We have a catalog with user inputs like Yes/No. Based on those inputs, automation workflow call back to Morpheus APIs and trigger automation tasks/workflows into provisioned instances.
We would like to use this catalog for all sub-tenants. In that case, we need to use respective sub-tenant’s credential to get token and discover VM instances which are belong to the sub-tenant. After that, perform some automation tasks.
How we can use dynamic type or using variables to get Authentication token in multi-tenant unless we use common username and password for each tenant.
One option if the users have the rights to perform the automation tasks would be to use the variable <%=morpheus.apiAccessToken%> this will generate a short lived morph-automation token for that user that can then be used in your scripts. Another option could be to use Cyphers and call the Cypher from your script.
I assume that this variable will generate token depends on tenant Id, username right? So, automation task can execute on tenant’s instances.
For Cypher, I firstly need to generate token from respective tenants and then store in cypher which will be static value. But, I am looking dynamic values. So, automation workflow can execute by all sub-tenants on their instances.
Using the variable <%=morpheus.apiAccessToken%> will generate the token for the user that is running the task. So if this is being executed by user y in tenant y then the token will be for user y in tenant y and run as that user.
For cyphers, yes you would still need to have a user and have a process to gen and save the creds to cypher, but then you could call it from cypher using dynamic vaules like <%=cypher.read(‘secret/’ + ‘AWS’ + customOptions.GroupId + ‘accountname’)%>