• vCenter server is configured with okta as identity provider
• When attempting to sign in with sso to vCenter server, below error is reported after page redirection:
  
  Access Denied. Unable to authenticate the user.
  
  
• The redirected url looks like:
  
  https://<vCenter Server FQDN>/federation/t/CUSTOMER/auth/response/oauth2?state=<state id>&error=invalid_request&error_description=PKCE+code+challenge+is+required

VMware vCenter Server 8.0

Proof Key for Code Exchange(PKCE) is currently not supported when vCenter server is configured with okta authentication.

Disable PKCE for okta authentication to work with vCenter Server.

More information that PKCE needs to be unchecked when enabling okta for vCenter Server, see How to Enable Okta for vCenter Server