About directory sources and identity brokering

You can connect user and group identities from multiple directory sources, such as the following types of directories:

  • Active Directory
  • Centrify Directory (users defined in Centrify PAS)
  • LDAP
  • Google

For directory sources other than Centrify, you install Centrify software on a system where the directory source is and then you can make sure that those users and groups have access to your resources that are defined in Centrify PAS. This way, you can set up Centrify PAS as an identity broker for multiple directory sources.

For example, by installing Centrify software in AWS, Azure, Google Cloud or a DMZ, you can provide secure access to those systems for your users and groups across various directory sources without having to extend your network. This approach provides decreased exposure, better security, and more flexibility.

For details, see How to add a directory service and Users and Roles.