The Workspace ONE UEM console and the Workspace ONE Access use an authorization code work flow that allows access to the Workspace ONE Access console through the Workspace ONE UEM console and that allows admins to work on SaaS application configurations. This flow is specific to SaaS applications and access policies in Workspace ONE UEM. Additions and edits made in Workspace ONE UEM are reflected in Workspace ONE UEM.
Register the OAuth Client During Setup
When you set up Workspace ONE Access in the Workspace ONE UEM console, you register the OAuth client as part of the setup wizard. The OAuth client registration is a prerequisite for this SSO feature to work.
Workspace ONE Access and Workspace ONE UEM work in the back-end to authenticate the Workspace ONE UEM admin to Workspace ONE Access. The Workspace ONE Access console passes an ID token to Workspace ONE UEM. This token contains information about the admin and the authentication so that the admin can access both consoles. The two consoles follow the depicted process.