• Authentication to the vCenter Server (VCSA) using domain account fails with the error message:

An error occurred while fetching the identity provider.

• The following banner is visible on the VCSA UI login screen : 
  

The identity provider is not configured on the VCF Operations Appliance during the management component import process.

To enable authentication using domain accounts, configure and synchronize the Single Sign-On settings across the management infrastructure :

1. Log in to the VCF Operations appliance and navigate to Fleet Manager > Identity & Access to start the configuration process
   
   
2. Select the Identity broker deployment mode. Refer to : Choose vIDB deployment mode
   
   
3. Configure the identity provider for the VCF SSO. Refer to : Configure an Identity Provider
   
   
4. Validate the component configuration for vCenter Server by navigating to Fleet Management > Identity & Access > VCF Instance > Component configuration. Refer to : Configure VCF SSO on components
5. Assign necessary roles to domain groups in the VCF Operations appliance and propagate to the components ( VCSA and NSX) : 
   
   1. Navigate to Administration > Control Panel > Access Control in the VCF Operations appliance UI.
   2. Assign the necessary roles to the domain groups to permit user access. Refer : Assigning Roles and Permissions

This issue can also be encountered when the vmware-trustmanagement service is down on the VCSA, refer : Getting following error "An error occurred while fetching identity providers. Please try again later. If the problem persists, contact your administrator" when logging in with domain users on vCenter Server 9.0