What is vCenter Single Sign-On (SSO)?
With vCenter Single Sign-On (SSO), you can access everything you need through the virtual infrastructure with a single username and password, which makes the authentication process simpler and faster. vSphere components in your virtual infrastructure, such as vCenter Server, vCenter Orchestrator and vCloud Director can use SSO to securely communicate with each other using a secure token mechanism. vCenter Single Sign-On (SSO) is a prerequisite for installing vCenter Server; you must install SSO before installing the vCenter Server.
The vCenter SSO can be configured to authenticate against multiple user repositories, also called identity sources, such as Active Directory and OpenLDAP.
Here is a description of vCenter SSO authentication:
1. A user logs into vSphere Web Client.
2. The username and password are issued to the SSO server.
3. The SSO server forwards the request to the relevant authentication mechanism (local, AD, OpenLDAP).
4. Once authentication succeeds, SSO then passes a token to the vSphere Web Client.
5. This token can now be used to authenticate directly with vCenter, vCO, vCNS, or vCD.