Create an org group in Tanzu Hub may fails with the below error:

Create Org Group 'org-group-02' failed at 2026-05-07 09:26:06 because of Org Group creation failed for 'org-group-02': Failed to create organization 'org-group-02' in all 1 foundations. Errors: foundation-core.cloud.vmw: [Failed to perform token exchange: Response code 401 (Unauthorized) (UAA endpoint: https://login.tp-sys.#####.###)] 

Tanzu HUB

This issue is only experienced on foundations that are utilising the internal user store.

Typically, foundations and Hubs configured to use an Identity Provider (IDP) will not encounter this problem because the users originate from a common source.

The user responsible for creating the org-group in Hub must also be present in EAR UAA. If you are using the tanzu_platform_admin user, you can create it as follows:

$ cf create-user tanzu_platform_admin <password>
$ uaac target <EAR UAA>
$ uaac token client get admin -s <Secret>
$ uaac member add cloud_controller.admin tanzu_platform_admin
$ uaac member add uaa.admin tanzu_platform_admin
$ uaac member add scim.read tanzu_platform_admin
$ uaac member add scim.write tanzu_platform_admin

There may be a connectivity issue between the EAR UAA VM and the Tanzu Hub.

For further information, please refer to the following Knowledge Base: 

https://knowledge.broadcom.com/external/article/437379/tanzu-hub-failed-to-create-the-organizat.html