Retrieving password using locker API in VCF 9.0 for Management Components

Retrieving Password from Locker

Step 1: Generate API Token

To generate an API token, you can use either the VCF Operations Fleet Management appliance  logging into the shell as a root user or any Base64 encoding tool.

Encode your credentials in the following format:

echo 'admin@local:youradminatlocalpassword' | base64

Copy the resulting Base64-encoded string. This will be used for authorization.

Step 2: Authenticate via Swagger UI

1. Open the API documentation in your browser: 

https://<vcf-operations-fleet-mgmt>/api/swagger-ui/index.html

2. Navigate to VCF Operations → Developer Central → Fleet Management API → API Documentation.

3. In the Swagger UI, locate the API Token section. When prompted for authorization, enter the following format in the input field:

Basic <Base64-encoded credentials>

4.  Replace <Base64-encoded credentials> with the string you copied in Step 1.

5. Click Authorize to authenticate and begin executing API requests.

Step 3: Retrieve Passwords from Locker

1. Firstly let’s retrieve all passwords from the locker. So that we can use leverage the VMID out of the response and then retrieve specific password

           GET https://vcf-operations-fleetmanagement-appliance-fqdn/lcm/locker/api/passwords

2. Above API will return response with the paginated list of passwords

[

  {

    "alias": "Default Password for vCenters",

    "createdOn": 1605791587373,

    "lastUpdatedOn": 1605791587373,

    "password": "PASSWORD****",

    "passwordDescription": "This password is being used for all my vCenters",

    "principal": "string",

    "referenced": true,

    "tenant": "string",

    "transactionId": "string",

    "userName": "administrator@vsphere.local",

    "vmid": "6c9fca27-678d-4e79-9a0f-5f690735e67c"

  }

]

3. Now retrieve the password by using the root password of VCF Operations fleet management appliance. Fetch the VMID of the password from the 

POST https://vcf-operations-fleetmanmagement-appliance-fqdn/lcm/locker/api/passwords/view/{vmid}

The Body should be

{\"rootPassword\":\"V*********!\"}

The response of the previous call will retrieve the password needed.