Allow users to authenticate to midPoint using their existing credentials (e.g. from AD or LDAP). MidPoint will use existing resource connector to carry out the authentication, therefore it will be easy to set up. Also the identifiers will be mapped correctly.
Note: there is currently a way how to use Spring Security modules to partially implement this feature. But this requires midPoint rebuild from the source (or overlay) and it is not configurable in the GUI. It also assumes exact username mapping (i.e. no mapping). This feature should be readily configurable from the GUI.