About directory sources and identity brokering

You can connect user and group identities from multiple directory sources, such as the following types of directories:

  • Active Directory
  • Centrify Directory (users defined in Centrify PAS)
  • LDAP
  • Google

You can also federate with other directories by way of SAML, such as Azure AD, Okta, and so forth. For details, see How to set up business partner federation.

For directory sources other than Centrify Directory, you install Centrify PAS software on a system where the directory source is and then you can make sure that those users and groups have access to your resources that are defined in Centrify PAS. This way, you can set up Centrify PAS as an identity broker for multiple directory sources.

For example, by installing Centrify PAS software in AWS, Azure, Google Cloud or a DMZ, you can provide secure access to those systems for your users and groups across various directory sources without having to extend your network. This approach provides decreased exposure, better security, and more flexibility.

For details, see How to add a directory service and Users and Roles.