Credential and Identity Management

Page last updated:

Warning: Pivotal Cloud Foundry (PCF) v2.3 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

This section provides links to different aspects of identity management, including credential management handled by CredHub, user creation and permissions management, and authentication for Pivotal Cloud Foundry (PCF).

General Identity Management

The following topics provide general information about credential and identity management in PCF.

CredHub Documentation

CredHub provides centralized credential management in Pivotal Cloud Foundry (PCF). Credentials can include passwords, certificates, and SSH keys.

CredHub centralizes and secures credential generation, storage, lifecycle management, and system access.

For more information about CredHub, see the following topics.

UAA Documentation

PCF uses UAA to manage account roles and permissions in PCF runtimes. UAA supports access control as OAuth2 services and can store user information internally, or connect to external user stores through LDAP or SAML.

For more information about UAA, see the following topics.

PCF Roles and User Accounts

The following topics describe how to manage PCF roles and user accounts in PCF.

Ops Manager Roles and Permissions

PAS Roles and Permissions

This section provides links to Pivotal Application Service (PAS) roles and permissions documentation.

PKS Roles and Permissions

This section provides links to Pivotal Container Service (PKS) roles and permissions documentation.