We are seeing an issue when trying to log into vSphere (vSphere Client version 8.0.1.00300):
Some users are getting: [400] An error occurred while processing the authentication response from the vCenter Single Sign-On server. Details: Temporary access not granted for user TheirUserAccount. Specify a correct user name.
And some are getting another error as seen in the attachment. Some of us that are in our vsphere administrators security group can get past this attached error by clicking the temporary offline access, then are given the option to launch vsphere and log in as usual.
Prior to this we did try integrating Okta MFA and were able to get it to work and then changed the identity provider back to Embedded (Integrated Windows Authentication, Active Directory over LDAP, Open LDAP).