Unable to configure IDP(EntraID) in VMware identity broker(VIDB) with OIDC Authentication method

search cancel

Unable to configure IDP(EntraID) in VMware identity broker(VIDB) with OIDC Authentication method

book

Article ID: 411923

calendar_today

Updated On:

Products

VMware Cloud Foundation

Issue/Introduction

Attempts to Configure Microsoft Entra ID as an Identity Provider Using OIDC with VCF 9.x fail on selecting 'Finish' with the following error:

Saving configuration settings failed with the following error: Failed to retrieve OIDC endpoints from configuration url:
https://login.microsoftonline.com/########-####-####-####-##########/v2.0/.well-known/openid-configuration

Testing the connectivity via ssh from a VCF Operations node shows connection failures.

curl -vvv https://login.microsoftonline.com/########-####-####-####-##########/v2.0/.well-known/openid-configuration

Environment

VCF Operations 9.x

Cause

The VCF Operations nodes are unable to reach out to login.microsoftonline.com on port 443.

Resolution

Ensure port 443 is open to login.microsoftonline.com from all the VCF Operations and vIDB nodes.

Additional Information

For further information regarding ports, please see the VMware Ports and Protocols page.

Feedback

thumb_up Yes

thumb_down No