WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple

VCF 9.0 Single Sign-On (SSO) with Keycloak IdP

06.23.2025 by William Lam // Leave a Comment

As part of VMware Cloud Foundation (VCF) 9.0, users can now enable the new VCF Single Sign-On (SSO) capability, allowing true single sign-on across all components within the VCF solution. While modern IdPs such as Okta, PingFederate, Microsoft Entra ID and Microsoft ADFS continue to be supported for Production deployments, users might want to play with the new VCF SSO capability within their lab environment that may not have external access or you may want to use an IdP that is self-hosted for learning purposes.


In addition to the IdPs listed above, you can also play with the new VCF SSO using a generic OIDC provider. Keycloak is an IdP that can be self-hosted within your own environment and works perfectly out of the box with VCF SSO and this blog post will show you how that set it up without relying on a hosted IdP solution!

[Read more...]

Categories // VMware Cloud Foundation Tags // Identity Provider, Keycloak, OAuth, OIDC, VCF 9.0

vCenter Identity Federation with Authelia

04.16.2025 by William Lam // Leave a Comment

Gotta catch them all!? 😂

Looks like I will be adding another identity provider to my existing collection of IdPs (Authentik, KeyCloak, Synology SSO, Pocket ID, Zitadel and Kanidm) that can be used with vCenter Server and VMware Cloud Foundation (VCF) Identity Federation.

Authelia is another free and self-hosted IdP solution, which also supports Time-based one-time password (TOTP) out of the box and all configurations are managed in a couple of configuration files as there is no administrative web UI.

[Read more...]

Categories // VCSA, VMware Cloud Foundation, vSphere 8.0 Tags // Authelia, Identity Provider, OAuth, OIDC, vCenter Server, VCSA

vCenter Server Identity Federation with Kanidm

04.10.2025 by William Lam // 1 Comment

Looks like I will be expanding my collection of identity providers (Authentik, KeyCloak, Synology SSO, Pocket ID and Zitadel) that can be used with vCenter Server and/or VMware Cloud Foundation (VCF) Identity Federation!

Fellow colleague, Eric Gray just made me aware of another self-hosted IdP called Kanidm, which he had success setting up and thought I might be interested.


Kanidm is another basic free IdP that allows users to easily setup to play with vCenter Server and/or VCF Identity Federation, but what makes this IdP unique is that it is completely managed using a CLI, there is no web interface like ones listed above.

Additionally, Kanidm supports both traditional username/password authentication and modern passkeys. If you decide to use traditional passwords, Kanidm does require setting up Time-based One-Time Passwords (TOTP) using something like Google Authenticator and provides another factor of authentication, which is pretty neat!

[Read more...]

Categories // VCSA, VMware Cloud Foundation, vSphere 8.0 Tags // Identity Provider, Kanidm, OAuth, OIDC, vCenter Server, VCSA

  • 1
  • 2
  • 3
  • …
  • 5
  • Next Page »

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Ultimate Lab Resource for VCF 9.0 06/25/2025
  • VMware Cloud Foundation (VCF) on ASUS NUC 15 Pro (Cyber Canyon) 06/25/2025
  • VMware Cloud Foundation (VCF) on Minisforum MS-A2 06/25/2025
  • VCF 9.0 Offline Depot using Synology 06/25/2025
  • Deploying VCF 9.0 on a single ESXi host? 06/24/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...