VMware vRealize Automation - 7.2 Programming Guide

Programming Guide

vRealize Automation 7.2

This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.

EN-002326-00

Programming Guide

You can ﬁnd the most up-to-date technical documentation on the VMware Web site at:

hp://www.vmware.com/support/

The VMware Web site also provides the latest product updates.

If you have comments about this documentation, submit your feedback to:

docfeedback@vmware.com

VMware, Inc.

3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com

2 VMware, Inc.

vRealize Automation Programming Guide

The Programming Guide provides information about the vRealize Automation REST APIs, including how to use the REST API services and resources, create HTTP bearer tokens for authentication and authorization, and construct REST API service calls.

Intended Audience

This information is intended for administrators and programmers who want to congure and manage vRealize Automation programmatically using the vRealize Automation REST API. The guide focuses on common use cases. For related information about all available REST API services, see in vRealize Automation API Reference at hps://www.vmware.com/support/pubs/vcac-pubs.html.

VMware Technical Publications Glossary

VMware Technical Publications provides a glossary of terms that might be unfamiliar to you. For denitions of terms as they are used in VMware technical documentation, go to

hps://www.vmware.com/support/pubs/vcac-pubs.html.

VMware, Inc.

5

Programming Guide

6 VMware, Inc.

Overview of the vRealize Automation

REST API 1

The vRealize Automation REST API provides consumer, administrator, and provider-level access to the service catalog with the same services that support the vRealize Automation console user interface. You can perform vRealize Automation functions programmatically by using REST API service calls.

The vRealize Automation REST API oers the following services and functions.

Table 1‑1. vRealize Automation REST API Services

Service Description

Approval Service Retrieve, create, update, and delete approval policies, policy types,

policy instances, and policy requests.

Branding Service Change the background and text colors, company logo, company

name, product name, tenant name, and other resources in the console.

Catalog Service Retrieve global and entitled catalog items, and entitlements for a

catalog item and its service that the current user can review. A consumer can retrieve, edit, and submit a request form for a catalog item. A provider can retrieve, register, update, and delete catalog items. Provision and manage systems.

Component Registry Service Access and manage all services and serves as the central view for

all service lookups.

Composition Service Allows vRealize Automation services to register application

components, which the composition service manages so that they can be used in composite blueprints.

Content Management Service Access and manage the content controller and package controller

for export and import processes. This includes export and import for blueprints and software.

Endpoint Conguration Service Create, read, update and delete endpoint types, endpoint

categories, and endpoints.

Event Broker Service Provide a central location and a consistent way of recording events

and querying for events.

Forms Service Used internally by the vRealize Automation system to create, read,

update and delete (perform CRUD operations on) request forms for XaaS components.

IaaS Proxy Provider Service Run a proxy service that acts as a bridge between the service

catalog and the IaaS provider to call other services, such as the catalog service, composition service, reservation service, and event broker service.

Identity Service Manage tenants, business groups, SSO and custom groups, users,

and identity stores.

VMware, Inc. 7

Programming Guide

Table 1‑1. vRealize Automation REST API Services (Continued)

Service Description

IP Address Management Service Allocate and deallocate IP addresses from IP address management

Licensing Service Retrieve permissions and post serial keys.

Management Service (Reclamation Service) Retrieve work item forms, callbacks, and tasks. Manage endpoint

Network Service Access and manage application network and security seings for

Notication Service Congure and send notications for several types of events such as

Orchestration Gateway Service Provides a gateway to VMware Realize Orchestrator (vRO) for

Extensibility (Plug-in) Service Retrieve, create, update, and delete a resource. Retrieve an

Portal Service Retrieve, create, update, and delete a portal resource.

Properties Service Manage custom properties, property groups, and property

Reservation Service Retrieve, create, update, and delete a reservation or reservation

Software Services Triggers the execution life cycle of software components using the

vRA Orchestrator Service Manage vRealize Orchestrator actions, tasks, packages, and

Work Item Service Retrieve, create, update, complete, cancel, and delete a work item.

XaaS Service Manages XaaS elements such as forms, endpoints, XaaS blueprints,

(IPAM) providers.

details including tenant, password, user name, and endpoint URL. Retrieve performance metrics. Retrieve and cancel reclamation requests.

creating and conguring NAT and routed networks; creating load balancers; and adding and conguring security groups, security tags and security policies for application components.

the successful completion of a catalog request or a required approval.

services running on vRealize Automation. By using the gateway, consumers of the API can access a vRO instance, and initiate workows or script actions without having to deal directly with the vRO APIs.

extension. Retrieve license notications.

denitions. Properties specify items that can be added to blueprints to trigger vRealize Orchestrator actions.

policy.

software agent, registers software agents, and manages the creation, modication and deletion of software componentsoftware component types, software resource requests, and nodes (machines).

workows. Browse system and plug-in inventories.

Also retrieve form data, metadata, detail forms, and submission forms from service providers.

tenants, vRealize Orchestrator imports, workows, and work items.

The advanced designer service selection on the vRealize Automation API Reference landing page selects the documentation for the XaaS service.

When a service request contains a resource URL, the rst part of the URL identies the service and the last part identies the resource. For example, the following resource URL identies the catalog service and the providers resource:

https://$host/component-registry/api/services

For more information about all the vRealize Automation REST API service calls, see “Using the vRealize

Automation API Reference,” on page 357 and the vRealize Automation API Reference in your

vRealize Automation installation.

8 VMware, Inc.

REST API Authentication 2

In the REST API, vRealize Automation requires HTTP bearer tokens in request headers for authentication of consumer requests. A consumer request applies to tasks that you can perform in the vRealize Automation console, such as requesting a machine.

To acquire an HTTP bearer token, you authenticate with an identity service that manages the communication with the SSO server. The identity service returns an HTTP bearer token that you include in all request headers until the token expires, or you delete it. An HTTP bearer token expires in 24 hours by default, but you can congure the token with a dierent duration.

Using HTTP Bearer Tokens

You use HTTP bearer tokens for tasks that you can also perform in the vRealize Automation console. You create a request header with the curl command or with some other utility.

You use POST, HEAD, and DELETE methods to manage HTTP bearer tokens.

Method URL Description

POST /tokens Authenticate the user with the identity service /tokens and

generate a new token.

HEAD /tokens/tokenID Validate the token tokenID.

DELETE /tokens/tokenID Delete the token tokenID.

Use the following root URL for HTTP bearer calls:

https://$vra_server/identity/api/tokens

Configure the Duration of an HTTP Bearer Token

You set the duration of HTTP bearer tokens in the /etc/vcac/security.properties le on the vRealize Automation appliance.

The eective duration or lifetime of an HTTP bearer token depends on the duration of its corresponding SAML token, which the SSO server creates at request time. An HTTP bearer token expires when it reaches the end of its congured duration, or at the end of the congured duration of the SAML token, whichever comes rst. For example, if the congured duration is three days for the HTTP bearer token and two days for the SAML token, the HTTP bearer token expires in two days. A conguration seing on the SSO server determines the duration of SAML tokens.

VMware, Inc.

9

Programming Guide

Prerequisites

Log in to the vRealize Automation appliance with SSH as root. The password is the one you specied

n

when you deployed the appliance.

The /etc/vcac/security.properties le on the appliance must be editable.

n

Procedure

1 Open the /etc/vcac/security.properties le for editing.

2 Add the following lines to the le, where N is an integer specifying the duration of the token in hours.

identity.basic.token.lifetime.hours=N

#The number is in hours.

3 Save and close the le.

4 Log out of the vRealize Automation appliance.

The new value applies the next time someone requests an HTTP bearer token.

Request an HTTP Bearer Token

You use an HTTP bearer token to authenticate a vRealize Automation REST API consumer request .

A consumer request must specify the correct component registry service and resource. For example, the URL to obtain an HTTP bearer token must specify the identity service and token resource.

The HTTP bearer token expires in 24 hours by default. See “Congure the Duration of an HTTP Bearer

Token,” on page 9 for information on how to set the duration.

For related information, see “Syntax for Requesting an HTTP Bearer Token,” on page 11.

Prerequisites

Log in to vRealize Automation using the applicable credentials. For example, to assign a user to a role,

n

log in as a tenant administrator.

Verify that the host name and fully qualied domain name of the vRealize Automation instance are

n

available.

Procedure

Enter a curl command in the following format, replacing the variables with the correct values.

u

The variable $vRA used in this example represents the host name.domain name of the vRealize Automation server, for example, mycompany.mktg.mydomain.com.

curl --insecure -H "Accept: application/json" -H 'Content-Type: application/json'

--data '{"username":"usrname","password":"passwd","tenant":"tenantURLtoken"}'

https://$vRA/identities/api/tokens

For example, enter the following command line:

curl --insecure -H "Accept: application/json" -H 'Content-Type: application/json' --data

'{"username":"TenantAdminUser @example.com","password":"password","tenant":"MYCOMPANY"}'

https://vra.mycompany.com/identities/api/tokens

The command returns a response header with a status code and, if your request is successful, an HTTP bearer token.

10 VMware, Inc.

Chapter 2 REST API Authentication

For example, the following sample output displays based on the command input:

HTTP/1.1 200 OK

Server: Apache-Coyote/1.1

Cache-Control: no-cache, no-store

Pragma: no-cache

Expires: Thur, 16 Jul 2015 23:59:59 GMT

Content-Type: application/json;charset=UTF-8

Content-Length: 324

Date: Wed, 15 Jul 2015 13:04:50 GMT

{

"expires":"2015-16-01T13:09:45.619Z",

"id":"MTM5MTI1OTg5MDQwMzozNDQyZWMxZmQ5ZDliODUzMGFiMjp0ZW5hbnQ6cWV1c2VybmFtZTpmcml0ekBjb2tlLmNvb

TplMDViNGU0NGM2ZWU0MWQ1OWEwMTNmZGExNTQwZjNlNGM3YTBlM2I5MDhlYWZjYjY1ZjhiODI2OTg4ODU3M2UwOTUwOWRk

MjlmYWRjNWQ4NjJkOTk1YmE3MTg1MWZhOTc2MjEyYjYxZmU3YTVhZDcwNzM3ZTg3ZDNjNDk2ZDlmNA==",

"tenant":"MYCOMPANY"

}

What to do next

Include the HTTP bearer token in your REST API service calls. You can store the token in a variable such as $AUTH and then use the variable in your requests.

Syntax for Requesting an HTTP Bearer Token

An HTTP bearer token is required by the REST client to use the vRealize Automation REST API. You can obtain a bearer token by authenticating to the identity service.

Input

Use the supported input parameters to control the command output.

A consumer request must specify the correct component registry service and resource. For example, the URL to obtain an HTTP bearer token must contain the identity service and token resource values.

Input Description

host host name.domain name of the vRealize Automation server, for example,

mycompany.mktg.mydomain.com.

usrname Species the tenant administrator user name.

passwd Species the tenant administrator password.

tenantURLtoken Species the tenant URL token determined by the system administrator when

creating the tenant, for example, support.

Output

The following information is displayed as a result of your HTTP bearer token request.

Output Description

expires Contains the ISO 8601 timestamp indicating when the token expires.

id Contains the HTTP bearer token to use in Authorization header in subsequent

requests.

tenant Displays the tenant ID associated with the token.

Response Status Codes

One of the following codes are displayed as a result of your HTTP bearer token request.

VMware, Inc. 11

Programming Guide

Status Code Description

200 OK Your request succeeded and the resource was updated. The

400 BAD REQUEST The data you provided in the POST failed validation.

401 UNAUTHORIZED The request could not authenticate the user or

Example: curl Command

You can enter the following command line format to request an HTTP bearer token.

curl --insecure -H "Accept: application/json" -H 'Content-Type: application/json' --data

'{"username":"usrname",

"password":"passwd","tenant":"tenantURLtoken"}' https://$host/identity/api/tokens

When your request succeeds, the system returns the 200 OK status code, the expiration date and time of the token, and the HTTP bearer token. After receiving the bearer token, you can include it in your request headers.

Validate an HTTP Bearer Token

response body contains the full representation of the resource.

Inspect the response body for details.

authentication credentials required.

You can validate an existing HTTP bearer token.

Prerequisites

“Request an HTTP Bearer Token,” on page 10.

n

Procedure

Create the request to validate the HTTP bearer token, as in the following example.

u

HEAD

/tokens/MTM5MTI1OTg5MDQwMzozNDQyZWMxZmQ5ZDliODUzMGFiMjp0ZW5hbnQ6cWV1c2VybmFtZTjYjY1ZjhiODI2OT

g4O

DU3M2UwOTUwOWRkMjlmYWRjNWQ4NjJkOTk1YmE3MTg1MWZhOTc2MjEyYjYxZmU3YTVhZDcwNzM3ZTg3ZDNjNDk2ZDlmNA

==

Accept: application/json

The system returns one of the following status codes.

Status Code Description

204 NO CONTENT The request succeeded.

401 UNAUTHORIZED You must have authentication credentials to access the resource. All requests must

be authenticated.

403 FORBIDDEN Your authentication credentials do not provide sucient access to the resource.

404 NOT FOUND Could not locate the resource based on the specied URI.

405 METHOD NOT ALLOWED The HEAD method is not supported for the resource.

500 SERVER ERROR Could not create or update the resource because of an internal server error.

12 VMware, Inc.

Chapter 2 REST API Authentication

Delete an HTTP Bearer Token

You can delete an HTTP bearer token.

Prerequisites

“Request an HTTP Bearer Token,” on page 10.

n

Procedure

Create the request to delete the HTTP bearer token, as in the following example.

u

DELETE

/tokens/MTM5MTI1OTg5MDQwMzozNDQyZWMxZmQ5ZDliODUzMGFiMjp0ZW5hbnQ6cWV1c2VybmFtZTjYjY1ZjhiODI2OT

g4O

DU3M2UwOTUwOWRkMjlmYWRjNWQ4NjJkOTk1YmE3MTg1MWZhOTc2MjEyYjYxZmU3YTVhZDcwNzM3ZTg3ZDNjNDk2ZDlmNA

==

Accept: application/json

The system returns one of the following status codes.

Status Code Description

204 NO CONTENT The request succeeded. The resource has been deleted.

401 UNAUTHORIZED You must have authentication credentials to access the resource. All requests must

be authenticated.

403 FORBIDDEN Your authentication credentials do not provide sucient access to the resource.

404 NOT FOUND Could not locate the resource based on the specied URI.

405 METHOD NOT ALLOWED The DELETE method is not supported for the resource.

500 SERVER ERROR Could not create or update the resource because of an internal server error.

VMware, Inc. 13

Programming Guide

14 VMware, Inc.

REST API Use Cases 3

Available use cases provide the prerequisite, command line options and format, and sample results to help you perform a variety of vRealize Automation functions, such as requesting a machine or creating a reservation.

You can nd information about all of the available vRealize Automation REST API calls in the vRealize Automation API Reference zip le located in the vRealize Automation Documentation Center. The use cases provide samples of calls that you might commonly use and descriptions of example inputs and outputs relative to those calls.

Create a Tenant on page 16

n

You can use the REST API identity service to create a vRealize Automation tenant and perform related functions. Perform the tasks required to create a tenant with the REST API in sequence. For information about creating and working with tenants and roles by using thevRealize Automation application user interface, see the Tenant Administration and IaaS Conguration documentation.

Request a Machine on page 33

n

You can use REST API catalog service commands to complete a variety of tasks related to requesting a machine. This procedure provides sample command line syntax for machine request tasks. Supporting information regarding available input and output parameters, command-line entry samples, and sample JSON output samples is available in the subsequent topics that explain syntax for the various tasks.

VMware, Inc.

Approve a Machine Request on page 50

n

You can use a sequence of REST API workitem service commands to approve a machine request.

List Provisioned Resources on page 69

n

You can use the REST API catalog service to log in to vRealize Automation and display a full or ltered list of your provisioned resources .

Manage Provisioned Deployments on page 87

n

You can use the REST API catalog service to log in to vRealize Automation and view information about provisioned resources .

Working with Reservations on page 101

n

You can work with the REST API reservation service to perform a variety of functions, such as creating and updating reservations.

Working with Reservation Policies on page 265

n

You can use the vRealize Automation REST API to work with the reservation service to perform a variety of functions, such as creating and updating reservation policies.

15

Programming Guide

Working with Key Pairs on page 274

n

You can work with the keyValuePair data element of the REST API workitem service to list, create, and update key pairs.

Working with Network Proles on page 287

n

You can use the vRealize Automation IaaS proxy provider service and IPAM service REST API to create, list, and update network proles.

Get a List of Available IP Ranges for an IPAM Provider on page 316

n

You can query a specied IPAM provider endpoint for a list of the available IP address ranges congured on the IPAM provider device.

Import and Export Content on page 334

n

You can use the REST API content management service to import and export content, such as blueprints, between vRealize Automation systems.

Create a Tenant

You can use the REST API identity service to create a vRealize Automation tenant and perform related functions. Perform the tasks required to create a tenant with the REST API in sequence. For information about creating and working with tenants and roles by using thevRealize Automation application user interface, see the Tenant Administration and IaaS Conguration documentation.

Prerequisites

Log in to vRealize Automation as a system administrator and a tenant administrator.

n

Verify that there is access to a functional LDAP, Active Directory, or Native Active Directory identity

n

server.

Verify that the identity server details required for the JSON template are available.

n

Verify that the host name and fully qualied domain name of the vRealize Automation instance are

n

available.

Verify that you have a valid HTTP bearer token that matches your login credentials. See Chapter 2,

n

“REST API Authentication,” on page 9.

Syntax for Displaying Your Current Tenants on page 18

n

You can use the REST API identity service to list of all the vRealize Automation tenants in your system.

Syntax for Requesting a New Tenant on page 20

n

You can use the REST API identity service to submit a request for a tenant. You can specify request parameters using JSON command line input or by calling an existing JSON le from the command line.

Syntax for Listing All Tenant Identity Stores on page 23

n

You can use the REST API identity service to list all available identity stores for a named vRealize Automation tenant, such as the default tenant vsphere.local.

Syntax for Linking an Identity Store to the Tenant on page 25

n

You can use the REST API identity service to link an LDAP, Active Directory, or Native Active Directory identity store to the vRealize Automation tenant.

Syntax for Searching LDAP or Active Directory for a User on page 29

n

You can use the vRealize Automation REST API identity service to search the congured LDAP directory, Active Directory, or Native Active Directory for a user.

16 VMware, Inc.

Chapter 3 REST API Use Cases

Syntax for Assigning a User to a Role on page 30

n

You can use the REST API identity service to assign a user to a role.

Syntax for Displaying all Roles Assigned to a User on page 31

n

You can use the REST API identity service to display all of the roles assigned to a user.

Procedure

1 Use the identity service to display all the available tenants.

curl --insecure -H "Accept:text/xml"

-H "Authorization: Bearer $token"

https://$host/identity/api/tenants

2 Submit a request for a new tenant and either call a JSON le that contains tenant request parameters or

specify those parameters using inline text. The rst example uses a JSON le as input. The second example uses inline text as input.

The rst example calls the following sample newTenant.json le.

{

"@type" : "Tenant",

"id" : "development",

"urlName" : "development",

"name" : "DevelopmentTenant",

"description" : "Tenant for all developers",

"contactEmail" : "admin@mycompany.com",

"defaultTenant" : false

}

Examples Command

Example 1

Call the above newTenant.json file, which contains parameters for the tenant request.

Example 2

Specify the parameters for the tenant request by using inline text.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token" https://$host/identity/api/tenants/development --data @C:\Temp\newTenant.json

curl --insecure -H "Accept: application/json" -H "ContentType: application/json"

-H "Authorization: Bearer $token"

--data '{"@type":"Tenant","id":"development","urlName":"developmen t","name": "DevelopmentTenant","description":"Tenant for all developers","contactEmail": "admin@mycompany.com","defaultTenant":false}'

3 List all available identity stores for a named tenant, such as the default tenant vsphere.local by using

variables, instead of the full token and host name.domain name.

curl --insecure -H "Accept: application/json" -H 'Content-Type: application/json'

-H "Authorization: Bearer $token” https://$host/identity/api/tenants/MYCOMPANY/directories

4 Link an LDAP, Active Directory, or Native Active Directory identity store to the tenant by using the

identity service.

Call the following sample ldap.json.txt input le from the command line to specify necessary parameters.

{

"alias": "example.com",

"domain": "example.mycompany.com",

"groupBaseSearchDn": "ou=demo,dc=example,dc=mycompany,dc=com",

VMware, Inc. 17

Programming Guide

"name": "openLDAPDemo",

"password": "password",

"type": "LDAP",

"url": "ldap://10.000.00.000:389",

"userBaseSearchDn": "ou=demo,dc=example,dc=mycompany,dc=com",

"userNameDn": "cn=demoadmin,ou=demo,dc=example,dc=mycompany,dc=com"

}

Use the following command to call the example JSON text le and link an identity store to a tenant. The command also tests that vRealize Automation can connect to the identity store successfully. If the command nishes successfully, vRealize Automation succeeded in connecting to the identity store.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token”

https://$host/identity/api/tenants/development/directories/example.mycompany.com

--data @C:\Temp\ldap.json.txt

5 Query the congured LDAP directory, Active Directory, or Native Active Directory for a specic user.

curl --insecure -H "Accept:text/xml"

-H "Authorization: Bearer $token"

https://$host/identity/api/tenants/$tenantId/principals/$userId

6 Assign a user to a role with the REST API identity service.

Use the following command string to submit a request to assign the user tony in the domain example.mycompany.com to the tenant administrator role. It provides empty braces for the required JSON payload.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token"

"https://$host/identity/api/authorization/tenants/development/principals/

susan@example.mycompany.com/roles/CSP_TENANT_ADMIN/" --data "{}"

7 Display all of the roles assigned to a user with the identity service.

Use the following command to list all the roles that are assigned to tony@example.mycompany.com.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token"

https://$host/identity/api/authorization/tenants/development/principals/

tony@example.mycompany.com/roles

What to do next

Syntax for Displaying Your Current Tenants

You can use the REST API identity service to list of all the vRealize Automation tenants in your system.

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/identity/api/tenants

$host Species the host name and fully qualied domain name or IP address

of the vRealize Automation identity server.

$token Species a valid HTTP bearer token with necessary credentials.

18 VMware, Inc.

Chapter 3 REST API Use Cases

Output

The command output contains property names and values based on the command input parameters.

Parameter Description

Links Species an array of link objects, each of which contains the

following parts:

rel

n

Species the name of the link.

n

Self refers to the object that was returned or requested. This parameter does not appear when you query a single prole.

n

First, Previous, Next, and Last refer to corresponding pages of pageable lists.

Species the application or service that determines

n

the other names.

href

n

Species the URL that produces the result.

Content Species an array of data rows, each of which represents

one of the tenant objects returned in a pageable list. Each tenant object can contain the following information:

Id:

n

Species the unique tenant identier.

urlName:

n

Species the name of the tenant as it appears in URLs.

Name:

n

Species the name of the tenant for display purposes.

description:

n

Species the long description of the tenant.

contactEmail:

n

Species the primary contact email address.

Password:

n

Unused

defaultTenant:

n

Is set to True if the corresponding tenant is the default tenant (vsphere.local).

Metadata Species the following paging-related data:

Size: Species the maximum number of rows per page.

n

totalElement: Species the number of rows returned.

n

This parameter is not output when you query for a single prole.

totalPages: Species the total number of pages of data

n

available.

Number: Species the current page number.

n

Oset: Species the number of rows skipped.

n

VMware, Inc. 19

Programming Guide

Example: curl Command

The following example command displays all available tenants.

curl --insecure -H "Accept:text/xml"

-H "Authorization: Bearer $token"

https://$host/identity/api/tenants

Format the XML output to improve its readability. For information about formaing output, see Chapter 5,

“Filtering and Formaing REST API Information,” on page 361.

Example: JSON Output

The following JSON output is returned based on the command input.

{

"links" : [ ],

"content" : [ {

"@type" : "Tenant",

"id" : "vsphere.local",

"urlName" : "vsphere.local",

"name" : "vsphere.local",

"description" : null,

"contactEmail" : null,

"password" : null,

"defaultTenant" : true

}, {

"@type" : "Tenant",

"id" : "MYCOMPANY",

"urlName" : "MYCOMPANY",

"name" : "QETenant",

"description" : "Test tenant",

"contactEmail" : null,

"password" : "defaultPwd#1",

"defaultTenant" : false

} ],

"metadata" : {

"size" : 19,

"totalElements" : 2,

"totalPages" : 1,

"number" : 1,

"offset" : 0

}

Syntax for Requesting a New Tenant

You can use the REST API identity service to submit a request for a tenant. You can specify request parameters using JSON command line input or by calling an existing JSON le from the command line.

Input

Use the supported input parameters to control the command output.

20 VMware, Inc.

Chapter 3 REST API Use Cases

Parameter Description

URL hps://$host/identity/api/tenants/$tenantId --data @

$inputFileName.json

$token Species a valid HTTP bearer token with necessary credentials.

$host Species the host name and fully qualied domain name or IP

address of the vRealize Automation identity server.

$tenantId Species the ID of the tenant.

$tenantURL Species the URL of the tenant.

$tenantName Species the name of the tenant.

$description Species a description of the tenant.

$emailAddress Species the contact email address for the tenant.

JSON Input File Template

To simplify command line input, create a JSON le and call that le from the command line. To create a JSON le, copy the following template to a new text le. To maintain formaing, use an XML editor. Replace the italicized variables in the template with your specic values.

{

"@type" : "Tenant",

"id" : "$tenantId",

"urlName" : "$tenantURL",

"name" : "$tenantName",

"description" : "$description",

"contactEmail" : "$emailAddress",

"defaultTenant" : false

}

Output

The command output contains property names and values based on the command input parameters.

VMware, Inc. 21

Programming Guide

Parameter Description

Links Species an array of link objects, each of which contains the

Content Species an array of data rows, each of which represents

Metadata Species the following paging-related data:

following parts:

rel

n

Species the name of the link.

n

Self refers to the object that was returned or requested. This parameter does not appear when you query a single prole.

n

First, Previous, Next, and Last refer to corresponding pages of pageable lists.

Species the application or service that determines

n

the other names.

href

n

Species the URL that produces the result.

one of the tenant objects returned in a pageable list. Each tenant object can contain the following information:

Id:

n

Species the unique tenant identier.

urlName:

n

Species the name of the tenant as it appears in URLs.

Name:

n

Species the name of the tenant for display purposes.

description:

n

Species the long description of the tenant.

contactEmail:

n

Species the primary contact email address.

Password:

n

Unused

defaultTenant:

n

Is set to True if the corresponding tenant is the default tenant (vsphere.local).

Size: Species the maximum number of rows per page.

n

totalElement: Species the number of rows returned.

n

This parameter is not output when you query for a single prole.

totalPages: Species the total number of pages of data

n

available.

Number: Species the current page number.

n

Oset: Species the number of rows skipped.

n

Example: curl Command

Submit a request for a new tenant and either call a JSON le that contains tenant request parameters or specify those parameters using inline text. The rst example uses a JSON le as input. The second example uses inline text as input.

22 VMware, Inc.

Chapter 3 REST API Use Cases

The rst example calls the following sample newTenant.json le.

{

"@type" : "Tenant",

"id" : "development",

"urlName" : "development",

"name" : "DevelopmentTenant",

"description" : "Tenant for all developers",

"contactEmail" : "admin@mycompany.com",

"defaultTenant" : false

}

Example 1: Use the following example to call the above newTenant.json le, which contains parameters for the tenant request.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token"

https://$host/identity/api/tenants/development --data @C:\Temp\newTenant.json

Example 2: Use the following example to specify parameters for the tenant request by using inline text.

curl --insecure -H "Accept: application/json" -H "Content-Type: application/json"

-H "Authorization: Bearer $token"

--data '{"@type":"Tenant","id":"development","urlName":"development","name":

"DevelopmentTenant","description":"Tenant for all developers","contactEmail":

"admin@mycompany.com","defaultTenant":false}'

Syntax for Listing All Tenant Identity Stores

You can use the REST API identity service to list all available identity stores for a named vRealize Automation tenant, such as the default tenant vsphere.local.

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/identity/api/tenants/$tenantId/directories

$host Species the host name and fully qualied domain name or IP address of the

vRealize Automation identity server.

$token Species a valid HTTP bearer token with necessary credentials.

$tenantId Species the ID of the tenant.

Output

The command output contains property names and values based on the command input parameters.

VMware, Inc. 23

Programming Guide

Parameter Description

Links Species an array of link objects, each of which contains the

Content Species an array of data rows, each of which represents

Metadata Species the following paging-related data:

following parts:

rel

n

Species the name of the link.

n

Self refers to the object that was returned or requested. This parameter does not appear when you query a single prole.

n

First, Previous, Next, and Last refer to corresponding pages of pageable lists.

Species the application or service that determines

n

the other names.

href

n

Species the URL that produces the result.

one of the tenant objects returned in a pageable list. Each tenant object can contain the following information:

Id:

n

Species the unique tenant identier.

urlName:

n

Species the name of the tenant as it appears in URLs.

Name:

n

Species the name of the tenant for display purposes.

description:

n

Species the long description of the tenant.

contactEmail:

n

Species the primary contact email address.

Password:

n

Unused

defaultTenant:

n

Is set to True if the corresponding tenant is the default tenant (vsphere.local).

Size: Species the maximum number of rows per page.

n

totalElement: Species the number of rows returned.

n

This parameter is not output when you query for a single prole.

totalPages: Species the total number of pages of data

n

available.

Number: Species the current page number.

n

Oset: Species the number of rows skipped.

n

Example: curl Command

The following example command lists the identity stores by using variables, instead of the full token and host name.domain name.

curl --insecure -H "Accept: application/json" -H 'Content-Type: application/json'

-H "Authorization: Bearer $token” https://$host/identity/api/tenants/MYCOMPANY/directories

24 VMware, Inc.

Chapter 3 REST API Use Cases

Example: JSON Output

The following JSON output is returned based on the command input.

HTTP/1.1 200 OK

Server: Apache-Beach/1.1

Cache-Control: no-cache, no-store

Pragma: no-cache

Expires: Wed, 31 Dec 1969 23:59:59 GMT

Content-Type: application/json;charset=UTF-8

Content-Length: 830

Date: Sat, 01 Feb 2014 13:07:54 GMT

{"links":[],

"content":[

{"@type":"IdentityStore",

"domain":"vcac.mycompany.com",

"name":"openLDAPPromocom",

"description":null,

"alias":"promocom.com",

"type":"LDAP",

"userNameDn":"cn=promocomadmin,ou=promocom,dc=vcac,dc=mycompany,dc=com",

"password":null,

"url":"ldap://10.000.00.000:389",

"groupBaseSearchDn":"ou=promocom,dc=vcac,dc=mycompany,dc=com",

"userBaseSearchDn":"ou=promocom,dc=vcac,dc=mycompany,dc=com"

},

{"@type":"IdentityStore",

"domain":"example.mycompany.com",

"name":"openLDAPDemo",

"description":null,

"alias":"example.com",

"type":"LDAP",

"userNameDn":"cn=demoadmin,ou=demo,dc=example,dc=mycompany,dc=com",

"password":null,

"url":"ldap://10.000.00.000:389",

"groupBaseSearchDn":"ou=demo,dc=example,dc=mycompany,dc=com",

"userBaseSearchDn":"ou=demo,dc=example,dc=mycompany,dc=com"

}],

"metadata":{

"size":20,

"totalElements":2,

"totalPages":1,

"number":1,

"offset":0

}

Syntax for Linking an Identity Store to the Tenant

You can use the REST API identity service to link an LDAP, Active Directory, or Native Active Directory identity store to the vRealize Automation tenant.

Input

Use the supported input parameters to control the command output.

VMware, Inc. 25

Programming Guide

Parameter Description

URL hps://$host/identity/api/tenants/$tenantId/directories/$domainName --data

$host Species the host name and fully qualied domain name or IP address of

$token Species a valid HTTP bearer token with necessary credentials.

$tenantId Species the ID of the tenant.

userId Species the ID of the user in the form name@domain.

$domainAlias Species the domain alias.

$domainName Species the domain of the identity store.

$grpBaseSearchDn Species the group search base Distinguished Name.

$identityStoreName Species a description of the new tenant.

$password Species the password.

$identityStoreType Species the identity store type for the tenant. The following values are

$identityServerUrl Species the URL of the identity server.

$usrBaseSearchDn Species the user search base Distinguished Name.

$usrNameDn Species the Distinguished Name for the login user.

@$inputFileName.json

the vRealize Automation identity server.

supported:

LDAP

n

AD

n

NATIVE_AD

n

JSON Input File Template

Use this template to create a JSON input le. Replace the variables in the template with actual values in the le.

{

"alias": "$domainAlias",

"domain": "$domainName",

"groupBaseSearchDn": "$grpBaseSearchDn",

"name": "$identityStoreName",

"password": "$password",

"type": "$identityStoreType",

"url": "$identityServerUrl",

"userBaseSearchDn": "$usrBaseSearchDn",

"userNameDn": "$usrNameDn"

}

Output

The command output contains property names and values based on the command input parameters.

26 VMware, Inc.

Chapter 3 REST API Use Cases

Parameter Description

Links Species an array of link objects, each of which contains the

following parts:

rel

n

Species the name of the link.

n

Self refers to the object that was returned or requested. This parameter does not appear when you query a single prole.

n

First, Previous, Next, and Last refer to corresponding pages of pageable lists.

Species the application or service that determines

n

the other names.

href

n

Species the URL that produces the result.

Content Species an array of data rows, each of which represents

one of the tenant objects returned in a pageable list. Each tenant object can contain the following information:

Id:

n

Species the unique tenant identier.

urlName:

n

Species the name of the tenant as it appears in URLs.

Name:

n

Species the name of the tenant for display purposes.

description:

n

Species the long description of the tenant.

contactEmail:

n

Species the primary contact email address.

Password:

n

Unused

defaultTenant:

n

Is set to True if the corresponding tenant is the default tenant (vsphere.local).

Metadata Species the following paging-related data:

Size: Species the maximum number of rows per page.

n

totalElement: Species the number of rows returned.

n

This parameter is not output when you query for a single prole.

totalPages: Species the total number of pages of data

n

available.

Number: Species the current page number.

n

Oset: Species the number of rows skipped.

n

Example JSON Input File

Call the following sample ldap.json.txt input le from the command line to specify necessary parameters.

{

"alias": "example.com",

"domain": "example.mycompany.com",

"groupBaseSearchDn": "ou=demo,dc=example,dc=mycompany,dc=com",

"name": "openLDAPDemo",

"password": "password",

"type": "LDAP",

VMware, Inc. 27

Programming Guide

"url": "ldap://10.000.00.000:389",

"userBaseSearchDn": "ou=demo,dc=example,dc=mycompany,dc=com",

"userNameDn": "cn=demoadmin,ou=demo,dc=example,dc=mycompany,dc=com"

}

Example: curl Command

The following example command calls the example JSON text le and links an identity store to a tenant. The command also tests that vRealize Automation can connect to the identity store successfully. If the command nishes successfully,vRealize Automation succeeded in connecting to the identity store.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token”

https://$host/identity/api/tenants/development/directories/example.mycompany.com

--data @C:\Temp\ldap.json.txt

Example: JSON Output

This output indicates that an identity store is successfully linked to the specied tenant.

Request Headers

{

Content-Type = application/json

Accept = application/json

Content-Length = 413

Accept-Charset = big5, big5-hkscs, euc-jp, euc-kr, gb18030, gb2312, gbk,

ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145,

ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277,

ibm278, ibm280, ibm284, ibm285, ibm290, ibm297, ibm420, ibm424, ibm437, ibm500,

ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864,

ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp,

iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2,

iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9,

jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16,

utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251,

windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257,

windows-1258, windows-31j, x-big5-hkscs-2001, x-big5-solaris, x-compound_text,

x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097,

x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1364, x-ibm1381,

x-ibm1383, x-ibm300, x-ibm33722, x-ibm737, x-ibm833, x-ibm834, x-ibm856, x-ibm874,

x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939,

x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950,

x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11,

x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian,

x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman,

x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213,

x-ms950-hkscs, x-ms950-hkscs-xp, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom,

x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874,

x-windows-949, x-windows-950, x-windows-iso2022jp

}

Response Headers

{

Date = Wed, 29 Oct 2014 22:41:57 GMT

Content-Type = application/json;charset=UTF-8

Content-Length = 0

Vary = Accept-Encoding,User-Agent

28 VMware, Inc.

Chapter 3 REST API Use Cases

Keep-Alive = timeout=15, max=100

Connection = Keep-Alive

}

Successful

Unlinked Identity Store Error

The following output indicates that an identity store is not linked to the specied tenant. To resolve the problem, correct the identity store and connection details in the JSON input le and rerun the command.

Command failed [Rest Error]: {Status code: 400}, {Error code: 90027} , {Error

Source: null}, {Error Msg: Cannot connect to the directory service.}, {System

Msg: 90027-Connection to directory service can’t be established}

Syntax for Searching LDAP or Active Directory for a User

You can use the vRealize Automation REST API identity service to search the congured LDAP directory, Active Directory, or Native Active Directory for a user.

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/identity/api/tenants/$tenantId/principals/$userId

$host Species the host name and fully qualied domain name or IP address of the

vRealize Automation identity server.

$token Species a valid HTTP bearer token with necessary credentials.

$tenantId Species the ID of the tenant.

$userId Species the ID of the user in the form name@domain.

Output

The command output contains property names and values based on the command input parameters.

Property Description

Links Species an array of link objects, each of which contains the following parts:

rel

n

Species the name of the link.

n

Self refers to the object that was returned or requested. This parameter does not appear when you query a single prole.

n

First, Previous, Next, and Last refer to corresponding pages of pageable lists.

Species the application or service that determines the other names.

n

href

n

Species the URL that produces the result.

@type Species the user name.

rstName Species the rst name of the user.

lastName Species the last name of the user.

description Species the description of the user.

emailAddress Species the email address of the user.

locked Species the Boolean ag indicating if the user is locked out.

VMware, Inc. 29

Programming Guide

Property Description

disabled Species the Boolean ag indicating if the user is disabled.

principalId Species the principal ID of the user in username@domain format.

tenantName Species the name of tenant to which user belongs.

name Species the rst and last name concatenated.

Example: curl Command

The following example command queries the congured LDAP directory for a specic user.

curl --insecure -H "Accept:text/xml"

-H "Authorization: Bearer $token"

https://$host/identity/api/tenants/$tenantId/principals/$userId

Example: JSON Output

The following JSON output is returned based on the command input.

{

"links" : [ ],

"content" : [ {

"@type" : "User",

"firstName" : "Tony",

"lastName" : "Anteater",

"emailAddress" : "tony@example.mycompany.com",

"locked" : false,

"disabled" : false,

"principalId" : {

"domain" : "example.mycompany.com",

"name" : "susan"

},

"tenantName" : "MYCOMPANY1",

"name" : "Tony Anteater"

} ]

}

Syntax for Assigning a User to a Role

You can use the REST API identity service to assign a user to a role.

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/identity/api/authorization/tenants/$tenantId/principals/$princi

palId/roles/roleId

$host Species the host name and fully qualied domain name or IP address of

the vRealize Automation identity server.

$token Species a valid HTTP bearer token with necessary credentials.

$tenantId Species the ID of the tenant.

$principalId Species the ID of the user in name@domain format.

$roleId Species the ID of the user role.

30 VMware, Inc.

Chapter 3 REST API Use Cases

Example: curl Command

The following example command string submits a request to assign the user tony in the domain

example.mycompany.com to the tenant administrator role. It provides empty braces for the required JSON

payload. See “Syntax for Searching LDAP or Active Directory for a User,” on page 29 for more information about geing the user name and domain values.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token"

"https://$host/identity/api/authorization/tenants/development/principals/

susan@example.mycompany.com/roles/CSP_TENANT_ADMIN/" --data "{}"

Example: JSON Output

If the command is successful, the HTTP response body is empty except for a 204 No Content status statement.

Syntax for Displaying all Roles Assigned to a User

You can use the REST API identity service to display all of the roles assigned to a user.

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/identity/api/authorization/tenants/$tenantId/principals/$princi

palId/roles

$token Species a valid HTTP bearer token with necessary credentials.

$host Species the host name and fully qualied domain name or IP address of

the vRealize Automation identity server.

$tenantId Species the ID of the tenant.

principalId Species the ID of the user in the form name@domain.

Output

The command output contains property names and values based on the command input parameters.

Property Description

id Species the role ID.

name Species the role name.

description Species the role description.

status Species the status of this role.

assignedPermissions Species the set of permissions that are implied by this role assignment.

Example: curl Command

The following example command lists all the roles that are assigned to tony@example.mycompany.com.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token"

https://$host/identity/api/authorization/tenants/development/principals/

tony@example.mycompany.com/roles

VMware, Inc. 31

Programming Guide

Example: JSON Output

The following JSON output is returned based on the command input.

{

"links" : [ ],

"content" : [ {

"@type" : "SystemRole",

"id" : "ABX_TENANT_ADMIN",

"name" : "Tenant Administrator",

"description" : "ABX Tenant Administrator",

"assignedPermissions" : [ {

"id" : "CATALOG_CONSUME_TENANT_MGMT",

"name" : "Catalog Consume Tenant Management",

"description" : "Consume services, resources and manage requests on

behalf of any user within a Tenant",

"prereqAdminPermissions" : null

}, {

"id" : "MY_TENANT_MANAGEMENT",

"name" : "My Tenant Management",

"description" : "Manage my tenant.",

"prereqAdminPermissions" : null

}, {

"id" : "CATALOG_AUTHOR_TENANT",

"name" : "Catalog Tenant-level Author",

"description" : "Create, update and publish services, catalog items and actions shared across a

Tenant.",

"prereqAdminPermissions" : null

}, {

"id" : "GUI_MY_TENANT_MANAGEMENT",

"name" : "My Tenant Administration User Interface",

"description" : "Access my tenant administration GUI.",

"prereqAdminPermissions" : null

}, {

"id" : "CATALOG_ENTITLE_TENANT",

"name" : "Catalog Tenant-level Entitlement Management",

"description" : "Entitle services, catalog items and actions to all users within a tenant.",

"prereqAdminPermissions" : null

}, {

"id" : "FILE_EDIT_TENANT",

"name" : "Manage Tenant Files",

"description" : "Upload and delete files belonging to this tenant.",

"prereqAdminPermissions" : null

}, {

"id" : "TENANT_USER_DATA_MANAGEMENT",

"name" : "Manage user data (requests, items, tasks etc) within a tenant.",

"description" : "Manage user created objects belonging to the tenant.",

"prereqAdminPermissions" : null

}, {

"id" : "TENANT_ADMIN_ROLE_ASSIGNMENT",

"name" : "Tenant Administrator Role Assignment",

"description" : "Assign the tenant administrator role to other users.",

"prereqAdminPermissions" : null

}, {

"id" : "GUI_MY_TENANT_TUG_MANAGEMENT",

32 VMware, Inc.

"name" : "My Tenant Identity Stores, Groups and Users Administration User Interfaces",

"description" : "Access my tenant identity stores, groups and users administration GUIs.",

"prereqAdminPermissions" : null

} ]

} ],

"metadata" : {

"size" : 20,

"totalElements" : 1,

"totalPages" : 1,

"number" : 1,

"offset" : 0

Request a Machine

You can use REST API catalog service commands to complete a variety of tasks related to requesting a machine. This procedure provides sample command line syntax for machine request tasks. Supporting information regarding available input and output parameters, command-line entry samples, and sample JSON output samples is available in the subsequent topics that explain syntax for the various tasks.

The REST API catalog service includes Hypermedia as the Engine of Application State (HATEOAS) links that function as templates to assist users in completing common tasks that are supported by the API. They typical scenario for using a template is for the user to submit a template request for a given context.

Chapter 3 REST API Use Cases

For example, catalog-service/api/consumer/entitledCatalogItems/ dc808d12-3786-4f7c-b5a1-

d5f997c8ad66/requests/template. Users can employ the returned template, either as is or modied, to create

an appropriate request. The user then POSTs, or PUTs, the request to the target API. For example, catalog-

service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-d5f997c8ad66/requests.

This procedure provides sample command line syntax for approving a machine request. Supporting information regarding available input and output parameters, command-line entry samples, and sample JSON output samples is available.

Prerequisites

Log in to vRealize Automation as a consumer and current business group user.

n

Verify that the host name and fully qualied domain name of the vRealize Automation instance are

n

available.

Verify that you have a valid HTTP bearer token that matches your login credentials. See Chapter 2,

n

“REST API Authentication,” on page 9.

Syntax for Listing Shared and Private Catalog Items on page 35

n

You can use the REST API catalog service to retrieve a list of all shared viewable catalog items for the current user. Shared catalog items do not belong to a specic business group. Also, this service retrieves a list of all shared and private catalog items that can be viewed, including their business groups.

Syntax for Geing Information for a Catalog Item on page 38

n

You can use the REST API catalog service to get information about a specic catalog item if desired.

Syntax for Geing a Template Request for a Catalog Item on page 41

n

You can use the REST API catalog service to request catalog items. VMware supplies a number of templates to help you create dierent types of machine requests.

Syntax for Requesting a Machine on page 44

n

You can use the REST API catalog service to submit a machine request.

VMware, Inc. 33

Programming Guide

Syntax for Viewing Details of a Machine Request on page 47

n

You can use the vRealize Automation REST API catalog service to view the details of a machine request.

Procedure

1 List all shared catalog items in the catalog.

You can browse the API and use HATEOAS links to navigate to additional API calls that are relevant to the current context.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token” https://$host/catalog-

service/api/consumer/entitledCatalogItemViews

Accept: application/json

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token”

https://$host/catalog-service/api/consumer/entitledCatalogItems

Alternatively, you can also search for a catalog item by name by substituting $catalogItemName with

$catalogItemId.

2 Locate the details of a specic catalog item by name.

Note that the vRealize Automation API supports OData ltering.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token” https://$host/catalog-

service/api/consumer/entitledCatalogItemViews?$filter=name+eq+%27$catalogItemName%27

curl --insecure -H "Content-Type: application/json" -H "Authorization: Bearer $token”

https://$host/catalog-service/api/consumer/entitledCatalogItems

3 Get a template request for a catalog item.

This request uses a HATEOAS link for a template request for this catalog item.

curl --insecure -H "Content-Type: application/json" -H "Authorization: Bearer $token”

https://$host/catalog-service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-

d5f997c8ad66/requests/template

Accept: application/json

4 Review and edit the template request.

The template request returned in preceding step is specic to the catalog item that corresponds to your template request. The elds and default values are populated based on the conguration of the underlying blueprint.

Review the contents of the template and edit the values if you want to change them from the default prior to submiing the request. For example, you can specify a value for the description eld or change the values for the machine resources if the blueprint allows for a range.

5 Submit the request.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token”

https://$host/catalog-service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-

d5f997c8ad66/requests --verbose --data

@C:/Temp/requestMachine.json

{

$contentsOfTemplateFromPrecedingSections

}

34 VMware, Inc.

Chapter 3 REST API Use Cases

6 (Optional) View the details of your request.

You can perform a GET on the URI in the Location header to retrieve the updated request details.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token” https://$host/catalog-

service/api/consumer/requests/7aaf9baf-aa4e-47c4-997b-edd7c7983a5b

Accept: application/json

The status information is particularly noteworthy in the request details. The phase eld corresponds to the status that is displayed in the Requests tab in the user interface.

Syntax for Listing Shared and Private Catalog Items

You can use the REST API catalog service to retrieve a list of all shared viewable catalog items for the current user. Shared catalog items do not belong to a specic business group. Also, this service retrieves a list of all shared and private catalog items that can be viewed, including their business groups.

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/catalog-service/api/consumer/catalogItems

$host Species the host name and fully qualied domain name or IP address of the

vRealize Automation identity server.

$token Species a valid HTTP bearer token with necessary credentials.

page number The page number. Default is 1.

limit The number of entries per page. The default is 20.

$orderby Multiple comma-separated properties sorted in ascending or descending order. Valid

OData properties include the following:

name - lter based on catalog item name.

n

status - lter based on catalog item status.

n

service/id - lter based on catalog item service id.

n

service/name - lter based on catalog item service name.

n

organization/subTenant/id - lter based on catalog item business group ID, which

n

you can nd in the catalogItem payload under organization > subtenantRef

organization/subTenant/name - lter based on catalog item business group name,

n

which you can nd in catalogItem payload under organization >subtenantLabel

outputResourceType/id - lter based on catalog item output resource type ID, for

n

example : Infrastructure.Virtual

outputResourceType/name - Filter based on catalog item output resource type

n

name, for example: "VirtualMavhine".

catalogItemType/id - lter based on catalog item type ID, for example:

n

"Infrastructure.Virtual".

catalogItemType/name - lter based on catalog item type name, for example:

n

"VirtualMachine".

icon/id - lter based on catalog item icon ID.

n

$top Sets the number of returned entries from the top of the response

$skip Sets the number of entries to skip.

VMware, Inc. 35

Programming Guide

Parameter Description

$lter Boolean expression for whether a particular entry should be included in the response.

serviceId (Optional) Query parameter to lter the returned catalog items by one specic service.

onBehalfOf (Optional) Query parameter that provides the value of the user ID when making a

Valid OData properties include the following:

name - lter based on catalog item name.

n

status - lter based on catalog item status.

n

service/id - lter based on catalog item service id.

n

service/name - lter based on catalog item service name.

n

organization/subTenant/id - lter based on catalog item business group ID, which

n

you can nd in the catalogItem payload under organization > subtenantRef

organization/subTenant/name - lter based on catalog item business group name,

n

which you can nd in catalogItem payload under organization >subtenantLabel

outputResourceType/id - lter based on catalog item output resource type ID, for

n

example : Infrastructure.Virtual

outputResourceType/name - Filter based on catalog item output resource type

n

name, for example: "VirtualMavhine".

catalogItemType/id - lter based on catalog item type ID, for example:

n

"Infrastructure.Virtual".

catalogItemType/name - lter based on catalog item type name, for example:

n

"VirtualMachine".

icon/id - lter based on catalog item icon ID.

n

request on behalf of another user.

Output

The command output contains property names and values based on the command input parameters.

Property Description

outputResourceTypeRef Species the type of the resource that results from requesting the catalog item.

catalogItemId Species the catalog item identier.

name Species the user friendly name of the catalog item. Species the property type is

string.

description Species a short description of the catalog item. Species the property type is string.

catalogItemTypeRef Species the type of the catalog item.

serviceRef Species the catalog service that contains the catalog item.

iconId Species the associated icon representing this item.

isNoteworthy Species if the catalog item should be highlighted to users for a period of time.

dateCreated Species the date that this item was created in the catalog.

lastUpdatedDate Species the date that this item was last updated in the catalog.

entitledOrganizations Species the organizations in which the catalog item can be consumed by the current

user.

Example Curl Command

The following example command retrieves information about all the available shared catalog items of the type ConsumerEntitledCatalogItemView.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token” https://$host/catalog-

service/api/consumer/entitledCatalogItemViews

36 VMware, Inc.

Chapter 3 REST API Use Cases

Example: JSON Output

The following JSON output is returned based on the command input.

{

"links": [],

"content": [

{

"@type": "ConsumerEntitledCatalogItemView",

"links": [

{

"@type": "link",

"rel": "GET: Request Template",

"href": "https://$host/catalog-

service/api/consumer/entitledCatalogItems/7c8275d6-1bd6-452a-97c4-d6c053e4baa4/requests/template"

},

{

"@type": "link",

"rel": "POST: Submit Request",

"href": "https://$host/catalog-

service/api/consumer/entitledCatalogItems/7c8275d6-1bd6-452a-97c4-d6c053e4baa4/requests"

}

],

"entitledOrganizations": [

{

"tenantRef": "mycompany",

"tenantLabel": "mycompany",

"subtenantRef": "c0683388-6db2-4cb5-9033-b24d15ad3766",

"subtenantLabel": "Demo Group"

}

],

"catalogItemId": "7c8275d6-1bd6-452a-97c4-d6c053e4baa4",

"name": "Linux",

"description": "Linux blueprint for API demo",

"isNoteworthy": false,

"dateCreated": "2015-07-29T03:54:28.141Z",

"lastUpdatedDate": "2015-07-29T12:46:56.405Z",

"iconId": "cafe_default_icon_genericCatalogItem",

"catalogItemTypeRef": {

"id": "com.vmware.csp.component.cafe.composition.blueprint",

"label": "Composite Blueprint"

},

"serviceRef": {

"id": "057d4095-95f1-47da-b14b-641ac9010c97",

"label": "Infrastructure Services"

},

"outputResourceTypeRef": {

"id": "composition.resource.type.deployment",

"label": "Deployment"

}

],

"metadata": {

"size": 20,

"totalElements": 1,

VMware, Inc. 37

Programming Guide

"totalPages": 1,

"number": 1,

"offset": 0

}

Syntax for Getting Information for a Catalog Item

You can use the REST API catalog service to get information about a specic catalog item if desired.

REST API Catalog Service

The REST API supports OData ltering. For more information about supported OData lters, refer to the vRealize Automation API Reference, particularly the REST API Tips page located at

https://$host/component-registry/services/docs/odata.html.

For specic information about catalog service lters, see the "Important Notes About catalog-service and OData Queries" topic located at https://$host/catalog-service/api/docs/index.html.

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/catalog-service/api/consumer/catalogItems

$host Species the host name and fully qualied domain name or IP address of the

vRealize Automation identity server.

$token Species a valid HTTP bearer token with necessary credentials.

page number The page number. Default is 1.

limit The number of entries per page. The default is 20.

$orderby Multiple comma-separated properties sorted in ascending or descending order. Valid

OData properties include the following:

name - lter based on catalog item name.

n

status - lter based on catalog item status.

n

service/id - lter based on catalog item service id.

n

service/name - lter based on catalog item service name.

n

organization/subTenant/id - lter based on catalog item business group ID, which

n

you can nd in the catalogItem payload under organization > subtenantRef

organization/subTenant/name - lter based on catalog item business group name,

n

which you can nd in catalogItem payload under organization >subtenantLabel

outputResourceType/id - lter based on catalog item output resource type ID, for

n

example : Infrastructure.Virtual

outputResourceType/name - Filter based on catalog item output resource type

n

name, for example: "VirtualMavhine".

catalogItemType/id - lter based on catalog item type ID, for example:

n

"Infrastructure.Virtual".

catalogItemType/name - lter based on catalog item type name, for example:

n

"VirtualMachine".

icon/id - lter based on catalog item icon ID.

n

$top Sets the number of returned entries from the top of the response

$skip Sets the number of entries to skip.

38 VMware, Inc.

Chapter 3 REST API Use Cases

Parameter Description

$lter Boolean expression for whether a particular entry should be included in the response.

Valid OData properties include the following:

name - lter based on catalog item name.

n

status - lter based on catalog item status.

n

service/id - lter based on catalog item service id.

n

service/name - lter based on catalog item service name.

n

organization/subTenant/id - lter based on catalog item business group ID, which

n

you can nd in the catalogItem payload under organization > subtenantRef

organization/subTenant/name - lter based on catalog item business group name,

n

which you can nd in catalogItem payload under organization >subtenantLabel

outputResourceType/id - lter based on catalog item output resource type ID, for

n

example : Infrastructure.Virtual

outputResourceType/name - Filter based on catalog item output resource type

n

name, for example: "VirtualMavhine".

catalogItemType/id - lter based on catalog item type ID, for example:

n

"Infrastructure.Virtual".

catalogItemType/name - lter based on catalog item type name, for example:

n

"VirtualMachine".

icon/id - lter based on catalog item icon ID.

n

serviceId (Optional) Query parameter to lter the returned catalog items by one specic service.

onBehalfOf (Optional) Query parameter that provides the value of the user ID when making a

request on behalf of another user.

Output

The command output contains property names and values based on the command input parameters.

Property Description

outputResourceTypeRef Species the type of the resource that results from requesting the catalog item.

catalogItemId Species the catalog item identier.

name Species the user friendly name of the catalog item. Species the property type is

string.

description Species a short description of the catalog item. Species the property type is string.

catalogItemTypeRef Species the type of the catalog item.

serviceRef Species the catalog service that contains the catalog item.

iconId Species the associated icon representing this item.

isNoteworthy Species if the catalog item should be highlighted to users for a period of time.

dateCreated Species the date that this item was created in the catalog.

lastUpdatedDate Species the date that this item was last updated in the catalog.

entitledOrganizations The list of organizations in which the current user can consume the catalog item.

Example Curl Command

The following example command retrieves information about all the available shared catalog items of the type ConsumerEntitledCatalogItemView.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token” https://$host/catalog-

service/api/consumer/entitledCatalogItemViews

VMware, Inc. 39

Programming Guide

Example: JSON Output

The following JSON output is returned based on the command input.

{

"links": [],

"content": [

{

"@type": "ConsumerEntitledCatalogItemView",

"links": [

{

"@type": "link",

"rel": "GET: Request Template",

"href": "https://$host/catalog-

service/api/consumer/entitledCatalogItems/7c8275d6-1bd6-452a-97c4-d6c053e4baa4/requests/template"

},

{

"@type": "link",

"rel": "POST: Submit Request",

"href": "https://$host/catalog-

service/api/consumer/entitledCatalogItems/7c8275d6-1bd6-452a-97c4-d6c053e4baa4/requests"

}

],

"entitledOrganizations": [

{

"tenantRef": "mycompany",

"tenantLabel": "mycompany",

"subtenantRef": "c0683388-6db2-4cb5-9033-b24d15ad3766",

"subtenantLabel": "Demo Group"

}

],

"catalogItemId": "7c8275d6-1bd6-452a-97c4-d6c053e4baa4",

"name": "Linux",

"description": "Linux blueprint for API demo",

"isNoteworthy": false,

"dateCreated": "2015-07-29T03:54:28.141Z",

"lastUpdatedDate": "2015-07-29T12:46:56.405Z",

"iconId": "cafe_default_icon_genericCatalogItem",

"catalogItemTypeRef": {

"id": "com.vmware.csp.component.cafe.composition.blueprint",

"label": "Composite Blueprint"

},

"serviceRef": {

"id": "057d4095-95f1-47da-b14b-641ac9010c97",

"label": "Infrastructure Services"

},

"outputResourceTypeRef": {

"id": "composition.resource.type.deployment",

"label": "Deployment"

}

],

"metadata": {

"size": 20,

"totalElements": 1,

40 VMware, Inc.

Chapter 3 REST API Use Cases

"totalPages": 1,

"number": 1,

"offset": 0

}

Syntax for Getting a Template Request for a Catalog Item

You can use the REST API catalog service to request catalog items. VMware supplies a number of templates to help you create dierent types of machine requests.

Overview

In the entitledCatalogItemViews response, there is a link eld that contains a value similar to the following:

{

"@type":"link",

"href":"https://$host/catalog-

service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-

d5f997c8ad66/requests/template",

"rel":"GET: Request Template"

}

This URL is a HATEOAS link for a template request for this catalog item. The rel eld provides a description of the link (request template) and indicates the HTTP method to use with the URI in the href eld (GET). By using these HATEOAS links, you can make follow-on API calls without having to consult the API documentation for the URI syntax or construct the links programmatically.

Review and Edit the Template Request

The returned template request is specic to the applicable catalog item. The elds and default values are populated based on the conguration of the underlying blueprint.

You can review the contents of the template and optionally edit the values if you want to change them from the default prior to submiing the request. For example, you can specify a value for the description eld or change the values for the machine resources if the blueprint allows for a range.

Input

Use the supported input parameters to control the command output.

Parameter Description

id The UUID of the catalog item.

Output

The command output contains property names and values based on the command input parameters.

Property Description

entitledOrganizations The list of organizations in which the current user can consume the catalog item.

catalogItemId Species the catalog item identier.

VMware, Inc. 41

Programming Guide

Example Curl Command

The following example command retrieves the catalog item with an ID of dc808d12-3786-4f7c-b5a1-

d5f997c8ad66.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token” https://$host/catalog-

service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-d5f997c8ad66/requests/template

Example: JSON Output

The following JSON output is returned based on the command input.

{

"type": "com.vmware.vcac.catalog.domain.request.CatalogItemProvisioningRequest",

"catalogItemId": "7c8275d6-1bd6-452a-97c4-d6c053e4baa4",

"requestedFor": "csummers@example.com",

"businessGroupId": "c0683388-6db2-4cb5-9033-b24d15ad3766",

"description": null,

"reasons": null,

"data": {

"Existing_Network_1": {

"componentTypeId": "com.vmware.csp.component.cafe.composition",

"componentId": null,

"classId": "Blueprint.Component.Declaration",

"typeFilter": "LinuxDemo*Existing_Network_1",

"data": {

"_cluster": 1,

"_hasChildren": false,

"description": null,

"name": "Existing Network",

"networkname": "Existing Network",

"subnetmask": "255.255.255.0"

}

},

"vSphere-Linux": {

"componentTypeId": "com.vmware.csp.component.cafe.composition",

"componentId": null,

"classId": "Blueprint.Component.Declaration",

"typeFilter": "LinuxDemo*vSphere-Linux",

"data": {

"Cafe.Shim.VirtualMachine.MaxCost": 0,

"Cafe.Shim.VirtualMachine.MinCost": 0,

"_cluster": 1,

"_hasChildren": false,

"action": "FullClone",

"allow_storage_policies": false,

"archive_days": 0,

"blueprint_type": "1",

"cpu": 1,

"custom_properties": [],

"daily_cost": 0,

"datacenter_location": null,

"description": null,

"disks": [

{

42 VMware, Inc.

Chapter 3 REST API Use Cases

"componentTypeId": "com.vmware.csp.iaas.blueprint.service",

"componentId": null,

"classId": "Infrastructure.Compute.Machine.MachineDisk",

"typeFilter": null,

"data": {

"capacity": 6,

"id": 0,

"initial_location": "",

"is_clone": false,

"label": "",

"storage_reservation_policy": "",

"userCreated": true,

"volumeId": 0

}

],

"display_location": false,

"guest_customization_specification": null,

"lease_days": 0,

"machine_actions": [

"DESTROY",

"POWER_ON",

"CONNECT_RDP_SSH",

"REPROVISION",

"POWER_CYCLE",

"EXPIRE",

"SUSPEND",

"CONNECT_REMOTE_CONSOLE",

"CONNECT_USING_VDI"

],

"machine_prefix": {

"componentId": null,

"classId": "Infrastructure.Compute.MachinePrefix",

"id": "Use group default"

},

"max_network_adapters": 0,

"max_per_user": 0,

"max_volumes": 60,

"memory": 4096,

"nics": [

{

"componentTypeId": "com.vmware.csp.iaas.blueprint.service",

"componentId": null,

"classId": "Infrastructure.Compute.Machine.Nic",

"typeFilter": null,

"data": {

"address": "",

"assignment_type": "DHCP",

"custom_properties": null,

"id": 0,

"load_balancing": "",

"network_profile": "Existing Network"

}

],

VMware, Inc. 43

Programming Guide

"number_of_instances": 1,

"os_arch": "x86_64",

"os_distribution": null,

"os_type": "Linux",

"os_version": null,

"platform_name": "vsphere",

"platform_type": "virtual",

"property_groups": [

null

],

"provisioning_workflow": {

"componentId": null,

"classId": "Infrastructure.Compute.ProvisioningWorkflow",

"id": "CloneWorkflow"

},

"reservation_policy": {

"componentId": null,

"classId": "Infrastructure.Reservation.Policy.ComputeResource",

"id": "None"

},

"security_groups": [],

"security_tags": [],

"source_machine": null,

"source_machine_external_snapshot": null,

"source_machine_name": "cbpcentos_63_x86",

"source_machine_vmsnapshot": null,

"storage": 6

}

Syntax for Requesting a Machine

You can use the REST API catalog service to submit a machine request.

Prepare you Request

Going back to the entitledCatalogItemViews response, locate a link eld that contains a value similar to the following:

{

"@type":"link",

"href":"https://$host/catalog-

service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-d5f997c8ad66/requests",

"rel":"POST: Submit Request"

}

Use the information in this response to edit the template construct the URI to request the desired catalog item using a POST command.

Input

Use the supported input parameters to control the command output.

44 VMware, Inc.

Chapter 3 REST API Use Cases

Parameter Description

URL hps://$host/catalog-service/api/consumer/requests/requestId

$host Species the host name and fully qualied domain name or IP address of

the vRealize Automation identity server.

$token Species a valid HTTP bearer token with necessary credentials.

catalogItemId The identier of a catalog item. Typically, this is provided by users via the

REST URI when making an entitledCatalogItem provisioning request.

requestedFor The user for whom this request is being made. Must be the fully qualied

user ID. Typically this is provided by the REST URI when making an entitledCatalogItem provisioning request.

businessGroupId The business group identier associated with the request. Typically this is

provided via the REST URI when making the request.

description The catalog item description.

reasons

data Context-specic properties. Obtain the consumerEntitledCatalogItem

template request to identify the properties available for a given context.

Output

The command output contains property names and values based on the command input parameters.

Property Description

version Displays the object version number.

state Species the item state, such as submied.

approvalStatus Species a status indicating whether this request has been approved, rejected, or is still

pending some form of approval.

waitingStatus Species a status indicating whether this request is waiting on any external users or

services before it is able to progress.

requestNumber Species a more user-friendly identier for this request.

executionStatus Species the current execution status of the request.

stateName Species the localized state name.

phase Species the current phase of the request, which is more coarse grained and easier for

users to understand.

id Species the unique identier of this resource.

iconId Species an icon for this request based on the requested object type.

description Contains a brief description of this request.

reasons Species the business reasons entered by the requestor or owner of this request.

requestedFor Species the ID of the user for whom this request is logged.

requestedBy Species the ID of the user who actually submied the request

organization Subtenant and/or tenant owner of this request.

requestorEntitlementId Specied the value of the requestorEntitlement seing.

preApprovalId Species the ID of the preApproval seing.

postApprovalId Species the ID of the approval generated for the post-provisioning workow step.

dateCreated Species the date when this request was sent to the catalog.

lastUpdated Species the date when this request was last updated.

VMware, Inc. 45

Programming Guide

Property Description

dateSubmied Species the date when this request was rst submied.

dateApproved Species the date when this request was approved.

dateCompleted Species the date when this request was completed.

quote Contains a quote made by the provider dening the estimated cost(s) associated with

requestCompletion Contains additional request completion information.

requestData Contains a map of the provider-specic eld-value pairs collected for this request.

retriesRemaning Species the number of aempts remaining to move this request from its current state to

requestedItemName Species the item name.

requestedItemDescription Species the item description.

components Returns the list of components associated with the request. The provider supplies this

the request and/or any resources provisioned as a result of the request.

the next state in the request workow.

Some state transitions require calls to external services. These calls may fail due to transient errors such as momentary network errors. In these cases, the catalog will retry the call a number of times before failing.

This property denes the number of retries remaining for the current state transition. When it reaches 0, the catalog will stop retrying and mark the request as failed. This property is reset to the default number of retries for every new operation that is triggered.

list of components after request initialization.

Example: Curl Command

To construct your request, refer to the entitledCatalogItemViews response received when you ran the request described in “Syntax for Geing a Template Request for a Catalog Item,” on page 41, locate a link eld that contains a value similar to the following:

{

"@type":"link",

"href":"https://$host/catalog-

service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-d5f997c8ad66/requests",

"rel":"POST: Submit Request"

}

The following example command submits a machine request using appropriately edited template content from the entitledCatalogItemViews response.

curl --insecure -H "Content-Type: application/json"

-H "Authorization: Bearer $token”

https://$host/catalog-service/api/consumer/entitledCatalogItems/dc808d12-3786-4f7c-b5a1-

d5f997c8ad66/requests

{

$contentsOfTemplateFromPrecedingSections

}

Example: Output with Request and Response Headers

The following sample displays the request and response headers and the command output. Use the indicated JSON text le or inline text as input.

{

Accept = application/json

Content-Type = application/json

Content-Length = 2806

46 VMware, Inc.

Chapter 3 REST API Use Cases

}

Response Headers

{

Date = Wed, 03 Dec 2014 20:58:34 GMT

ETag = "0"

Location = https://$host/catalog-service/api/consumer/requests/7aaf9baf-aa4e-47c4-997b-

edd7c7983a5b

{

$requestObjectDetails

}

Content-Type = application/json;charset=UTF-8

Content-Length = 0

Vary = Accept-Encoding,User-Agent

Keep-Alive = timeout=15, max=100

Connection = Keep-Alive

}

null

Syntax for Viewing Details of a Machine Request

You can use the vRealize Automation REST API catalog service to view the details of a machine request.

Request Status

Typically, the request status information is the most important part of request details. The phase eld corresponds to the status displayed in the Requests tab in the interface. You can rerun this command multiple times to monitor the state of a machine request.

Table 3‑1. Request Phase Status

Phase Description End State?

UNSUBMITTED Request was saved but not submied. No

PENDING_PRE_APPROVAL Request is subject to approval - pre-provisioning approval

required.

IN_PROGRESS Request is in progress, machine is being provisioned. No

PENDING_POST_APPROVAL Request is subject to approval, post-provisioning approval

required.

SUCCESSFUL Request completed successfully. The machine is available

under provisioned resources on the Items tab.

FAILED Request failed. Yes

REJECTED Request approval was rejected and will not complete. Yes

No

Yes

Input

Use the supported input parameters to control the command output.

Parameter Description

URL hps://$host/catalog-service/api/consumer/requests/$requestId

$host Species the host name and fully qualied domain name or IP address of the

vRealize Automation identity server.

VMware, Inc. 47

Programming Guide

Parameter Description

$token Species a valid HTTP bearer token with necessary credentials.

$requestId Species the request ID. See “Syntax for Displaying Your Provisioned Resources,” on