Appendix B: Security : Single Sign-On : SSO and Authenticating with the vCloud API
   
SSO and Authenticating with the vCloud API
The following are ways you can use SSO to authenticate with the vCloud API.
You can use the POST/sessions vCloud API, as this accepts security tokens as the request body:
*HTTP-Basic authenticationLogs in using user name and password to integrated identity provider for backwards-compatibility with vCloud Director v1.5.
*SAML assertionVerifies assertion is trusted.
*Proprietary tokenVerifies token from integrated identity provider is valid.
You can use the vCloud API GET /org/{id}/hostedIdentityProvider/token, which returns the security token for the integrated identity provider.
*HTTP-Basic authentication logs in using the user name and password.
*KerberosVerifies a Kerberos token using the Active Directory settings.
You can use the vCloud API GET /org/{id}/identityProviders which returns a list of IdPs federated with vCloud (currently integrated identity provider and possibly external identity provider) can be called anonymously.
You can use the vCloud API GET /org/{id}/saml/authnRequest, which returns the signed SAML AuthnRequest.