This article addresses intermittent login failures encountered by users in a vIDM  environment utilizing OAuth2 authentication with a load balancer. 

VMware Identity Manager 3.3.7 

The intermittent login failures likely stem from a mismatch between the Vidm Connector hostname configured in the Identity Provider (IdP) and the actual hostname used by the load balancer.

Scenario 1: Single Connector, VIP Address:

Update IdP Configuration:

Ensure the vIDM Connector hostname (e.g., myconnector.mycompany.com) is configured in the IdP for OAuth2 client settings, not the load balancer hostname (e.g., mylb.mycompany.com).

The IdP was configured with the VIP address of the load balancer instead of the individual vIDM Connector hostname.
This can lead to login failures if the user is directed to a vIDM Connector not configured in the IdP.

Scenario 2: Multiple Connectors, Single Connector Added:

Add All Connectors to IdP (if applicable):
If your environment utilizes multiple vIDM Connectors behind the load balancer, verify that all connectors are registered in the IdP for OAuth2 client settings. This ensures users can be directed to any available connector for authentication.

How to add the connector to IDP:Install Additional Connector Instances

The provided information suggests that initially only one connector was added to the IdP with the VIP address. This configuration can cause login failures for users directed to non-configured connectors.