- Rajeshkumar M
vIDM local user creation without email activation using API
When creating local user in VMware Identity Manager(vIDM) the activation link will be send to the email ID. I had VIDM with no SMTP configured so I used API to create a local user in VIDM without email activation. You can refer below API call which I used to create local user in VIDM without email activation.
Python Script
import requests
import json
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
vidmFQDN = "vidm.domain.local"
vidmUser = "admin"
vidmPass ="password"
userName = "localuser01"
userPass = "password"
familyName = "localuser01"
givenName = "loacluser01"
email = "localuser@domain.local"
url = "https://{}/SAAS/API/1.0/REST/auth/system/login".format(vidmFQDN)
payload = '{{"username":"{}","password":"{}","issueToken":"true"}}'.format(vidmUser, vidmPass)
headers ={"accept":"application/json","Content-Type":"application/json"}
response = requests.request("POST", url, data=payload, headers=headers, verify=False)
session_token=response.json()['sessionToken']
jsonContents ="""{
"emails": [
{
"value": "useremail"
}
],
"name": {
"familyName": "userfamilyname",
"givenName": "usergivenname"
},
"password": "userpassword",
"schemas": [
"urn:scim:schemas:core:1.0",
"urn:scim:schemas:extension:workspace:1.0"
],
"urn:scim:schemas:extension:workspace:1.0": {
"domain": "System Domain"
},
"userName": "userid"
}"""
jsonContents = jsonContents.replace('useremail',email)
jsonContents = jsonContents.replace('userfamilyname',familyName)
jsonContents = jsonContents.replace('usergivenname',givenName)
jsonContents = jsonContents.replace('userpassword',userPass)
jsonContents = jsonContents.replace('userid',userName)
url = "https://{}/SAAS/jersey/manager/api/scim/Users".format(vidmFQDN)
headers = {
'Authorization': 'Bearer '+session_token,
'Content-Type': 'application/json',
'accept': 'application/json'
}
jsonData = json.loads(jsonContents)
response = requests.request("POST", url, data=jsonContents, headers=headers, verify=False)
print(response.json())Shell Script
if you would like to use shell script instead python, please refer this. The API can be called from any Linux machine with jq installed, I used my vRA appliance to call this API.
vidmfqdn="vidm.corp.local"
echo “-----Get session token from the authentication information provide in data.json------”
session_token=$(curl -k -s -X POST https://$vidmfqdn/SAAS/API/1.0/REST/auth/system/login -H "content-type: application/json" -H "Accept: application/json" -d @data.json | jq -r '.sessionToken')
echo “------------Create user using the information provided in userinfo.json token-----------”
curl -k https://vidm.corp.local/SAAS/jersey/manager/api/scim/Users -X POST -d '@userinfo.json' \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "Authorization: Bearer $session_token"The payload json used in the api call
data.json
{
"username": "admin",
"password": "password",
"issueToken": "true"
}Userinfo.json
{
"emails": [
{
"value": "testing01@corp.local"
}
],
"name": {
"familyName": "testing01",
"givenName": "01"
},
"password": "VMware123",
"schemas": [
"urn:scim:schemas:core:1.0",
"urn:scim:schemas:extension:workspace:1.0"
],
"urn:scim:schemas:extension:workspace:1.0": {
"domain": "System Domain"
},
"userName": "testing0101"
}