Starting with version 10.4.2, you can use VMware Cloud Director as a tenant-aware OpenId Connect (OIDC) identity provider proxy server.
After VMware Cloud Director is configured as an OIDC proxy server, when a user attempts to log in to the OIDC relying party (OIDC client), they are redirected to VMware Cloud Director and prompted to enter the name of their organization and their SSO or local credentials. After providing the necessary credentials, the user is directed to the OIDC relying party.
VMware Cloud Director delegates actual authentication to the authentication mechanism used by the provider or tenant. This can result in additional redirections to any external Identity Providers that perform authentication for those users.
Prerequisites
Verify that your role includes the OIDC Server: Manage Settings right.
Verify that the roles of the users that will log in to the OIDC relying party (OIDC client) through VMware Cloud Director include the OIDC Server: Enable right.
Procedure
Results
When a user attempts to log in to the OIDC relying party, they are redirected to VMware Cloud Director, prompted to select a VMware Cloud Director organization, and to provide their credentials. After a successful authorization, they are redirected back to the OIDC relying party.