The vCenter Single Sign-On Server treats Orchestrator as a solution, and every solution is registered with a unique user name with the vCenter Single Sign-On Server. To be able to request a delegate holder-of-key token for Orchestrator from the vCenter Single Sign-On Server, you need the solution user name of Orchestrator.

Before you begin

Verify that you have a valid principal holder-of-key token that the vCenter Single Sign-On Server issued.

Procedure

  1. Make a GET request at the URL of the solution user name of Orchestrator:
    GET https://{orchestrator_host}:{port}/vco/api/users/
  2. Provide your principal holder-of-key token in the Authorization header of the request.

Results

The <user solution-user="OrchestratorSolutionUserName"/> element of the response contains the solution user name of Orchestrator. The following is an example of a solution user name of Orchestrator.

<user xmlns="http://www.vmware.com/vco" solution-user="Orchestrator-133acc26ff78e5695b102146326" admin-rights="true"/>

What to do next

Use the solution user name of Orchestrator and your principal holder-of-key token to request a delegate holder-of-key token from the vCenter Single Sign-On Server.