WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple
You are here: Home / VCSA / Quick Tip - Retrieving vCenter Identity Federation Secret Token Expiry

Quick Tip - Retrieving vCenter Identity Federation Secret Token Expiry

04.09.2025 by William Lam // Leave a Comment

As part of setting up vCenter Server or VMware Cloud Foundation (VCF) Identity Federation, if your identity provider supports the SCIM (System for Cross-domain Identity Management) protocol, you must generate a token from vCenter Server. This token enables the identity provider to automatically publish users to the vCenter Server Identity Broker (vIDB), so that you can look up users from your identity provider for vSphere Role assignment.


The token that is generated by vCenter Server is known as a JWT (JSON Web Token) and once you have copied it, you can no longer retrieve the value, which is by design. In the vSphere UI, it does provide the expiry of the last JWT token that was generated and I was recently asked on how to retrieve this value?

The token expiry is not something a user can retrieve directly, especially after a user has copied the token value. The token expiry is actually encoded into the JWT token itself and as long as you have the token, you can easily decode the expiry using any online JWT token decoder such as https://www.jstoolset.com/jwt as shown in the example below.

More from my site

  • vCenter Identity Federation with Authelia
  • vCenter Server Identity Federation with Kanidm
  • vCenter Server Identity Federation with Zitadel
  • vCenter Server Identity Federation with Pocket ID
  • vCenter Server Identity Federation with Synology SSO

Categories // VCSA, VMware Cloud Foundation, vSphere 8.0 Tags // Identity Provider, JWT, OAuth, OIDC, vCenter Server, VCSA

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • VCF 9.0 Hardware Considerations 05/30/2025
  • VMware Flings is now available in Free Downloads of Broadcom Support Portal (BSP) 05/19/2025
  • VMUG Connect 2025 - Minimal VMware Cloud Foundation (VCF) 5.x in a Box  05/15/2025
  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...