Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

Logging in to vCenter Orchestrator using SSO fails with the error: Failed trying to retrieve token: ns0:RequestFailed: Delegate is invalid (2039229)

Symptoms

  • Cannot login to vCenter Orchestrator using vCenter Single Sign On (SSO)
  • Logging in to vCenter Orchestrator using SSO fails
  • You see the error:

    Failed trying to retrieve token: ns0:RequestFailed: Delegate is invalid
  • When configured using LDAP, you are able to log in to vCenter Orchestrator and you see the message:

    After verifying that the user attempting to login is in the admin group in vCenter and that SSL certs have been verified. Test login's via the vCO configuration page are successful.

Cause

The issue occurs if System-Domain is not a member of Default Domains in the SSO configuration.

Resolution

To resolve this issue, add System-Domain to the list of Default Domains in the SSO configuration.
 
To add System-Domain to the list of Default Domains in the SSO configuration:
  1. Log in to the vSphere Web Client.
  2. In the vSphere Web Client home page, click Administration.
  3. In the left pane, under Sign-On and Discovery, click Configuration.
  4. From the list of domains, select System-Domain and click Add to Default Domains.
  5. In the Default Domains pane, click Save.

Note: You should wait for about a minute for the SSO configuration to be applied.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 0 Ratings
Actions
KB: