Symptoms: 

• Unable to log in to the SRM UI with ADFS two-factor authentication 
  
  
• SRM does not support two-factor authentication in ADFS, but it works with administrator@vsphere.local
  
  
• When the vCenter username and password are entered to log into vSphere Client, the user is redirected to a custom authentication page where a passcode is entered, or it sends a push to a mobile device to complete the login. This works fine for vCenter logins but when fails for  Site Recovery UI.
  
  
• This only happens with AD accounts, but it works fine with vSphere.local accounts (as these are not redirected for the additional security check).
  
  
• When Site Recovery UI is accessed via the plugin in vCenter, SRM UI does not accept auto login of domain accounts when ADFS/Azure AD is configured. However, manual login works with the same account. The issue is not seen when AD over LDAP/s is configured.

vCenter Server Appliance 7.x
vCenter Server Application 8.x

VMware Site Recovery Manager 8.x
VMware Site Recovery Manager 9.x

Site recovery UI does not support ADFS/Azure AD for non-VMC environments.

This is working as designed. Currently, SRM does not support ADFS/Azure two-factor authentication or configuring SRM with external OAuth2/Identity Providers (IDPs).

Due to the current limitation on SRM UI, a feature request (https://vcf.ideas.aha.io/portal_session/new)  has to be raised (Or vote on the idea if it's already raised by other customers example: VCF-I-2187 : Integrate SRM with External Identity providers ), so that engineering can review this feature for a future release.