Login to the vSphere web client, Click on Administration from the left pane.
https://vSphere_Web_Client_host_name_or_IP:9443/vsphere-client
Select Active directory(Integrated Windows Aunthentication) and enter your domain name. My domain name is lab.com. Click on Ok.
you can delegate the permissions by adding users and groups from the
Active directory domain and assing permissions to them.
Select Users and Groups from the left pane, click on Groups tab. select any of the role from the above option and click on add under Group Members option.
Select your domain name from the drop down and select the users and groups which you want to assign permissions and click on Add.
Now delegated user account will be able to login to vsphere web client with their domain credentials.
Thats it. we are done with adding identity source for the vCenter single sing-on. I hope this is informative for you. Thanks for reading !!!