The identity service runs as a pod in Kubernetes. If a user tries to log in to vRealize Automation
The identity service redirects the request to the VMware Identity Manager URL
The Identity Manager appliance validates the user credentials with Active Directory
The user can log in to vRealize Automation console
The identity-db is a dedicated PostgreSQL database for the identity service
The URL to access the VMware Identity Manager appliance is set as a VIDM_HOST environment variable during installation. All requests to authorize credentials are forwarded to the VMware Identity Manager appliance.
Administrators can use access policies to configure features, such as mobile single sign-on (SSO), conditional access to applications based on enrollment and compliance status, and multifactor authentication.
VMware products can use VMware Identity Manager as an enterprise SSO solution
VMware Identity Manager is based on the OAuth 2.0 authorization framework.