Generate an Access Token and Bearer Token in VMware Aria Automation for API Authentication
search cancel

Generate an Access Token and Bearer Token in VMware Aria Automation for API Authentication

book

Article ID: 346005

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

  • While using VMware Aria Automation's API, the access token and bearer token is required for authorization.
  • A wrench icon within the VMware Aria Automation UI is available where one may retrieve the bearer token directly.
  • If the icon is unavailable, you may retrieve the token by making a POST API call.


Environment

VMware Aria Automation 8.x

Resolution

Get Your Access Token for the VMware Aria Automation API

  1. Use the Identity Service API to obtain the API token (refresh token):
Note: The API token is valid for 90 days and can be used to generate a new access token when the access token expires. You cannot revoke the refresh token.
POST https://VMWareAriaAutomationFQDN/csp/gateway/am/api/login?access_token
Example:
hostname='VMwareAriaAutomationFQDN'
username='your_username'
password='your_password'
api_token=$(curl -k -X POST  "https://$hostname/csp/gateway/am/api/login?access_token"  -H 'Content-Type: application/json'  -H 'Accept: application/json'  -d '{ "username": "'$username'", "password": "'$password'" }' | jq -r .refresh_token)
echo "api_token: $api_token"

         In case when you have multiple vIDM directories, you might need to provide domain in the payload, like 

hostname='VMwareAriaAutomationFQDN' 
username='your_username'
password='your_password' 
domain='domain'
api_token=$(curl -k -X POST "https://$hostname/csp/gateway/am/api/login?access_token" -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{ "username": "'$username'", "password": "'$password'", "domain", "'$domain'" }' | jq -r .refresh_token)
echo "api_token: $api_token

 

  1. Use the IaaS API to request the access token (bearer token):
Note: After 25 minutes of inactivity, the access token times out, and you must request it again. You may revoke an access token at any time.
POST https://VMwareAriaAutomationFQDN/iaas/api/login
Get Bearer Token 
bearer_token=$(curl -k -X POST https://$hostname/iaas/api/login -H "Accept: application/json" -H 'Content-Type: application/json' --data '{"refreshToken":"'"$api_token"'"}' | jq -r .token )
echo "bearer_token: $bearer_token"
 
Example:
 
 
 
Note: While making API calls, use:
Headers: 'Content-Type: application/json'


Troubleshooting

  • If you have an existing integration where an API or access token has been issued, you may encounter errors similar to the following:
path":"/session-service/api/sessions/groups","status":404,"error":"Not Found","message":"404 NOT_FOUND \"Token not found\""
  • Repeat the steps to reissue an API token or access token to re-authenticate your API calls. 
Powered by Wolken Software