With role-based access control, you can grant administrator access to users and groups, enabling them to manage specific applications.

For example, the super administrator can delegate the day-to-day duties to manage the Office 365 application in Workspace ONE to another administrator. You create an administrator role to manage Office 365 in Workspace ONE and to manage the entitlements to the application.

Procedure

  1. In the VMware Identity Manager console Roles page, click Add. Create a descriptive role name and describe the purpose of the role. Click Next.

  2. In the Configuration page, select the Catalog service. For Actions, select Manage Web Applications. For Resources, select Some. For Conditions, select Web Applications and enter Office 365 in the search box. Save the configuration.
    You can add other applications to manage. For example, search for SalesForce and add it to the list of web applications to be managed in this role.
  3. Again, on the Configuration page, select the Entitlements service. For Actions, select Manage Web Entitlements. For Resources, select Some. For Conditions, select Applications and in the search box, enter Office 365 to select the same application. Save the configuration.
    If you added another application in the Catalog Service, make sure that you add it here, if you want the admin to manage the entitlements.
  4. On the Configuration page, click Save again.
    The role to manage the Office 365 application is created and is listed on the Roles page.
  5. Select the role you created and click Assign. In the Search text box, enter the users or group names who should be granted access. Select the user or group and click Save.
    The user or group is now the administrator for this role. The profile page is updated to show the assigned administrator role.