Integrating Workspace ONE Access with Active Directory Federation Services allows organizations to manage access to enterprise applications and resources with conditional user and device access policies.

About VMware Workspace ONE Platform

VMware Workspace ONE is a secure enterprise platform that integrates application management, access control, and enterprise mobility management on all devices and applications. The Workspace ONE Intelligent Hub app is used to register devices for mobile device management and to manage access to company resources from devices or the Hub portal.

VMware Workspace ONE Access and VMware Workspace ONE UEM are part of the Workspace ONE platform. As the identity component of the Workspace ONE platform, VMware Workspace ONE Access provides enterprise identity integration and web and mobile single sign-on (SSO) services.

About the Integration Process

Workspace ONE Access has the capability to act as a standalone federation identity provider (IdP). It can also integrate with existing IdP and SSO solutions like Active Directory Federation Services as a federated IdP or service provider (SP). When configured in this way, the Workspace ONE platform can provide augmented services such as a unified application catalog and conditional access policies based on device posture.

With the flexible identity policies of Workspace ONE Access and Active Directory Federation Services, either identity provider can authenticate login requests depending on the scenario. For example, you can configure Workspace ONE Access to authenticate users of mobile devices, while Active Directory Federation Services continues to authenticate desktop users. This flexibility gives you the benefits of Workspace ONE Access integration in key areas while maintaining your existing Active Directory Federation Services workflow in other scenarios.

This guide provides step-by-step instructions on how to configure and test use cases supported by theWorkspace ONE Access integration with Active Directory Federation Services. To perform the integration, you integrate Workspace ONE Access, the identity component of the Workspace ONE platform, with Active Directory Federation Services.