Before starting management through the API, a suitable connection and authentication process must be followed, and then the generated token must be used for further calls.

Table 1. vCloud Director Operations for Connection and Authentication.

Operation

Description

Headers

GET /api/versions

Every cloud has a login URL that a client can obtain by making an unauthenticated GET request to the vCloud Director API/versions URL. The response to this request also lists vCloud API versions that the server supports. Each version of the vCloud API that the server supports has its own login URL. You can find the URL in the LoginUrl element of response.

POST /api/sessions

Authenticates a user and creates a Session object that contains the URLs from which that user can begin browsing.

Users who authenticate to the integrated identity provider use basic HTTP authentication.

If the request is successful, the server returns HTTP response code 200 (OK) and headers that include an authorization header of the form:

x-vcloud-authorization: token

This header must be included in each subsequent vCloud API request.

The Session element returned from a successful login contains one or more URLs from which you can begin browsing.

Authorization: Basic encoded-credentials.

Accept: application/*+xml;version=5.5

All requests must include an HTTP Accept header that designates the vCloud API version that the client supports.

Supply credentials like: user@organization:password

User is the login name.

Organization is the name of an organization of which the user is a member.

Password is the user profile password.

You must supply these credentials in a MIME Base64 encoding.