Configure the Workspace ONE Access identity provider with the users, network ranges, authentication methods, and redirect host name for Kerberos authentication.
Prerequisites
To configure the Workspace ONE Access identity provider, make sure that the following are set up.
- Users and groups located in an enterprise directory synced to Workspace ONE Access Directory.
- Network ranges created in the Policies > Network Ranges page.
- The Kerberos authentication configured.
Procedure
- In the Workspace ONE Access console Identity & Access Management tab, go to .
- Select the identity provider labeled Workspace ONE Access IDP and configure the identity provider details.
Option Description Identity Provider Name Enter the name for this built-in identity provider instance. Users Select the directories of users to authentication. The configured directories are listed. Authentication Methods After you select a directory, the User Auth service authentication methods that are associated with that directory display. Select the methods to associate to this identity provider. Network The existing network ranges configured in the service are listed. Select the network ranges for the users based on the IP addresses that you want to direct to this identity provider instance for authentication. IdP Hostname Enter the hostname where the Workspace ONE Access identity provider redirects to for authentication. If you are using a load balancer for Kerberos authentication, the host name is the load balancer host name. For example, if the load balancer hostname is mylb, enter as mylb.company.com:port.
If you are using a port other than 443, you can set this as Hostname:port.
- Click Add.