The embedded vRealize Orchestrator only supports the following authentication method:

  • vRealize Automation Authentication

Table 1. vRealize Orchestrator Directory Service Design Decision

Decision ID

Design Decision

Design Justification

Design Implication


Embedded vRealize Orchestrator uses the vRealize Automation authentication.

Only authentication method available.



Configure vRealize Orchestrator to use the vRealize Automation customer tenant (rainpole) for authentication.

The vRealize Automation Default Tenant users are only administrative users. By connecting to the customer tenant, workflows running on vRealize Orchestrator may run with end-user granted permissions.

End users who run vRealize Orchestrator workflows are required to have permissions on the vRealize Orchestrator server. Some plug-ins may not function correctly using vRealize Automation Authentication.


Each vRealize Orchestrator instance is associated with only one customer tenant.

To provide best security and segregation between potential tenants, vRealize Orchestrator instance is associated with a single tenant.

If additional vRealize Automation Tenants are configured, additional vRealize Orchestrator installations are needed.