If you deployed VMware Live Cyber Recovery before August 2024, and your API token expires, you might need to create an API token in the VMware Cloud console for service access.
Prior to August 2024, VMware Live Cyber Recovery used API tokens to authorize service access for your organization. After August 2024, VMware Live Cyber Recovery now uses OAuth 2.0 apps to authorize access to VMware Cloud Services and VMware Cloud on AWS.
If you are waiting to be upgraded to the latest version of VMware Live Cyber Recovery and your API token expires, you will need to create a new API token until you are upgraded. AFter you are upgraded, when the API token expires, it will be replaced automatically with new OAuth apps used for authorizing access.
After you create the API token, you can add the API token to the VMware Live Cyber Recovery UI.
When you create an API token, you define its scope of permissions by assigning specific organization roles and service roles. For VMware Live Cyber Recovery, scope the following roles to the API token.
- Organization Role: Organization Owner
- Service Roles:
- VMware Cloud on AWS Administrator
- VMware Cloud on AWS NSX Cloud Admin
The maximum lifespan of a VMware Cloud Services API token is 60 months, after which you must regenerate a new token and configure it inside of VMware Live Cyber Recovery. If you do not regenerate a new token when the old one expires, the product features cannot function. The best practice in this case is to create an API token with the longest Time To Live (TTL) possible, to avoid service interruption.
