Credential and Identity Management
Page last updated:
This section provides links to different aspects of identity management, including credential management handled by CredHub, user creation and permissions management, and authentication for Pivotal Platform.
The following topics provide general information about credential and identity management in Pivotal Platform.
CredHub provides centralized credential management in Pivotal Platform. Credentials can include passwords, certificates, and SSH keys.
CredHub centralizes and secures credential generation, storage, lifecycle management, and system access.
For more information about CredHub, see the following topics.
CredHub: Provides an overview of CredHub.
CredHub Credential Types: Provides a reference of credential types supported in CredHub.
Pivotal Platform uses UAA to manage account roles and permissions in Pivotal Platform runtimes. UAA supports access control as OAuth2 services and can store user information internally, or connect to external user stores through LDAP or SAML.
For more information about UAA, see the following topics.
The following topics describe how to manage Pivotal Platform roles and user accounts in Pivotal Platform.
- Creating and Managing Users with the UAA CLI (UAAC)
- Adding Existing SAML or LDAP Users to a Pivotal Platform Deployment
- Creating UAA Clients for BOSH Director
- Configuring Role-Based Access Control (RBAC) in Ops Manager
- Creating and Managing Ops Manager User Accounts
This section provides links to Pivotal Application Service (PAS) roles and permissions documentation.
- Orgs, Spaces, Roles, and Permissions:
- Creating New PAS User Accounts
- Managing User Roles with Apps Manager
This section provides links to Pivotal Container Service (PKS) roles and permissions documentation.