In VMware Workspace ONE Access, enable device compliance in the Workspace ONE UEM configuration page and configure Device Compliance in the Manage > Authentication Methods page.

When Device Compliance is configured, the access policy rules can be configured to check the Workspace ONE UEM server for device compliance status when users sign in from their devices. See Enabling Compliance Checking for Workspace ONE UEM Managed Devices in Workspace ONE Access.

Procedure

  1. In the Workspace ONE Access console Identity & Access Management tab, select Setup > Workspace ONE UEM.
  2. In the Device Compliance Check section, select Enable and click Save.
  3. In the Identity & Access Management tab, go to Manage > Authentication Methods.
  4. In the Device Compliance (with Workspace ONE UEM) Configure column, click the pencil icon.
  5. Enable Device Compliance authentication and set the maximum number of failed login attempts. The other text boxes are pre-populated with the configured Workspace ONE UEM values.
    Option Description
    Enable Device Compliance Adapter Select this check box to enable Workspace ON UEM password authentication.
    Workspace ONE UEM Admin Console URL Pre-populated with the Workspace ONE UEM URL that you set up on the AirWatch configuration page.

    Workspace ONE UEM API Key

    Pre-populated with the Workspace ONE UEM Admin API key.

    Certificate Used for Authentication Pre-populated with the AirWatch Cloud Connector certificate
    Password for Certificate Pre-populated with the password for the AirWatch Cloud Connector certificate.
  6. Click Save.
    Important: When the Workspace ONE UEM service details applicable to this authentication method change, make sure that you update the Workspace ONE UEM configuration in the Workspace ONE Access console. Otherwise this authentication method might fail.

What to do next

Associate the Device Compliance authentication method in the built-in identity provider. See Managing Authentication Methods in the Workspace ONE Access Identity Providers.

Configure the default access policy to create rules to use device compliance with Workspace ONE UEM. See Configure Compliance Checking Rules in Workspace ONE Access.