Describes how to log in to SASE Orchestrator using Single Sign On (SSO) as an Operator user.

To login into SASE Orchestrator using the SSO as an Operator user:


  • Ensure you have configured the SSO authentication in SASE Orchestrator.
  • Ensure you have set up users, roles, and OIDC application for the SSO in your preferred IDPs.

    For more information, see Authentication.

    Note: If other authentication mechanisms fail, there must always be a native Operator Superuser as a system fallback.


  1. In a web browser, launch the SASE Orchestrator application as an Operator user.
    The VMware SASE Operations Console screen appears.
  2. Click Sign In With Your Identity Provider.
  3. In the Organization Domain text box, enter the domain name used for the SSO configuration and click Sign In.
    The IDP configured for the SSO authenticates the user and redirects the user to the configured SASE Orchestrator URL.
    Note: Once the users log in to the SASE Orchestrator using the SSO, they are not allowed to login again as native users.

What to do next

  • Manage Customers and Partner
  • Manage Operators
  • Configure User Account details
  • Manage Gateway pools and Gateways
  • Manage Software and Firmware images
Additionaly, in the SASE Orchestrator home page, you can access the following features from the Global Navigation bar:
  • The user can click the User icon located at the top right of the screen to access the My Account page. The My Account page allows users to configure basic user information, SSH keys, and API tokens. Users can also view the current user's role, associated privileges, and additional information such as version number, build number, legal and terms information, cookie usage, and VMware trademark. For more information, see Configure User Account details.
  • Starting with the 5.4.0 release, the In-product Contextual Help Panel with context-sensitive user assistance is supported in the SD-WAN service of the Enterprise Orchestrator UI and as well as for the Operator and Partner levels. In the Global Navigation bar, click the Question Mark icon located at the top right of the screen to access the Support panel.

    The Support panel allows users across all levels to access helpful and important information such as Question-Based Lists (QBLs), Knowledge base links, Ask the Community link, how to file a support ticket, and other related documentation from within the Orchestrator UI page itself. This makes it easier for the user to learn our product without having to navigate to another site for guidance or contact the Support Team.

    Note: By default, the Support Panel is not available to all Customers. You can activate this feature for a Customer by navigating to the Global Settings > Customer Configuration > Additional Configuration > Global > Feature Access page. For more information, see Configure Customers.