System and method for establishing trust between multiple management entities with different authentication mechanisms

What is claimed is: 1. A computer-implemented method for establishing trust between management entities with different authentication mechanisms in a computing system, the method comprising: setting an endpoint at a first management entity as an authentication endpoint for a second management entity, wherein the first management entity uses a first token-based authentication mechanism and the second management entity uses a second token-based authentication mechanism; creating a first account in the first management entity and a corresponding second account in the second management entity; acquiring a first security token at the first management entity using the first account to access the second management entity; acquiring a second security token from a token exchange service at the first management entity in exchange for the first security token; sending a request with the second security token from the first management entity to the second management entity using the corresponding second account; in response to the request, retrieving a public key from the first management entity by the second management entity using the authentication endpoint; validating the second security token using the public key at the second management entity; after validating the second security token, processing the request at the second management entity; and after processing the request, sending a response to the request back to the first management entity from the second management entity. 2. The method of claim 1 , wherein acquiring the first security token at the first management entity includes acquiring a security assertion markup language (SAML) token for a user identification for the first account at the first management entity to access the second management entity. 3. The method of claim 2 , wherein acquiring the second security token from the token exchange service at the first management entity includes acquiring a JavaScript Object Notation (JSON) Web Token (JWT) token from the token exchange service at the first management entity in exchange for the SAML token. 4. The method of claim 1 , wherein setting the endpoint at the first management entity as the authentication endpoint for the second management entity includes setting the endpoint at the first management entity as an OpenID connect (OIDC) endpoint for the second management entity. 5. The method of claim 4 , wherein retrieving the public key from the first management entity by the second management entity using the authentication endpoint includes retrieving an OIDC public key from the first management entity by the second management entity using the OIDC endpoint. 6. The method of claim 1 , further comprising registering the second management entity with a lookup service of the first management entity as a service to connect with the first management entity and requesting an endpoint of the second management entity from the lookup service to send the request to the second management entity from the first management entity. 7. The method of claim 1 , further comprising restricting access to the second management entity using credentials, and after validating the second security token, authorizing the request using the credentials at the second management entity. 8. The method of claim 1 , further comprising: registering the second management entity with the first management entity as an extension of the first management entity; and registering the first management entity with the second management entity as a compute manager of the second management entity. 9. A non-transitory computer-readable storage medium containing program instructions for establishing trust between management entities with different authentication mechanisms in a computing system, wherein execution of the program instructions by one or more processors of a computer system causes the one or more processors to perform steps comprising: setting an endpoint at a first management entity as an authentication endpoint for a second management entity, wherein the first management entity uses a first token-based authentication mechanism and the second management entity uses a second token-based authentication mechanism; creating a first account in the first management entity and a corresponding second account in the second management entity; acquiring a first security token at the first management entity using the first account to access the second management entity; acquiring a second security token from a token exchange service at the first management entity in exchange for the first security token; sending a request with the second security token from the first management entity to the second management entity using the second account; in response to the request, retrieving a public key from the first management entity by the second management entity using the authentication endpoint; validating the second security token using the public key at the second management entity; after validating the second security token, processing the request at the second management entity; and after processing the request, sending a response to the request back to the first management entity from the second management entity. 10. The non-transitory computer-readable storage medium of claim 9 , wherein acquiring the first security token at the first management entity includes acquiring a security assertion markup language (SAML) token for a user identification for the first account at the first management entity to access the second management entity. 11. The non-transitory computer-readable storage medium of claim 10 , wherein acquiring the second security token from the token exchange service at the first management entity includes acquiring a JavaScript Object Notation (JSON) Web Token (JWT) token from the token exchange service at the first management entity in exchange for the SAML token. 12. The non-transitory computer-readable storage medium of claim 9 , wherein setting the endpoint at the first management entity as the authentication endpoint for the second management entity includes setting the endpoint at the first management entity as an OpenID connect (OIDC) endpoint for the second management entity. 13. The non-transitory computer-readable storage medium of claim 12 , wherein retrieving the public key from the first management entity by the second management entity using the authentication endpoint includes retrieving an OIDC public key from the first management entity by the second management entity using the OIDC endpoint. 14. The non-transitory computer-readable storage medium of claim 9 , wherein the steps further comprise registering the second management entity with a lookup service of the first management entity as a service to connect with the first management entity and requesting an endpoint of the second management entity from the lookup service to send the request to the second management entity from the first management entity. 15. The non-transitory computer-readable storage medium of claim 9 , wherein the steps further comprise restricting access to the second management entity using credentials, and after validating the second security token, authorizing the request using the credentials at the second management entity. 16. The non-transitory computer-readable storage medium of claim 9 , wherein the steps further comprise: registering the second management entity with the first management entity as an extension of the first management entity; and registering the first management entity with the second management entity as a compute manager of the second