Workspace ONE UEM and VMware Identity Manager use password-grant work flow that allows access to VMware Identity Manager from Workspace ONE UEM with single sign-on (SSO).

The configuration settings are in VMware Identity Manager and not in Workspace ONE UEM. The exception to this process is configurations made in SaaS applications and access policies.


The admin must have administrative roles in both Workspace ONE UEM and VMware Identity Manager.


VMware Identity Manager and Workspace ONE UEM work in the back-end to authenticate the Workspace ONE UEM admin to VMware Identity Manager. Admins authenticate to Workspace ONE UEM with their usernames and passwords. This username and password triggers a request for an access token from VMware. After SSO is established, all configurations made in Workspace ONE UEM are stored in VMware Identity Manager.