The Workspace ONE UEM console and the Workspace ONE UEM consoles use an authorization code work flow that allows access to the Workspace ONE UEM console through the Workspace ONE UEM console and that allows admins to work on SaaS application configurations.

This flow is specific to SaaS applications and access policies in Workspace ONE UEM. Additions and edits made in Workspace ONE UEM are reflected in Workspace ONE UEM.

Register the OAuth Client During Setup

When you set up Workspace ONE UEM in the Workspace ONE UEM console, you register the OAuth client as part of the setup wizard. The OAuth client registration is a prerequisite for this SSO feature to work.

Workflow

Workspace ONE UEM and Workspace ONE UEM work in the back-end to authenticate the Workspace ONE UEM admin to Workspace ONE UEM. The Workspace ONE UEM Console passes an ID token to Workspace ONE UEM. This token contains information about the admin and the authentication so that the admin can access both consoles. The two consoles follow the depicted process.

Work flow depicting SSO communication between Workspace ONE UEM and Workspace ONE UEM