Set up Entrust Identity Enterprise derived credentials for your end users' devices managed by Workspace ONE UEM.

Entrust Identity Enterprise is a commercially off the shelf (COTS) Derived Credentials solution that transforms your mobile device in a virtual smart card for derived credential authentication. You can learn more about it by going to the Entrust website.


  1. Start the enrollment process by logging in to the Entrust Identity Enterprise Self-Service Portal from your laptop/desktop computer with your existing smart card.
  2. Once logged in, select “I’d like to enroll for a derived mobile smart credential”.
  3. Select “I’ve successfully downloaded and installed the Entrust Identity Enterprise Mobile Smart Credential application” and click Next.
  4. Enter a name under Identity Name, then select VMware PIV-D under the Derived Mobile Smart Credential App field.
  5. Click OK.
    A QR Code and a one-time password displays.
  6. Launch the Workspace ONE PIV-D Manager app on your iOS device, tap Scan QR code, and then enter the one-time password.


Once the process is complete, you are taken to the Certificate list view.