• After upgrading to vCenter 8.0 U3h (or newer), previous methods used for API authentication are now failing.
• A username and password login by API or UI might bypass federation policies such as Multi-Factor Authentication (MFA) or Geofencing
• Prior to the upgrade, two identity sources were configured: a legacy provider and the Microsoft ADFS Identity Provider.

In previous versions, API authentication bypassed the Microsoft ADFS Identity Provider requirements, defaulting to the legacy provider instead. 

This is a condition that may occur in a VMware vCenter environment.

Workaround:

You will need to meet the authentication requirements for your Microsoft ADFS Identity Provider.