This diagram highlights the communications flow for a device attempting to connect to the Exchange ActiveSync (EAS) server through the Workspace ONE UEM Secure Email Gateway (SEG) using a certificate for authentication. A detailed account of this interaction is shown below in the legend.

Certs_SEG_AD_EAS_01

Legend

1. The device contacts the SEG with a certificate that contains UPN and email in the Subject Alternative Name section of the cert.

2. The SEG authenticates the user with Active Directory from the information in the cert.

3. The Active Directory server (KDC) issues a ticket to the SEG with the user's credentials.

4. The SEG sends the user's credentials to Exchange ActiveSync (EAS) with the mail request.

5. The EAS responds to the SEG with the mail information.

6. The SEG responds to the device with the mail information.