" (in uppercase) must be specified.

Here is an example request for a local account:

Request:

POST https://<hostFQDN>/api/ni/auth/token
Content-Type: application/json
{ "username": "user@domain",
"password": "password",
"domain": {
   "domain_type": "LOCAL" }
}

Response:

{ "token": "<bearer_token>",
"expiry": <date/time/value>
}

This ensures that authentication requests for local accounts are processed successfully.