Configure the listed components and ensure that the Workspace ONE UEM environment has the correct settings so that you can access the content on the SaaS page.

Required Systems

Configure or integrate the listed systems so that you can access the SaaS applications page. You can find a wizard to set up these systems in the Workspace ONE tract of the Getting Started section of the Workspace ONE UEM console.

  • VMware Enterprise System Connector - This component is the unified connector for Workspace ONE, Workspace ONE UEM, and VMware Identity Manager. See VMware Enterprise Systems Connector Documentation (Formerly Workspace ONE UEM Cloud Connector) .
  • Active Directory - This component integrates Workspace ONE UEM and VMware Identity Manager to sync users and groups from Active Directory (AD) to the service. You assign SaaS applications to the users and groups synced from Active Directory.

    Note:

    With setup of the connector, AD users and groups are in sync between Workspace ONE UEM and VMware Identity Manager.

  • VMware Identity Manager - This component serves many functions including managing your users and groups and managing authentication to resources. For information about the system settings page in the UEM console, see Integrate VMware Identity Manager With Directory Services. For detailed information on the integration of the two systems, search for Integrating Workspace ONE UEM and VMware Identity Manager, at VMware Identity Manager Documentation on docs.vmware.com.
  • Mobile SSO -This component manages single sign-on (SSO) capabilities in the Workspace ONE portal for Workspace ONE UEM-managed Android and iOS devices. For Android devices, mobile SSO uses certificate authentication. For iOS devices, it uses the identity provider in the identity manager service in VMware Identity Manager. Go to VMware Identity Manager documentation on docs.vmware.com and review on of the listed topics for information on mobile SSO.

    • Implementing Mobile Single Sign-in Authentication for Workspace ONE UEM-Managed iOS Devices

    • Implementing Mobile Single Sign-On Authentication for Workspace ONE UEM-Managed Android Devices

    Note:

    Mobile SSO is different from the SSO feature for applications that use the AirWatch SDK. For information about the SSO for the AirWatch SDK, see SSO Configurations and System Login Behavior.

  • Access Policies - This component provides secure access to the Workspace ONE apps portal to start Web applications. Access policies include rules that specify criteria that must be met to sign in to the apps portal and to use resources.

    A default policy is available that controls access as a whole. This policy is set up to allow access to all network ranges, from all device types, for all users. You can create stricter access policies that restrict users access to applications based on access rules you define. For information, see Use Access Policies with SaaS Applications.

Supported Applications

Deploy SaaS applications to these platforms.

  • Android
  • Apple iOS
  • Apple macOS
  • Windows Desktop (Windows 10)