Unable to add the API token to VMware Live Cyber Recovery in MSP environment.
search cancel

Unable to add the API token to VMware Live Cyber Recovery in MSP environment.

book

Article ID: 327156

calendar_today

Updated On:

Products

VMware Live Recovery VMware Cloud on AWS

Issue/Introduction

In the MSP environment, the following error message is displayed when you try to add an API token to VLCR  for tenant organization.

Error message :
API token is not scoped to this organization.



 

Environment

VMware Live Cyber Recovery 7.26.x and older

Resolution

Note: Use of API token to authorize service access to the Organization is a legacy process and is only applicable for deployments before to August 2024. 

This issue is caused by an attempt to add an API token of a user who does not have the appropriate role in the target tenant organization.
Please refer to the following information and add the API token of a user with the appropriate role to the VLCR.


1. To use VLCR, it is necessary to create an API token of a user with the following roles as per the Create API Token Document .

  • Organization Role: 
    • Organization Owner

 

  • Service Roles:
    • VMware Cloud on AWS Administrator
    • VMware Cloud on AWS NSX Cloud Admin


2. Currently, in the VMware Cloud Partner Navigator console used by MSPs, "Organization Owner" cannot be specified on the tenant user role edit screen.

  • VMware Cloud Partner Navigator > Customer Management > Target Tenant Org > Identity & Access Management > Active Users > EDIT ROLES
    • Organization Administrator
    • Organization Member


3. The "Organization Owner" role in a tenant organization falls under both of the following roles.

  • Provider Administrator
  • Provider Account Administrator


4. Please create a user with the Provider Administrator or Provider Account Administrator role in Provider organization from the location below, and add the user to the target tenant organization.

  • VMware Cloud Partner Navigator > Identity & Access Management > Active Users
    • Provider Administrator
    • Provider Account Administrator


5. In the following location, please click on the ">>" mark to the left of the user name set in step 4 above, and confirm that the Organization Owner role is displayed in Organization Roles.

  • VMware Cloud Partner Navigator > Customer Management > Target Tenant Org > Identity & Access Management > Active Users
    • Organization Owner


6. If the Organization Owner is successfully displayed in step 5, please add the API token of the relevant user to the VLCR.

Additional Information

Powered by Wolken Software