External identities can be configured for Anypoint Platform to allow single sign-on using SAML 2.0 for user authentication or OAuth 2.0 for client authentication. Supported identity providers include PingFederate, OpenAM, Okta, and others. The document provides instructions for configuring SAML 2.0 SSO with an identity provider and mapping users to roles within Anypoint Platform. It also discusses configuring client authentication with PingFederate or OpenAM and enabling single logout.