After configuring an external identity broker for Single Sign-On (SSO) in VCF Operations, users are unable to complete the login process. When attempting to log in via the SSO option, the page refreshes and redirects back to the login screen without an error message or successful authentication.

VCF Operations 9.0.x

This issue is caused by the presence of non-ASCII characters (such as Cyrillic symbols) within the JSON Web Token (JWT) generated by the VMware Identity Broker (VIDB). If a user’s First Name or Last Name contains these characters, the token becomes incompatible with the VCF Operations authentication header, triggering a refresh loop.

The permanent fix for the issue is coming in upcoming release of VCF Operations.

Workaround:

• Change FirstName and Last name from Cyrillic symbols to Latin for all uses facing the issue.