This is just a very short post about the problems I was facing while trying to configure SSO on NSX Manager using the API.
The NSX API documentation contains following:
<ssoconfig> <ssoLookupServiceUrl></ssoLookupServiceUrl> <ssoAdminUsername></ssoAdminUsername> <ssoAdminUserpassword></ssoAdminUserpassword> </ssoConfig>
While testing with this call I always got a http error 403 back. However the credentials used to authenticate against NSX Manager API and the ssoAdminUsername with ssoAdminUserpassword were 100% correct.
Finally I was able to figure it out. You can change the Request Body slightly:
<ssoconfig> <ssoLookupServiceUrl></ssoLookupServiceUrl> <ssoAdminUsername></ssoAdminUsername> <ssoAdminUserpassword></ssoAdminUserpassword> <certificateThumbprint></certificateThumbprint> </ssoConfig>
Just fill the certificateThumprint with the SSO certificate thumbprint. Btw. the ssoLookupServiceUrl should look like https://[SSO server]:[SSO port]/lookupservice/sdk.
This has been tested on NSX Version 6.1.3 Build 2591148. This has not been verified/documented by VMware yet.
Hope this helps you to avoid some Troubleshooting time. Any suggestions and feedback welcome!
Leave a Reply