Zoho Directory (ZD™) - Overview
Zoho Directory (ZD™) is the one-stop place for performing the following admin activities for your Zoho account:
- Define the security policy
- Enable single sign-on
- Connect and sync with Active Directory or an LDAP server
You can use Zoho Directory to define security policies, which are sets of customizable rules that govern how your users can access your applications. They allow you to configure the password policy, allowed IP addresses, multi-factor authentication (MFA), and web session management. Learn more
You can use Zoho Directory to provide single sign-on (SSO) for your applications by delegating user authentication to third-party identity providers (IdP) that support SAML. Learn more
You can use Zoho Directory to delegate user authentication and management to your Active Directory or LDAP server via Zoho Directory Sync tool. Learn more
The following image shows Zoho Directory inside your Account Setup page. You can click Go to Zoho Directory to sign-in to Zoho Directory.
Imagine that you've created applications in your Zoho Creator account and want to set up security measures to protect the sensitive data of your organization and its users. Below are examples of how you could use Zoho Directory for this purpose:
- You may define one or more security policies that govern how users access your Creator applications. You could customize them to mandate your users to maintain strong passwords, restrict application access to the required IP addresses, mandate multi-factor authentication (MFA), configure session timeout, idle session timeout, and the number of concurrent sessions allowed.
- You can use Zoho Directory to set up Single Sign-On (SSO) by delegating user authentication to third-party identity providers that support SAML framework. This would relieve your users from creating a new set of credentials to access the Zoho Creator applications..
- If your organization is using Active Directory (AD) or an LDAP server, you could use the Zoho Directory Sync (ZD Sync) tool to sync with them and continue to use the AD or LDAP directory to perform user management. This will make it easier for you to maintain all user identities in a single place.