7.1.5 SSO and Authenticating with the vCloud API
Use the POST/sessions vCloud API, which accepts security tokens as the request body:
HTTP-Basic authentication
– Logs in using the user name and password to
the integrated identity provider for backwards compatibility with vCloud Director 1.5.
SAML assertion
– Verifies that the assertion is trusted.
Proprietary token
– Verifies that the token from the integrated identity provider is valid.
Use the vCloud API GET /org/{id}/hostedIdentityProvider/token to return the security token for the integrated identity provider:
HTTP-Basic authentication – Logs in using the user name and password.
Kerberos
– Verifies a Kerberos token using Active Directory settings.
Use the vCloud API GET /org/{id}/identityProviders to return a list of IdPs federated with vCloud (the currently integrated identity provider and possibly an external identity provider), which can be called anonymously.
Use the vCloud API GET /org/{id}/saml/authnRequest to return the signed SAML AuthnRequest.