Multiple authentication methods can be applied to devices for single sign-on. You can configure a single authentication method and you can set up chained, two factor authentication.

Authentication methods are configured in the built-in identity provider in the Workspace ONE Access console.

When mobile single sign-on is configured, the following authentication methods can be enabled.

  • Mobile SSO (for iOS). Kerberos-based adapter for iOS Devices.
  • Mobile SSO (for Android). Specially tailored implementation of certificate authentication for Android.
  • Certificate (Cloud Deployment). Certificate authentication service aimed at Web browsers and desktop devices.
  • Password. Allows for authentication of directory passwords with a single connector when Workspace ONE Access and Workspace ONE UEM are integrated.
  • Device Compliance (with Workspace ONE UEM). Measures the health of managed devices resulting in a pass or fail based on Workspace ONE UEM defined criteria. Compliance can be chained with any other built-in adapter except password.

See Managing Authentication Methods in the Workspace ONE Access Identity Providers.

After an authentication method is configured, you create access policy rules that specify the authentication methods to be used by device type.