The vAPI endpoint provides a single point of access to vAPI services. You can change the properties of the vAPI Endpoint service.
|[default] endpoint maximum number of execution threads||300||The maximum number of execution threads for the vAPI endpoint.|
|[default] endpoint minimum number of spare threads||10||The minimum number of threads that are always kept alive for the vAPI endpoint.|
|[default] endpoint queue size||50||The maximum number of tasks that can queue up for the vAPI endpoint.|
|[router] Broadcast execution timeout||30||The duration after which vAPI broadcast routing queries time out, measured in seconds.|
|[router] Federated IS queries timeout||30||Timeout of federated inventory service queries, measured in seconds.|
|[router] Maximum size of the in-memory cache||10||The maximum size of the identifier cache that is used for routing vAPI calls between management nodes. Measured in megabytes.|
|[router] Number of broadcast timeout threads||3||The number of threads that handle vAPI broadcast time outs.|
|[router] Number of control threads for federated IS queries||10||The number of threads that control the federated Inventory Service queries for vAPI routing.|
|[router] Number of execution threads for federated IS queries||20||The number of threads that perform the federated Inventory Service queries for vAPI routing.|
|Bearer token usage allowance||Enabled||You can use Bearer SAML tokens in addition to Holder of Key (HoK) tokens.
Bearer tokens do not have cryptographic verification of the client identity. Their security is sufficient only when used over a secure encrypted connection.
|CloudVM Components||authz,com.vmware.cis,com.vmware.content, com.vmware.transfer,com.vmware.vapi,com.vmware.vapi.rest.navigation, com.vmware.vapi.vcenter,com.vmware.vcenter.inventory||A comma-separated list of VMware components that require the use of identifiers. Identifiers must be qualified with a management node ID.
The list must not contain spaces.
Caution: Editing the list might result in system failures. Edit this setting only as part of VMware maintenance procedure.
|Cookie authentication||Enabled||Enables or disables cookie authentication. If you enable the cookie authentication, the session ID is returned in cookie. If you disable it, the cookie is returned in the header.|
|Credentials login allowance||Enabled||vAPI users can authenticate with a user name and password in addition to using a SAML token.|
|Enables REST basic authentication||Enabled||Enables login service for simple authentication with user name and password.|
|Maximum allowed request size||204800||The maximum allowed request size, measured in bytes. Set to 0 to disable.|
|Maximum number of in-flight requests.||2000||The maximum allowed number of in-flight requests. Set to 0 to disable.
Note: In-flight requests take up memory. If you increase this setting, you must increase the memory of the endpoint component.
|Maximum number of simultaneous connections to the VIM service||10||The max number of simultaneous connections allowed to the VIM service.|
|Maximum request age||14400||The maximum request age in seconds.|
|Maximum session count||1000||The maximum number of allowed sessions. If you leave the value empty, the maximum number of sessions allowed is 10,000.|
|Maximum session idle time||3600000||The maximum time between requests that a session can remain idle, measured in milliseconds.|
|Maximum session lifespan||172800000||The maximum session lifespan, measured in milliseconds. Used to capture long sessions.|
|Minimum session lifespan||86400000||Minimum session lifespan in milliseconds, used for renewable tokens.|
|Reconfiguration interval||240||Interval between reconfiguration attempts, measured in seconds.|
|Request rate for anonymous calls||3000||Maximum request rate for anonymous calls. Set to 0 to disable.|
|Request rate for authorized requests||3800||Maximum request rate for authorized calls. Set to 0 to disable.|
|Request rate interval for anonymous calls||60||Request rate interval for anonymous calls, measured in seconds. This is the time frame in which only request rates for anonymous calls are allowed.
Set to 0 to disable.
Note: The vAPI endpoint limits the number of incoming requests to Request rate for anonymous calls per Request rate interval for anonymous calls. For example if the rate is set to 50 seconds and interval is set to 60 seconds, the system allows up to 50 calls per minute.
Any calls exceeding the limit return a server busy error.
|Request rate interval for authorized calls||60||The request rate interval for authorized calls, measured in seconds. This is the time frame in which only http.authorized.request.rate.count authorized requests are allowed. Set to 0 to disable.|
|The socket timeout||0||The socket timeout (SO_TIMEOUT), measured in milliseconds, that is used when executing a method. A timeout value of 0 is interpreted as an infinite timeout.|
|Timeout for the HTTP connections to vAPI providers||300000||Timeout for the HTTP connections to vAPI providers, measured in milliseconds.|
|Token clock tolerance||1000||Clock tolerance for authentication tokens, measured in seconds.|
|URL Deserialization (POST-as-GET)||Enabled||Enables or disables URL deserialization (POST-as-GET).|
|vAPI Endpoint solution user||Generated at the time of installation||vAPI Endpoint solution user.
Caution: Do not modify this value. Changing only this setting without updating the related settings, might lead to a failure of the component.