Single Sign On (SSO) with VMware Cloud Director

Single Sign On (SSO) with VMware Cloud Director

Introduction

By default, authentication to VMware Cloud Director (VCD) is against a local database. Nubis will provision each new organisation with a single account with the Organisation Administrator role which has full access to manage all aspects of the organisation; from here, customers can either create additional local users within VCD, or integrate their organisation with a Single Sign On (SSO) Identity Provider (e.g. Microsoft Azure / Entra or Google Workspace)

As well as simplifying administrative tasks and ensuring access to your VCD organisation does not drift (e.g. keeping consistent with staff leavers), implementing SSO will also allow you to add Multi Factor Authentication (MFA) within your VCD environment.

Pre Requisities

In order to establish SSO integration, you will require:
  1. An Organisation Administrator on your Nubis VCD portal;
  2. An Identity Provider (IDP) which supports SAML (Security Assertion Markup Language);
  3. Administrator access to your IDP portal.
This guide provides details on implementing SSO to your Nubis VCD environment with Microsoft Entra ID (formerly Azure Active Directory) and Google Workspace.

VMware Cloud Director Preparation

Regardless of your chosen IDP, the first steps are to prepare your VCD organisation for SAML integration.

1. Login to your VCD tenant portal with an Organisation Administrator account.

2. From the main menu, select Administration:


3. Then, from the Identity Providers sub menu, select SAML:


4. Assuming this is the first time you are configuring SAML for this organisation, you will be presented with a screen advising that you have not yet configured SAML. Select Configure to continue:


5. An Edit SAML Configuration popup will appear. On the Service Provider tab, select Retrieve Metadata to download an XML configuration file to your device. You will either need this file, or information contained within it, to configure your IDP. 

Subsequent steps will depend on your chosen identity provider:
  1. Google Workspace
  2. Microsoft Entra ID

    • Related Articles

    • Entra ID SSO with VMware Cloud Director

      Introduction Customers with an Entra ID (formerly Azure Active Directory) environment can integrate this with their Nubis VMware Cloud Director environment to take advantage of Single Sign On (SSO) and Multi Factor Authentication (MFA). Pre ...

    • Google SSO with VMware Cloud Director

      Introduction Customers with a Google Workspace environment can integrate this with their Nubis VMware Cloud Director environment to take advantage of Single Sign On (SSO) and Multi Factor Authentication (MFA). Pre Requisites Prior to reading this ...