HPE Developer Community Portal

HPE Dev Mark
HPE Developer

HPE SimpliVity

About the API

Explore the API

Use the API

Authenticating

Manage certificates using PowerShell

Requesting authentication by emergency grant

The emergency grant type functions in a way that is similar to the password grant type. However, this grant type uses the emergency local svtcli account for authentication. This functionality is similar to the --emergency option in CLI commands, and is supported on peer-managed federations.

This grant type is intended for use only when the Hypervisor Management System has become unavailable, and you want to access or restore backups of virtual_machine objects. Using this type of token, clients can only access the following limited set of API operations:

  • GET /hosts
  • GET /omnistack_clusters
  • GET /backups
  • GET /datastores
  • GET /virtual_machines
  • POST /backups/{bkpId}/restore

With this grant type, the REST API does not support sorting and filtering GET requests or querying for optional properties.

Use a curl command like the following to request a token for the HPE OmniStack CLI (svtcli) account from a Virtual Controller with host as the IP address, svtcli as the username, and password as the password:

curl -k https://simplivity@[rest_server_ip]/api/oauth/token -d grant_type=emergency -d
username=svtcli -d password=[password]

Where:

  • rest_server_ip is the IP address of the REST Server.
  • svtcli is the username for the emergency local HPE OmniStack CLI account.
  • password is the password for the emergency local HPE OmniStack CLI (svtcli) account.

You must supply the -k switch due to the use of self-signed certificates. You can import these certificates into your local certificate store.

This call returns a JSON response similar to the following:

{
"access_token":"6f9166c2-bc7f-4cfc-a304-56aadd85e214",
"token_type":"bearer",
"expires_in":86399,
"scope":"read write",
"updated_at":1489421129188
}

Note the value for the access_token in this response. Tokens expire either after ten minutes of inactivity or after 24 hours even with continuous activity. If you pass incorrect credentials, then the client receives a response similar to the following:

{
"error":"invalid_grant",
"error_description":"Invalid credentials"
}

Blog feed

Sign up for the HPE Developer Newsletter

Subscribe Now

Register to one of our Workshops-on-Demand

Register

Join the HPE Developer Slack Community

Join Now

Connect

Platforms

Communities