Solved: vCenter an error occurred during authentication

A vCenter single sign-on service error occurred

vCenter Single Sign-On (SSO) is an authentication broker and security token exchange infrastructure. When a user authenticates to vCenter SSO, they receive a SAML token, allowing them to access vCenter services and perform actions based on their privileges. All communications are encrypted, and only authenticated users can execute actions within their granted permissions.

💌[400] vCenter an error occurred during authentication An error occurred while sending an authentication request to the vCenter Single Sign-On server- An error occurred when processing meta data during vCenter Single Sign-On setup:the service provider validation failed. Verify that the server URL is correct and is in FQDN format, or that the hostname is a trusted service provider alias.

To resolve this issue of 'an error occurred during authentication', verify that:

• The server URL is correct.
• The URL is in FQDN format.
• The hostname is a trusted service provider alias.

Next, I will focus on this issue and offer you the detailed steps to add a short name access to vCenter in this article.

Fix: An error occurred during authentication

VMware vSphere 7.0 enforce FQDN or IP address reverse resolvable to FQDN to allow authentication for Single-Sign on. To enable short name access to vCenter, add the desired shortname in webclient.properties file.

* Note: Ensure you have a backup of vCenter Server Appliance (vcsa) before making any changes.

1. Log in to the vCenter Server via SSH/PuTTY session as root, and enable shell

2. Stop the vSphere client service using below command

3. Navigate to the vsphere-ui location to edit webclient.properties

4. Before editing take a backup of webclient.properties using below command:

5. Add the desired shortname under the sso.serviceprovider.alias.whitelist

• vi webclient.properties
• Type i to enter insert mode
• Remove the comment (#) for sso.serviceprovider.alias.whitelist=
• Add the shortname (comma separated if there are multiple values)
• Save and exit the VI editor by pressing Esc to exit insert mode, then wq!

Example: sso.serviceprovider.alias.whitelist=vcsa70

6. Start the vSphere client service.

Alongside addressing login issues, such as the [400] error during vCenter Single Sign-On setup, it's crucial to have a robust backup solution in place to protect your virtual machines (VMs) from potential data loss.

Comprehensive VMware Backup: Preventing data loss from errors

When you cannot log in to vSphere Client due to vCenter error, you are exposed to the danger of data loss. However, vCenter doesn't provide the feature of virtual machine backup. And that makes backup software a commonly accepted choice.

AOMEI Cyber Backup is an efficient and flexible VMware backup solution that ensures that your VMware virtual environment is fully protected with the help of VM backup and recovery.

AOMEI Cyber Backup is flexible for your IT infrastructure supporting ESXi 6.0 and its later versions.

✦ Agentless Backup: Create independent image-level backup for VMware ESXi and Hyper-V VMs without install agents. ✦ Centralized Management: Manage all your backup tasks from a single, user-friendly interface. ✦ Automated Backups: Schedule regular backups to ensure your data is always protected without manual intervention. ✦ Quick Recovery: Restore your VMs rapidly in case of data loss or system failure to minimize downtime. ✦ Multiple Storage Destinations: backup to local drive, network destinations or cloud storage. ✦ Scalable Solution: Easily scale your backup operations as your virtual environment grows. ✦ Detailed Reporting: Generate comprehensive reports to monitor backup status and history.

AOMEI Cyber Backup simplifies a complete backup task, and next I will demonstrate how to create one. Please download and try the 30-day free trial:

Efficiently batch backup VMs on vCenter Server in 4 simple steps

1. Bind Devices: Access to AOMEI Cyber Backup web client, navigate to Source Device > VMware > + Add VMware Device to Add vCenter or Standalone ESXi host. And then click … > Bind Device.

2. Create Backup Task: Navigate to Backup Task > + Create New Task, and select VMware ESXi Backup as the Backup Type.

3. Set Task Name, Device, Target, Archive, Schedule, and Cleanup as needed.

• Task Name: you can change the task name or use the default name with an ordinal.
• Device: batch select large numbers of VMs managed by vCenter Server for centralized backup.

• Target: select to back up to a local path, or to a network path. According to 3-2-1 backup rule, you should store VM files to different places in case of data failure.
• Archive: Select Amazon S3 buckets for storage, and easily archiving VMware backup to Amazon S3.
• Schedule (optional): choose to perform full, differential or incremental backup, and automate execution according to the frequency you specified.

• Cleanup (optional): configure retention policy to auto delete the old backup files and save storage space.

4. Run Backup: Click Start Backup and select Add the schedule and start backup now, or Add the schedule only.

✨When necessary, click Restore to achieve fast recovery from any backed-up history version. While restoring, you can also restore to new location to create a new VM in the same or another datastore/host directly from the backup, saving the trouble of re-configuring the new VM.

Summary

You may encounter that an error occurs during authentication request to the vCenter Single Sign-On server. This issue is resulted in an incorrect FQDN. When the domain in which the user you are attempting to log in does not exist as a VMware vCenter SSO identity source, this error may arise.

This article introduced the procedure to solve the VMware error 400, you can add the desired short name access to vCenter following these steps.