Basic auth has been enabled as in TechDocs: Activating basic authentication but it still doesn't work for an embedded Orchestrator system.

VMware Cloud Foundation Orchestrator / Automation

Basic authentication is only usable for external Orchestrator on VCF 9.x - not for the embedded Orchestrator within VCFA.

Basic authentication still works in external Orchestrator since it has enough context about tenancy, i.e. it is limited to a single tenant and can scope this access token to a specific tenant.
Embedded orchestrator works in Provider Consumption Org, as well as "All VM Apps" organizations. This makes it hard to be able to correctly scope the token Privilege escalation would be possible if we decide to enable if we decide to enable it.

It is best practice for security not to use basic authentication.

It is possible to use an API token for both embedded & external Orchestrator. This API token needs to be exchanged for an Access token before executing requests against Orchestrator.

There are 2 ways to create a Bearer token:

• If the environment was upgraded from 8.x then the old API applies:
  • TechDocs: Get Your Access Token for the VCF Automation API
• If it is a fresh deployment then the new API should be used:
  • TechDocs: Generating an All Apps Access Token