As of last month, customers must generate a new download token from the Broadcom Support Portal (BSP) for in-product downloads of VMware software binaries (e.g. updates, security patches using SDDC Manager, vCenter Server, ESXi, etc.). The Broadcom download token must then be appended after the new product download base URI (e.g. https://dl.broadcom.com/TOKEN/...) and this will ensure you will be able to continue to download updates directly or indirectly (via network proxy) from within the products.
UPDATE (05/02/2025) - A new Broadcom KB (395322) has also just been published with additional endpoints for troubleshooting download tokens.
Note: For customers that have setup or are using an offline method to retrieve updates, there are no changes in your workflow, this is only for those pulling software update directly from Broadcom.
A Broadcom download token is scoped to a SiteID and depending on your organization you may have one or more SiteIDs and users can generate a unique download token for each SiteID. It is important to understand that a download token itself does not contain an expiration, while you can revoke an existing token, its validity is based on whether a given SiteID has an active entitlement for the particular VMware SKU that you are attempting to download.
