You can configure multiple built-in identity providers and associate authentication methods that have been configured in the Identity & Access Management Manage > Auth Methods page.


  1. In the Identity & Access Management tab, go to Manage > Identity Providers.
  2. Click Add Identity Provider, and select Create Built-in IDP.



    Identity Provider Name

    Enter the name for this built-in identity provider instance.


    Select which users to authentication. The configured directories are listed.


    The existing network ranges configured in the service are listed. Select the network ranges for the users based on the IP addresses that you want to direct to this identity provider instance for authentication.

    Authentication Methods

    The authentication methods that are configured on the service are displayed. Select the check box for the authentication methods to associate to this built-in identity provider.

    For Device Compliance (with AirWatch) and Password (AirWatch Connector), make sure that the option is enabled in the AirWatch configuration page.

  3. If you are using Built-in Kerberos authentication, download the KDC issuer certificate to use in the AirWatch configuration of the iOS device management profile. See Using the Cloud Hosted KDC Service.
  4. Click Add.

What to do next

Make sure that the authentication methods that you selected is configured in the access policies.