Associate an existing tenant with vRealize Automation

If you have created a tenant in VMware Identity Manager, you can associate it with vRealize Automation so that the tenant can use the vRealize Automation product services.

This procedure shows how to associate an existing tenant with vRealize Automation. Before creating the association, you first obtain the ID of the environment in vRealize Automation where the tenant will be assigned.

Prerequisites

Verify that all general prerequisites have been satisfied. See Tenant management using vRealize Suite Lifecycle Manager APIs.
Verify that you have the name of the existing tenant. See Add a tenant.
Verify that you have the following input values required to associate an existing tenant with vRealize Automation:
- The name of the existing tenant. See Add a tenant.
- vidmCludDto Details for the tenant administrator.
Optional input values include:
- migratePreludeOAuthClients Defaults to true. If set to false, existing active directories are not migrated when the tenant is created. For example, set this value to false if you want to associate the tenant with a vRealize Suite product later.
- vidmDclDTO This data transfer object captures directory information such as names and passwords for AD in VMware Identity Manager. Provide this information if you want to add directories in the primary tenant to the tenant that you are creating.

Procedure

List the environments for all installed products.

curl -X GET \
  '$url/lcm/lcops/api/v2/environments' \
  -H 'Authorization: Basic YWRtaW5AbG9jYWw6VGhpc0lzUGFzc3dvcmQ=' \
  -H 'Content-Type: application/json' \
}' | jq "."

Examine the response to locate the environment ID that includes the vRealize Automation product where you want to associate the tenant.

...  
  {
    "environmentId": "vRSSmallImportEnvironment1595601218016",
    "environmentName": "vRS Small Import Environment",
    ...
    },
    "products": [
      {
        "id": "vra",
        "version": "8.0.1",
        "patchHistory": null,
        "snapshotHistory": null,
        "logHistory": null,
        "clusterVIP": null,
...

Associate an existing tenant named new_Tenant with vRealize Automation.

curl -X PUT \
  '$url/lcm/authzn/api/v2/idp/tenants/associate/new_Tenant' \
  -H 'Authorization: Basic YWRtaW5AbG9jYWw6VGhpc0lzUGFzc3dvcmQ=' \
  -H 'Content-Type: application/json' \
  -d '{
    "migratePreludeOAuthClients": true,
    "productsToAssociateWith": [
      {
        "environmentId": "vRSSmallImportEnvironment1595601218016",
        "productId": "vra"
      }
    ],
    "vidmCludDto": {
      "email": "<tenant_admin_email>",
      "familyName": "<tenant_admin_family_name>",
      "givenName": "<tenant_admin_given_name>",
      "password": "<tenant_admin_password>",
      "userName": "<tenant_admin_username>"
    },
    "vidmDclDTO": {
      "adOverLdapDirectories": [
        {
          "directoryBindPassword": "<AD_password>",
          "directoryName": "<AD_name>"
        }
      ],
      "adWithIwaDirectories": [
        {
          "directoryBindPassword": "<AD_bind_password>",
          "directoryName": "<AD_name>",
          "domainAdminPassword": "<AD_admin_password>"
        }
      ]
    }
  }' | jq "."

A snippet of the response provides a request ID that you can use to check the status of the request.

{
  "requestId": "a0d8d8cd-ac87-4b5c-ba8b-7a0173c56b55"
}

Assign the variable for the requestId.

requestId = "a0d8d8cd-ac87-4b5c-ba8b-7a0173c56b55"

Use the requestID to track your request.
```
curl -X GET '$url/lcm/authzn/api/v2/idp/tenants/requests/$requestId' -H 'Authorization: Basic YWRtaW5AbG9jYWw6VGhpc0lzUGFzc3dvcmQ=' | jq "."
```
After the request succeeds, the existing tenant is associated with vRealize Automation and can use the services that the product provides.