If the global OAuth app used to give VMware Cloud Flex Storage components access to VMware Cloud services is deleted or changed, you can recreate it.

VMware Cloud Flex Storage leverages OAuth 2.0 apps to provided secure delegated access to VMware Cloud services in your organization.

When you activate a VMware Cloud Flex Storage storage region for the first time as an Organization Owner, VMware Cloud Flex Storage creates a global OAuth app named 'VCDS OAuth app - Global' that manages the OAuth apps used for each individual storage region. The global OAuth app ensures that VMware Cloud Flex Storage cloud components can access VMware Cloud services.

If someone deletes or changes the VCDS OAuth app - Global app, you see an error message in the VMware Cloud Flex Storage UI stating that the OAuth app was deleted or changed, and you need to recreate it.

If you are an existing customer and already have created API tokens for VMware Cloud Flex Storage authentication, once your software is upgraded VMware Cloud Flex Storage will switch its authentication method to use OAuth.
Note: Your user must be an Organization Owner to recreate the global OAuth app.

Organization-wide Authentication Policies

If your Organization's authentication policy blocks VMware Cloud Flex Storage IP addresses (there are three), then recreating the OAuth app will fail with an error message. This message contains three IP addresses that you must add as exceptions to the policy before you can recreate the OAuth app.

Procedure

  1. In the VMware Cloud Flex Storage UI, if an OAuth app was deleted or changed, you will see a banner at the top of the application stating that the UI is in read-only mode because the OAuth apps used to connect to VMware Cloud might have been deleted.
    You can also see this error message on the VMware Cloud Flex Storage service home page in the VMware Cloud console.
  2. Click the Recreate OAuth App button in the upper-right.
  3. You are taken to the VMware Cloud Flex Storage Global Console in your organization, and a message stating that the OAuth app was deleted or changed. Click the Recreate OAuth App button.
  4. In the Recreate Oauth App dialog box, select the check box to authorize the creation of the global OAuth app, and then click Recreate OAuth App.
    After a few minutes, the VCDS OAuth app - Global app is created and you can start using VMware Cloud Flex Storage again.
    To check that the VCDS OAuth app - Global app was created, from your Organization select Identity and Access Management from the left navigation and then click OAuth Apps. You see VCDS OAuth app - Global in the list.