You run the Getting Started wizard in the Workspace ONE UEM console to connect Workspace ONE UEM to Workspace ONE Access and establish a trusted relationship between the two services.
This configuration is set up from the Workspace ONE UEM Organization Group of type Customer.
- In the Workspace ONE UEM console, click .
- Scroll down to the Identity and Access Management > Connect to Workspace ONE Access section and click .
- Enter your Workspace ONE tenant URL, and your system domain admin user name and password.
Click TEST CONNECTION to verify that Workspace ONE UEM and Workspace ONE Access services can communicate.
The wizard creates the service account and the API Keys that are exempt from the Workspace ONE UEM built-in rate limit.
- Go to the Source for Authentication for Intelligent Hub, to verify that Workspace ONE Access is enabled. page and scroll to
Validate the Configuration in Workspace ONE Access
Log into the Workspace ONE Access console to review the Workspace ONE UEM configuration.
After you configure the settings in the Workspace ONE UEM console, the settings are automatically populated to the Workspace ONE Access service page. A trusted relationship is set up between the services.
|Workspace ONE UEM Configuration||Description|
|Workspace ONE UEM API URL||This is the Workspace ONE UEM API URL.|
|Workspace ONE UEM REST API Certificate||The REST API certificate is uploaded to Workspace ONE Access.
The REST Admin API and enrolled users access are enabled. An API key is generated and shared with the Workspace ONE Access service to communicate between the services.
In the UEM console, you can see the API details in the Groups & Settings > All Settings > System > Advanced > API > Rest API page.
|Certificate Password||The password is not displayed.|
|Workspace ONE UEM Admin API Key||
After the admin API key is created, an admin account is added and certificate authentication is set up in the UEM console.
The UEM p12 certificate used for REST API calls is exported.
|Workspace ONE UEM Enrolled User API Key||For REST API certificate-based authentication a user-level certificate is generated in the UEM console. The certificate used is a self-signed Workspace ONE UEM certificate generated from the Workspace ONE UEM admin root cert.|
|Workspace ONE UEM Group ID||The Workspace ONE UEM organization group for this integration.
In the UEM console, you can see the organization group in Groups & Settings > Groups > Organization Groups > List View page.
|Map Domains to Multiple Organization Groups||Enable this function so you can map Workspace ONE UEM Organization Groups (OG) to the user's domain in Workspace ONE Access to register the user's devices to the OG.|
You make changes to the Workspace ONE UEM configuration in the Workspace ONE UEM console. When you save your changes in the UEM console, the Workspace ONE UEM configuration is updated in this page in the Workspace ONE Access console.
Enable Hub Catalog
When you configure Workspace ONE Access with your Workspace ONE UEM instance, you can enable the Hub catalog to include the apps from the Workspace ONE UEM catalog. The catalog displays web and virtual apps configured in the Workspace ONE Access console and native apps and web links configured in the UEM console.
- In the Workspace ONE Access console page, scroll down to the Workspace ONE Catalog section.
- To include apps from the Workspace ONE UEM catalog and the Workspace ONE Access catalog, verify that both options are selected.
- Click Save.
The Hub catalog in the Workspace ONE Intelligent Hub app or in the Hub portal displays web and virtual apps configured in the Workspace ONE Access console and native apps and web links configured in the Workspace ONE UEM console.