The benefits of identity federation are security and authentication in on-premises as well as cloud applications.

Employee Privacy

Supporting federated identity allows you to centrally manage all users and their respective permissions to vCloud Air through your corporate directory service. From a security and governance perspective, since authentication is granted through the corporate identity solution, user information is not kept in vCloud Air which protects employee privacy.

Dynamic User Management

Instead of relying on account administrators to add new users to the service, new users can be automatically on-boarded with appropriate role-based rights. Authentication through your corporate identity solution also ensures that vCloud Air access is appropriately and dynamically granted as employees join, move, or leave teams.

Improved Role-Based Access

With the support for identity federation, vCloud Air is also increasing the granularity of role-based privileges that can be assigned to different groups. Instead of the standard 5 roles that are provided out-of-the-box to vCloud Air, customers have 8 different roles that can be assigned to different directory groups.

SSO Experience

With support for SAML 2.0, companies can integrate vCloud Air with their SSO experience so that employees are granted access to multiple corporate applications with a single login, including vCloud Air. This minimizes the need for employees to set up multiple logins and remember multiple passwords. One of the benefits for the company is that they can decide on the password strength rules as well as how often employees are required to change them.

Support for Multi-Factor or Password-less Authentication

As access is granted via the IdP solution, companies can choose to employ different login methods such as the use of multi-factor authentication (for example, RSA tokens, mobile phone, catchphrase) or password-less authentication (for example, biometric).