When attempting to schedule a workflow, the operation fails regardless of the starting user defined (API token from the Automation UI, specific User, or personal account).

The following banner error is observed in the external Orchestrator UI:

Failed to schedule workflow. org.springframework.security.authentication.AuthenticationServiceException: Can not login in VMware Cloud Foundation Automation with username and password caused by: Can not login in VMware Cloud Foundation Automation with username and password caused by: 400 Bad Request: " {"error":"invalid_grant","error_description":"Invalid refresh token","error_uri":null,"minorErrorCode":"invalid_grant","message":"Invalid refresh token","stackTrace":null}"

VMware Cloud Foundation Operations Orchestrator 9.x

VMware Cloud Foundation Automation 9.x

The VMware Cloud Foundation Automation certificate is not known to the Orchestrator, causing the authentication validation to fail.

Reconfigure authentication on the Orchestrator to accept the certificate:

1. Generate or locate a provider API Token to be used for the external Orchestrator connection
2. Log in to the Orchestrator shell via SSH
3. Run the following command to set the authentication provider to the VCF Automation host:
   1. vracli vro authentication set -p tm -u SERVICE_PROVIDER_ACCOUNT -hn https://FQDN_VCF_AUTOMATION --tenant ORG_USING_ORCHESTRATOR
   2. Further information: Integrate VCF Operations orchestrator with VCF Automation with All Apps
4. Accept the certificate and paste in the API refresh token