Credential and Identity Management
Page last updated:
Warning: Pivotal Cloud Foundry (PCF) v2.3 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.
This section provides links to different aspects of identity management, including credential management handled by CredHub, user creation and permissions management, and authentication for Pivotal Cloud Foundry (PCF).
The following topics provide general information about credential and identity management in PCF.
CredHub provides centralized credential management in Pivotal Cloud Foundry (PCF). Credentials can include passwords, certificates, and SSH keys.
CredHub centralizes and secures credential generation, storage, lifecycle management, and system access.
For more information about CredHub, see the following topics.
CredHub: Provides an overview of CredHub.
CredHub Credential Types: Provides a reference of credential types supported in CredHub.
PCF uses UAA to manage account roles and permissions in PCF runtimes. UAA supports access control as OAuth2 services and can store user information internally, or connect to external user stores through LDAP or SAML.
For more information about UAA, see the following topics.
The following topics describe how to manage PCF roles and user accounts in PCF.
- Creating and Managing Users with the UAA CLI (UAAC)
- Adding Existing SAML or LDAP Users to a PCF Deployment
- Creating UAA Clients for BOSH Director
- Configuring Role-Based Access Control (RBAC) in Ops Manager
- Creating and Managing Ops Manager User Accounts
This section provides links to Pivotal Application Service (PAS) roles and permissions documentation.
- Orgs, Spaces, Roles, and Permissions:
- Creating New PAS User Accounts
- Managing User Roles with Apps Manager
This section provides links to Pivotal Container Service (PKS) roles and permissions documentation.