Receiving error Access Denied Access denied. Unable to authenticate the user when logging into vCenter with Entra ID account that was configured through VIDB

search cancel

Receiving error Access Denied Access denied. Unable to authenticate the user when logging into vCenter with Entra ID account that was configured through VIDB

book

Article ID: 408820

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

Configured Entra ID with VIDB and when logging into vCenter receive the error "Access Denied Access denied. Unable to authenticate the user"
Applying the steps in kb "Access Denied. Unable to authenticate the user." error while logging in to the vCenter server does not resolve the issue
Applying the steps in kb Microsoft Entra ID Authentication Fails with "Access denied. Unable to authenticate the user." also does not resolve the issue
Login entry is visible when checking Entra

Environment

VCF 9.0 Identity Broker

Cause

Unique Identifier in OIDC Identity Provider was set to use email while scim push ExternalId attribute was mapped to objectId(oid). This results in login failure.

Resolution

Update the "Unique Identifier in OIDC Identity Provider" to oid as EntraId provides objectid in oid claim in the id token.

Feedback

thumb_up Yes

thumb_down No