Workspace ONE Cards fetches configurations through the SDK profile from the Workspace ONE UEM console. These configurations include Exchange Server settings and other security policies. Workspace ONE Cards connects with the Exchange Server based on the authentication method configured in the UEM console, and upload contacts to the Exchange Server after scanning on the device.
You can configure the SDK profile to apply either general or application-specific settings for Workspace ONE Cards. For app-specific settings, configure the Custom Settings payload of the SDK profile. You can set these app-specific settings either as a part of a configured default profile, or as a part of a custom SDK profile that you have explicitly assigned to Workspace ONE Cards.
You can assign only one SDK profile to an application, so you must select either the default or the custom SDK profile for Workspace ONE Cards. The default profile is the same for both iOS and Android, whereas custom profiles are platform-dependent. A custom SDK profile can have additional details as per your organization's requirements.
For more information about default versus custom SDK profile, see App Suite SDK Configurations from the Mobile Content Management Guide.
Configure a Default SDK Profile for Workspace ONE Cards
You can select and configure a default SDK profile to define the behavior that applies to Workspace ONE Cards.
- In Workspace ONE UEM console, navigate to .
- Configure Security Policies.
Option Description Authentication Type Passcode Prompt end users to authenticate with a user-generated passcode when the app starts for the first time, and after an app session timeout. Username and Password Prompt end user to authenticate by reentering their enrollment credentials when the app starts for the first time, and after an app session timeout. Disabled Allow the user to open apps without entering credentials. SSO Enabled Establish a single app session across all Workspace ONE UEM and Workspace ONE UEM wrapped apps. Disabled Establish app sessions for each app. Offline Access Enabled Allow end users to open and use Workspace ONE UEM and wrapped apps when disconnected from Wi-Fi. When the device is offline, the Workspace ONE UEM applications cannot perform downloads. For a successful download, users must connect their device to Internet. Configure the Maximum Period Allowed Offline to set limits on the offline access. Disabled Remove access to Workspace ONE UEM and wrapped apps on offline devices. Compromised Protection Enabled If enabled, this option overrides the MDM protection. App level Compromised Protection blocks the compromised devices from enrolling, and enterprise wipes enrolled devices that report a compromised status. Disabled Rely only on the MDM compliance engine for the compromised device protection. Data Loss Prevention Enabled Access and configure settings intended to reduce data leaks. Enable Copy And Paste Allows an application to copy and paste when set to Yes. Enable Printing Allows an application to print from devices when set to Yes. Enable Camera Allows application to access the device camera when set to Yes. Enable Composing Email Allows application to access the device camera when set to Yes. Enable Data Backup Allows wrapped applications to sync data with a storage service such as iCloud when set to Yes. Enable Location Services Allows wrapped applications to receive the latitude and longitude of the device when set to Yes. Enable Bluetooth Allows applications to access bluetooth functionality on devices when set to Yes. Enable Screenshot Allows applications to access screenshot functionality on devices when set to Yes. Enable Watermark Displays text entered in Overlay Text as a watermark in documents in the VMware Workspace ONE Content when set to Yes.Note: You cannot change the design of a watermark from the Workspace ONE UEM console. Limit Documents to Open Only in Approved Apps Select this option to control the applications used to open resources on devices. For iOS devices, you can use the UEM configuration values to restrict users from importing files from third-party applications into Workspace ONE Cards. For more information, see Configure Import Restriction in Workspace ONE Content Guide. Allowed Applications List Enter the applications that are allowed to open documents. Disabled Allow user to access all device functions.
- Select Save.
- Navigate to .
- Configure Settings. You must enter specific application settings.
Action Description Branding Enabled Apply the organization-specific logo and colors wherever applicable to the app suite. Disabled Maintain the Workspace ONE UEM brand throughout the app suite. Logging Enabled Access and configure settings related to collecting logs. Logging Level
Select a logging level for Workspace ONE Cards:
- Error - Records only errors. An error indicates a failure in processes such as a failure to look up UIDs or an unsupported URL.
- Warning - Records errors and warnings. A warning displays a possible issue with processes such as bad response codes and invalid token authentications.
- Information - Records a significant amount of data for informational purposes. An information logging level displays general processes and warning and error messages.
- Debug - Records all data to help with troubleshooting. This option is not available for all functions.
Send logs over Wi-Fi only Select to prevent data from being transferred when roaming and to limit data charges. Disabled When disabled, the application does not collect any logs. Analytics Enabled Collect and view the useful statistics about apps in the SDK suite. Disabled When disabled, the application does not collect useful statistics.
- Click Save.
Configure a Custom App SDK Profile for Workspace ONE Cards
- In the Workspace ONE UEM console, navigate to .
- Select SDK Profile.
- Select a platform.
- Configure General Settings.
- Configure Custom Settings with configuration keys listed in Application Configurations for Workspace ONE Cards.
- Select Save.
Configure Workspace ONE Cards Using Certificate-Based Authentication (CBA) with Exchange
- If you are using a default SDK profile, select the Integrated Authentication from the check box.
- If you are using a custom SDK profile, perform the following steps:
- Select Certificate Authority and Template.
- List the Exchange URL in the allowlist URL text box.
- Add KVPs such as AccountUseCBA and AccountUseDualAuth under Custom Settings in the Workspace ONE UEM console. For more information about the Keys, see Application Configurations for Workspace ONE Cards.