Use single sign-on (SSO) to provide a common service, both internally and externally.

You must use a supported Identity Provider (IdP).

Make sure that the SAML assertion contains attributes that vCloud Director understands.

Make sure that vCloud Director and the IdP are time synchronized to within a few seconds.

Make sure that vCloud Director and the IdP have valid endpoint certificates.

Use consistent hostnames or IP addresses while registering with the LookupService.