VMware Identity Manager together with Workspace ONE UEM enables you to consolidate a list of your organization’s suggested Web apps and native mobile apps in unified application catalogs. This functionality does not allow for Workspace ONE UEM to receive directory changes from Identity Manager. After configuring directory integration settings between your Workspace ONE UEM instance and VMware Identity Manager, your end users must sign in only once using Workspace ONE. Single sign-on enables access to all your organization’s available apps without the need to sign in each time.

For more information about integrating Workspace ONE UEM with Workspace ONE Access and deploying Workspace ONE with single sign-on to devices, see the Workspace ONE Quick Configuration Guide.


Before you can integrate directory services with VMware Identity manager, complete the following:

  • Set up and configure VMware Enterprise Systems with your Workspace ONE UEM environment.
  • Set up and configure Directory service integration for the selected organization group and not inheriting settings from a parent organization group.
  • Accept the End User License Agreement (EULA) found in the VMware Identity Manager console. This EULA displays when you first open the console.

Synchronization Between Workspace ONE UEM and VMware Identity Manager

Synchronization of directory information between Workspace ONE UEM and VMware Identity Manager occurs on the same schedule as the Workspace ONE UEM directory sync. Users are also synced to VMware Identity Manager immediately when added by an administrator manually or from a bulk import.

Also, the integration with VMware Identity Manager supports Just-in-Time provisioning (JIT). Users with directory accounts have their accounts synced to VMware Identity Manager the first time they log in using an enrollment or self-service portal. Manual synchronization is not required to add a single user to VMware Identity Manager immediately.