You can create a template to enable a group of clients to register dynamically with the VMware Identity Manager service to allow users access to a specific application.

About this task

Procedure

  1. In the administration console Catalog tab, select Settings > Remote App Access.
  2. Click Templates.
  3. Click Create Template.
  4. On the Create Template page, enter the following information about the application.

    Label

    Description

    Template ID

    Enter a unique name that identifies this template.

    Application

    Select Identity Manager

    Scope

    Select the information that the token contains. When you select NAAPS, OpenID is also selected.

    Redirect URI

    Enter the registered redirect URI.

    Advanced Section

    Click Advanced.

    Token Type

    Select Bearer. This attribute tells the application what type of access token it was given. For VMware Identity Manager, the tokens are bearer tokens.

    Token Length

    Leave the default setting, 32 Bytes.

    Issue Refresh Token

    To use refresh tokens, leave this option enabled.

    Access Token TTL

    Set the access token time to live length. The access token expires based on the TTL set inAccess Token Time-To-Live. If Issue Refresh Token is enabled, when the access token expires, the application uses the refresh token to request a new access token.

    Refresh Token TTL

    Set the Refresh Token time to live. New access tokens can be requested until the refresh token expires.

    Idle Token Time-to-Live (TTL)

    Configure how long a refresh token can be idle before it cannot be used again.

    User Grant

    Do not check Prompt users for access.

  5. Click Add.

What to do next

In the resource application, set up the VMware Identity Manager service URL as the site that supports integrated authentication.