In the built-in identity provider, configure the users, network ranges, and authentication methods that users use for single sign-on to their apps portal.
To configure the built-in identity provider, make sure that you complete the following tasks.
- Users and groups located in your enterprise directory synced to the Workspace ONE Access directories.
- Network ranges created in the Resources > Policies > Network Ranges page.
- The authentication methods to be used in the built-in identity provider configured.
- In the Workspace ONE Access console page, click ADD and select the identity provider labeled Built-in IDP and configure the identity provider settings.
Option Description Identity Provider Name Enter the name for this built-in identity provider instance. Users Select which users to authenticate. The directories that you configured are listed. Add a Connector and Connector Authentication Methods When directories you select are associated with a connector authentication method, the authentication method is listed. Select the authentication method to associate with the directories.
If you select a combination of supported directories and directories that are not supported with a connector authentication methods, no connectors authentication methods are listed.
Authentication Methods The authentication methods that are configured in the Integrations > Authentication Methods page are displayed. Select the authentication methods to associate to the identity provider.
For Device Compliance (with Workspace ONE UEM) and Password (AirWatch Connector), make sure that the option is enabled in the Workspace ONE UEM configuration page.
Network The existing network ranges configured in the service are listed. Select the network ranges for the users based on the IP addresses that you want to direct to this identity provider instance for authentication. KDC Certificate Export When the Mobile SSO (iOS) authentication method associated with the built-in identity provider, you download the KDC certificate.
- Click SAVE.