[VCDR] Unable to add the API token to VCDR in MSP environment.
search cancel

[VCDR] Unable to add the API token to VCDR in MSP environment.

book

Article ID: 327156

calendar_today

Updated On:

Products

VMware Live Recovery VMware Cloud on AWS

Issue/Introduction

In the MSP environment, the following error message is displayed when you try to add an API token to VCDR for tenant organization.

Error message :

API token is not scoped to this organization.

This article provides the causes and countermeasures for this issue.


Resolution

This issue is caused by an attempt to add an API token of a user who does not have the appropriate role in the target tenant organization.
Please refer to the following information and add the API token of a user with the appropriate role to the VCDR, and check whether this issue cab be resolved.


1. To use VCDR, it is usually necessary to create an API token as a user with the following
roles as per the relevant document .
  • Organization Role: 
    • Organization Owner
 
  • Service Roles:
    • VMware Cloud on AWS Administrator
    • VMware Cloud on AWS NSX Cloud Admin

2. Currently, in the VMware Cloud Partner Navigator console used by MSPs, "Organization Owner" cannot be specified on the tenant user role edit screen.
  • VMware Cloud Partner Navigator > Customer Management > Target Tenant Org > Identity & Access Management > Active Users > EDIT ROLES
    • Organization Administrator
    • Organization Member

3. The "Organization Owner" role in a tenant organization falls under both of the following roles.
  • Provider Administrator
  • Provider Account Administrator

4. Please create a user with the Provider Administrator or Provider Account Administrator role in Provider organization from the location below, and add the user to the target tenant organization.
  • VMware Cloud Partner Navigator > Identity & Access Management > Active Users
    • Provider Administrator
    • Provider Account Administrator

5. In the following location, please click on the ">>" mark to the left of the user name set in step 4 above, and confirm that the Organization Owner role is displayed in Organization Roles.
  • VMware Cloud Partner Navigator > Customer Management > Target Tenant Org > Identity & Access Management > Active Users
    • Organization Owner

6. If the Organization Owner is successfully displayed in step 5 above, please add the API token of the relevant user to the VCDR and confirm whether this issue can be resolved.

Additional Information

Create an API Token
Add the API Token
Cloud Services Provider roles and permissions