When navigating to Foundations > Manage in Tanzu Hub v10.4, administrators may encounter issues where installed or available capabilities are not displayed, or the ability to import capabilities is disabled. This typically occurs even when the user has Global Admin permissions in Hub.

Tanzu Hub v10.4

Tanzu Hub v10.4 introduces new management features that interact directly with Ops Manager via a foundation proxy tunnel. This functionality relies on a successful token exchange between Hub and the foundation's UAA service.

For the token exchange to succeed, the authenticated Hub user must also exist within the foundation's identity context with matching credentials (email/IDP).

For existing foundations (Auto/Manual Attach):

If the foundation and Hub use different external IdP or if the user accounts are not synchronised, it cannot verify the user identity, preventing the live fetching of capability data.
Vended foundations default to a local internal admin user. If the Hub user attempting to manage the foundation does not have a matching email address/account within that vended foundation, the Manage section will fail to load data.

To ensure end-to-end management functionality, users must ensure identity parity between Tanzu Hub and the managed foundations.

For Vended Foundations
Match Local Admin: For initial management, use an account in Hub that matches the default local admin email.
Day 2 Configuration: After the foundation is vended, configure additional users or External IdPs in the foundation to match your Hub environment. This is a required manual step until SSO configuration is automated in the vending pipeline.

Verification
Log into the Foundation UAA directly to confirm the user account exists.
Ensure the email address used in Hub exactly matches the email/username in the Foundation.
Refresh the Foundations > Manage screen in Hub after ensuring identity alignment.

Details available in the doc https://techdocs.broadcom.com/us/en/vmware-tanzu/platform/tanzu-hub/10-4/tnz-hub/foundations-deploy-foundation.html and https://techdocs.broadcom.com/us/en/vmware-tanzu/platform/tanzu-hub/10-4/tnz-hub/foundations-attach-foundation-auto.html