Download and configure the Identity Appliance to provide Single Sign-On (SSO) capability for the vRealize Automation environment.

You can use the Identity Appliance SSO provided with vRealize Automation or some versions of the SSO provided with vSphere. For information about supported versions, see vRealize Automation Support Matrix on the VMware Web site.


PSC version 6.0, the vSphere SSO component introduced in vSphere 6.0, allows you to specify a tenant name other than vsphere.local. vRealize Automation requires vsphere.local as the name of the default tenant because you cannot enter the name of the tenant on the SSO tab of the management console when you configure vRealize Automation. If you have used another name, rename the tenant to vsphere.local.


The Identity Appliance is a preconfigured virtual appliance that provides single sign-on capabilities. You download the Identity Appliance and deploy it into vCenter Server or ESX/ESXi inventory.


You must synchronize the clocks on the Identity Appliance server, the vRealize Automation server, and Windows servers to ensure a successful installation.


The Identity Appliance provides Single-Sign On (SSO) capability for vRealize Automation users. SSO is an authentication broker and security token exchange that interacts with the enterprise identity store (Active Directory or OpenLDAP) to authenticate users. A system administrator configures SSO settings to provide access to the vRealize Automation.