In the Workspace ONE Access console, you enable the magic link option and configure the length of time that a generate magic link is valid and the Active Directory pre-hire user group to use.
The pre-hire Active Directory group created. This pre-hire group must be synced to the Workspace ONE Access directory.
- In the Identity & Access Management tab, go to .
- In the Link Expiration text box, enter the number of hours that the generated magic link is valid. The magic link does not work if the value is 0.
- In the Pre-hire User Group text box, enter the Active Directory pre-hire group UUID. For example, firstname.lastname@example.org. This is the externalId (objectGUID) of the group or UUID of the group in the database.
- In the Status line, check Enabled.
- Click SAVE.
What to do next
Enable the pre-hire Token Auth Adapter authentication method in the Workspace ONE Access built-in identity provider. See Enable Token Auth for Day Zero Onboarding and Add to Built-In Identity Provider.