Unable to log in to Operations for Networks with VCF SSO when using group-based access

search cancel

Unable to log in to Operations for Networks with VCF SSO when using group-based access

book

Article ID: 417060

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

When authenticating to Operations for Networks via VCF SSO, login fails if access is granted through a group. The ID token does not include the name claim (name / display name), and login succeeds only if the user is added directly.

Environment

VCF Operations 9.0

VCF Operations 9.0.1

VCF Operations for Network 9.0

VCF Operations for Network 9.0.1

Cause

Operations for Networks SSO expects the name claim in the ID token; with group-based assignment, the name (display name) claim isn’t present, causing login to fail.

Resolution

Workaround
- Add affected users directly from the user accounts page (do not rely on the group) so they can log in.
Fix status
- Planned fix in VCF Operations 9.0.2. Version is subject to change. Subscribe to this knowledge article to get updates on this issue.

Additional Information

Subscribe to this knowledge article to get updates on this issue.

Feedback

thumb_up Yes

thumb_down No