• SAML logins to tenant fail when using the VMware Cloud Director (VCD) portal's Fully Qualified Domain Name (FQDN) whereas the login is successful when accessing VCD portal using it's IP address
• In Public Addresses, Web Portal URLs were configured to use FQDN whereas API URLs were configured with IP address

VMware Cloud Director

This issue occurs because the API URL in public addresses was set to an IP address, limiting REST API access to IP address only

To resolve this issue, modify API URLs in public addresses with FQDN following instructions provided here  Customize the Public Addresses for VCD appliance