An error occurred while processing the authentication response from the vCenter Single Sign-On server

Today I woke up to a call from a customer whom is not able to log-on to the vCenter Server, he was trying to log-in using the C# client and he was getting an authentication error.

When I tried to log-in using the vCenter Web Client I got this error:

 

[400] An error occurred while processing the authentication response from the vCenter Single Sign-On server. Details: HTTP error code: 400, status: BadResponse, sub status: No matching request found..

Details: Status: urn:oasis:names:tc:SAML:2.0:status:Responder, sub status: null

I went to the vSphere Web Client logs and couldn’t find any more informative information, other than the same output I got up above, I tried to log-in using administrator@vsphere.local and I got the same output as well.

I restarted the vSphere Web Client service and then tried to log-in using administrator@vsphere.local and it worked, I went to the SSO domain configuration and I noticed they were using a username that was not intended to be used with services, and after a bit of investigation I found out that the username’s password has expired and he changed it *BLEH*.

So, I changed the credentials to those that are supposed to be used for services and TADA all went back to normal and users were able to log-in successfully.

I hope this was helpful.

(Abdullah)^2