You can integrate your VMware Cloud Director with an external identity provider, and import users and groups to your organizations. You can configure an LDAP server connection at the system or the organization level. You can configure a SAML integration at the organization level.

An identity provider is a service that manages the user and group identities. VMware Cloud Director organizations that use the same identity provider are federated.

Note: For successful VMware Cloud Director integration with external identity providers, to determine the correct values and settings and to ensure proper and accurate configuration, see also the product documentation of those identity providers.

An organization can define an identity provider that it shares with other applications or enterprises. Users authenticate to the identity provider to obtain a token that they can then use to log in to the organization. Such a strategy can enable an enterprise to provide access to multiple, unrelated services, including VMware Cloud Director, with a single set of credentials, an arrangement often referred to as single sign-on.

VMware Cloud Director includes a multisite capability that extends the advantages of a federation by enabling administrators to associate organizations with each other so that a user authenticated to one organization is also authenticated to all organizations that it is associated with. For organizations, sharing of an IDP is a prerequisite to association. See Configuring and Managing Multisite Deployments for more information about associating sites and organizations.

Note: Starting with version 10.4.1, VMware Cloud Director starts the deprecation process for local users. VMware Cloud Director continues to fully support the use of local users while they are under deprecation. See VMware Cloud Director 10.4.1 Release Notes.

For version 10.4.2 and later, if an organization in VMware Cloud Director has SAML or OIDC configured, the UI displays only the Sign in with Single Sign-On option. To log in as a local user, navigate to or

VMware Cloud Director login page with an SSO login button.

For versions 10.3.3 through 10.4.1, if an organization in VMware Cloud Director has SAML or OIDC configured, to log in with your identity provider, select the Sign in with Single Sign-On option.

VMware Cloud Director login page with SSO and local user login buttons.