In a standalone VMware Aria Orchestrator 8.18.x or 9.x environment authenticating against vSphere, you may find that Basic Authentication remains active for API workflow execution even after explicitly disabling it.

Setting the system property com.vmware.o11n.sso.basic-authentication.enabled to false does not prevent the API from accepting and processing requests using Basic Authentication headers. This behavior persists even after rebooting the appliance or restarting the pods and after executing the vracli command to modify the authentication mode.

Aria Orchestrator 8.x

VCF Operations Orchestrator 9.x

The system property com.vmware.o11n.sso.basic-authentication.enabled is hard-coded to govern authentication behavior only for integrated Aria Automation permission sets.

Orchestrator instances configured with vSphere authentication does not consume this flag. Consequently, the property does not apply to standalone instances configured as such.

Currently, there is no supported method to disable Basic Authentication for standalone Aria Orchestrator instances using vSphere authentication.

If disabling this feature is a requirement for your environment, you must submit a Feature Request through the standard Broadcom enhancement process.