Entra ID Secure token used for SDDC/vCenter Sign Sign On is expired or expiring soon
search cancel

Entra ID Secure token used for SDDC/vCenter Sign Sign On is expired or expiring soon

book

Article ID: 423617

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

Entra ID Secure token used for SDDC/vCenter Sign Sign On is expired or expiring soon. New token is needed to continue connection to the external Identity Provider

Environment

vCenter 7

vCenter 8

SDDC Manager 5.x

Cause

Single Sign On "Secret Token" lifespan is expiring or expired and will cause login issues 

Resolution

  1. Make sure to take offline snapshots of vCenter (all vCenters if Enhance Linked Moded is configured) and/or SDDC manager before making any changes.
  2. Log into SDDC manager/vCenter
  3. Navigate to Administration and click on Single Sign On
  4. In the User Provisioning section for "Secret Token", click on "GENERATE" and then click on copy
    • Please note, in vCenter, the UI will show "regenerate" while the SDDC UI will show "Generate"
  5. On the Entra ID side, navigate to SCIM configuration
  6. Paste the new "Secret Token" that was generated from Step 3
  7. Test the connection to verify it works

Additional Information

Configuring Microsoft Entra ID for vCenter Server

Configure vCenter Server Identity Provider Federation for Microsoft Entra ID

Configure Microsoft Entra ID as the Identity Provider in the SDDC Manager UI

Powered by Wolken Software