vCenter Single Sign-On ensures that only users in supported identity sources can log in to vCloud Suite. Authorization ensures that only a user with corresponding privileges can view information or perform tasks. Authorization applies to both services and human users.
Authentication with vCenter Single Sign-On vCenter Single Sign-On supports authentication in your management infrastructure. Only users that can authenticiate to vCenter Single Sign-On can view and manage infrastructure components. You can add identity sources such as Active Directory or OpenLDAP to vCenter Single Sign-On.
Authorization in vCloud Suite Authorization determines which user or process can access or modify which components in your vCloud Suite deployment. Different products within vCloud Suite handle authorization at different levels of granularity.
Federated Identity Management Federated identity management enables electronic identities and attributes from one domain to be accepted and used to access resources in other domains. You can enable federated identity management between vRealize Automation, vRealize Operations Manager,and vSphere Web Client using vCenter Single Sign-On and VMware Identity Manager.