Skip to content

Horizon Cloud Service

Horizon Cloud

What is the Horizon Cloud Service

Horizon Cloud is a modern cloud-first, multi-cloud Desktop as a Service (DaaS) deployment with Thin Edge Infrastructure. The service provides you with a global view of your desktops and applications spanning across on-premises and cloud environments. Regardless of the location of your desktop and application deployments, Horizon Cloud enables you to consistently manage and monitor them.

Onboarding Customer to Data Center (HDC)

Once you receive your Cloud Services Portal (CSP) invitation link in the email, please redeem it by clicking on the url. If you have not received an email, please reach out to VMWare.

  • Login to CSP (https://connect.omnissa.com).
  • You have an option to create to use an existing CSP organization or create a new one to onboard to Horizon Cloud Services.
  • As an organization owner, you need to go to "Identity & Access Management" and edit the existing user to add the Administrator role. Customers may add more users and assign the role above. The Administrator role is required to access the entire UI and API.

All API calls need a bearer token generated from an API token. Follow these steps to get your API token.

  • Go to your account and API Tokens tab.
  • Click on Generate a New API TOKEN link. Provide a name for the API token and keep the defaults.
  • Save the API token information and keep it handy.

General API Notes

Authentication

Important

Please take a note of below two steps. The same authentication scheme ("Authorization: Bearer") is required for all API calls

Obtain a CSP Access Token

Login to CSP Portal and obtain either
  • CSP Org ID Take the 'Long Organization ID' from the 'View Organization' page in CSP

OR

  • CSP oAuth Application ID and oAuth Application secret

These can be found when originally creating the OAuth App within your Organization page, or can be regenerated from the same area.

Note

OAuth App should have the Horizon Cloud Service listed as a Service Role

Create a CSP API Token

See the previous section for details about creating an API Token. All API calls require authentication using an Access Token.

Obtain an Access Token

Choose one of the following methods:

To obtain an Access Token by using a CSP API Token

One authentication scheme is to use an "Access Token", which is obtained by making an API call that takes your API Token as input, and returns an Access Token. This Access Token is then supplied as a bearer token in an "Authentication" header with every API request. All the following steps will assume this authentication header, it will not be explicitly mentioned each time.

Note {csp-url} value will typically be https://connect.omnissa.com

  POST https://{csp-url}/csp/gateway/am/api/auth/api-tokens/authorize
  Headers:      Content-Type : application/x-www-form-urlencoded
  Request Body: refresh_token : {YOUR-API-TOKEN-FROM-GETTING-STARTED-STEP-2}
  Response:
  {
    "id_token": {id-token-value},
    "token_type": "bearer",
    "expires_in": 1799,
    "scope": "scope.....{snippet}",
    "access_token": "{access-token-value}",
    "refresh_token": "{refresh-token-value}"
  }

An example using curl:

  curl --request POST '{csp-host}/csp/gateway/am/api/auth/api-tokens/authorize'  \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --data-urlencode 'refresh_token={api-token-from-CSP}'

Take a note of the {access-token-value}. This is what you will use in a header for all subsequent API calls.

  Authentication : Bearer {access-token-value}
To obtain an Access Token by using a CSP OAuth application

Obtain the Access Token by using the CSP oAuth credentials.

  POST https://{csp-url}/csp/gateway/am/api/auth/authorize
  Headers:        Content-type: application/x-www-form-urlencoded
  Authorization:  Basic
  Username:       {oAuth_Application_ID}
  Password:       {oAuth_Application_secret}
  Body:           grant_type : client_credentials

Response: 200 OK

{
  "id_token": null,
  "token_type": "bearer",
  "expires_in": 1799,
  "scope": "scope.....{snippet}",
    "access_token": "{access-token-value}",
    "refresh_token": "{refresh-token-value}"
}

Take a note of the {access-token-value}. This is what you will use in a header for all subsequent API calls.

Authentication : Bearer {access-token-value}