In the built-in identity provider, configure the users, network ranges, and authentication methods that users use for single sign-on to their apps portal.
Prerequisites
To configure the built-in identity provider, make sure that the following are set up.
- Users and groups located in an enterprise directory synced to the Workspace ONE Access directory.
- Network ranges created in the Policies > Network Ranges page.
- The authentication methods to be used in the built-in identity provider configured.
Procedure
- In the Workspace ONE Access console Identity & Access Management tab, go to .
- Select the identity provider labeled Built-in and configure the identity provider details.
Option Description Identity Provider Name Enter the name for this built-in identity provider instance. Users Select the directory of the users to authentication from the list of configured directories. Only one directory can be selected. Connector Authentication Methods After you select a directory, the User Auth service authentication methods that are associated with that directory display. Select the methods to associate to this identity provider. Authentication Methods The authentication methods that are configured in the Identity & Access Management Manage > Authentication Methods page are displayed. Select the check box for the authentication methods to associate to the identity provider. For Device Compliance (with Workspace ONE UEM) and Password (AirWatch Connector), make sure that the option is enabled in the Workspace ONE UEM configuration page.
Network The existing network ranges configured in the service are listed. Select the network ranges for the users based on the IP addresses that you want to direct to this identity provider instance for authentication. KDC Certificate Export When the Mobile SSO (iOS) authentication method associated with the built-in identity provider, you download the KDC certificate. - Click Add.
