Token-based Authentication in VCD with PowerCLI
When username and password are not an option.
For all of those who use PowerCLI to automate tasks in VMware Cloud Director (VCD), you may have noticed that the Connect-CIServer cmdlet does not support token-based authentication. Even in most recent versions (PowerCLI 13.3), the only way to authenticate is by providing a username and password1.
This can be is a bit of a nuisance, especially when you want to do some sripting or automate tasks in a CI/CD pipeline.
To overcome this limitation, I created a simple function that allows you to authenticate using a token. It is a mere wrapper of the original Connect-CIServer cmdlet, but adds the ability to hydrate a session with an Access Token.
The Token
In order to use it, first you need to have a valid Access Token.
- Log in to your VCD instance.
- Go to your profile settings.
- Under the API Tokens section, click on Generate Token.
- Copy the token and save it in a secure place.
Keep it safe and warm. It is your key to the kingdom.
The Function
Then, copy the following function to your script or PowerShell profile:
The Miracle
Now we can set Cerberus free and use the Connect-CIServerV2 function to authenticate with the Access Token, like this:
1
Connect-CIServerV2 -Server "vcd.example.com" -Org "MyOrg" -AccessToken "your_access_token"
This function will create a session with the VCD instance and store it in the $global:DefaultCIServers variable, so you can use it in subsequent cmdlets.
I could have added the typical begin{}, process{}, and end{} PowerShell blocks to the function, but I wanted to keep it as simple as possible. Feel free to enhance it as you see fit.
Hope this helps!