Multiple authentication methods can be applied to devices for single sign-on. You can configure a single authentication method and you can set up chained, two factor authentication.

Authentication methods are configured in the built-in identity provider in the Workspace ONE Access console.

When mobile single sign-on is configured, the following authentication methods can be enabled.

  • Mobile SSO (for iOS). Kerberos-based adapter for iOS Devices.
  • Mobile SSO (for Android). Specially tailored implementation of certificate authentication for Android.
  • Certificate (Cloud Deployment). Certificate authentication service aimed at Web browsers and desktop devices.
  • Password (with Workspace ONE UEM). Allows for authentication of directory passwords with the AirWatch Cloud Connector through theWorkspace ONE UEM service.
  • Device Compliance (with Workspace ONE UEM). Measures the health of managed devices resulting in a pass or fail based on Workspace ONE UEM defined criteria. Compliance can be chained with any other built-in adapter except password.

See Managing User Authentication Methods in VMware Workspace ONE Access.

After an authentication method is configured, you create access policy rules that specify the authentication methods to be used by device type.