[VCDR] Unable to add the API token to VCDR in MSP environment.
Article ID: 327156
Updated On:
Products
VMware Live Recovery
VMware Cloud on AWS
Issue/Introduction
In the MSP environment, the following error message is displayed when you try to add an API token to VCDR for tenant organization.
Error message :
API token is not scoped to this organization.
This article provides the causes and countermeasures for this issue.
Error message :
API token is not scoped to this organization.
This article provides the causes and countermeasures for this issue.
Resolution
This issue is caused by an attempt to add an API token of a user who does not have the appropriate role in the target tenant organization.
Please refer to the following information and add the API token of a user with the appropriate role to the VCDR, and check whether this issue cab be resolved.
1. To use VCDR, it is usually necessary to create an API token as a user with the following roles as per the relevant document .
2. Currently, in the VMware Cloud Partner Navigator console used by MSPs, "Organization Owner" cannot be specified on the tenant user role edit screen.
3. The "Organization Owner" role in a tenant organization falls under both of the following roles.
4. Please create a user with the Provider Administrator or Provider Account Administrator role in Provider organization from the location below, and add the user to the target tenant organization.
5. In the following location, please click on the ">>" mark to the left of the user name set in step 4 above, and confirm that the Organization Owner role is displayed in Organization Roles.
6. If the Organization Owner is successfully displayed in step 5 above, please add the API token of the relevant user to the VCDR and confirm whether this issue can be resolved.
Please refer to the following information and add the API token of a user with the appropriate role to the VCDR, and check whether this issue cab be resolved.
1. To use VCDR, it is usually necessary to create an API token as a user with the following roles as per the relevant document .
- Organization Role:
- Organization Owner
- Service Roles:
- VMware Cloud on AWS Administrator
- VMware Cloud on AWS NSX Cloud Admin
2. Currently, in the VMware Cloud Partner Navigator console used by MSPs, "Organization Owner" cannot be specified on the tenant user role edit screen.
- VMware Cloud Partner Navigator > Customer Management > Target Tenant Org > Identity & Access Management > Active Users > EDIT ROLES
- Organization Administrator
- Organization Member
3. The "Organization Owner" role in a tenant organization falls under both of the following roles.
- Provider Administrator
- Provider Account Administrator
4. Please create a user with the Provider Administrator or Provider Account Administrator role in Provider organization from the location below, and add the user to the target tenant organization.
- VMware Cloud Partner Navigator > Identity & Access Management > Active Users
- Provider Administrator
- Provider Account Administrator
5. In the following location, please click on the ">>" mark to the left of the user name set in step 4 above, and confirm that the Organization Owner role is displayed in Organization Roles.
- VMware Cloud Partner Navigator > Customer Management > Target Tenant Org > Identity & Access Management > Active Users
- Organization Owner
6. If the Organization Owner is successfully displayed in step 5 above, please add the API token of the relevant user to the VCDR and confirm whether this issue can be resolved.
Additional Information
Feedback
Yes
No
Powered by
