After creating the Remote App Access client, generate an OAuth bearer token.


Download and install the Postman app. You can download Postman from


  1. Open a new tab in the Postman app.
  2. For the HTTP method, select POST.
  3. For the URL, enter:
    Replace tenanturl with your Workspace ONE Access URL, for example:
  4. Click the Authorization tab and select OAuth 2.0 as the type.

    select oauth2
  5. Click Get New Access Token.
  6. For Token Name, enter a name, such as Workspace ONE.
  7. For Grant Type, select Client Credentials.
  8. For Access Token URL, enter https://tenantURL/SAAS/auth/oauthtoken, where tenantURL is your Workspace ONE Access tenant URL.
    For example:
    Note: Workspace ONE Access was formerly called VMware Identity Manager. Old tenants have the domain name while new tenants have the domain name
  9. For Client ID, enter the Client ID that you set in Create Remote App Access Client.
  10. For Client Secret, enter the secret that you set in Create Remote App Access Client.
  11. For Scope, enter admin.

    scope field
  12. Click Request Token.
    A token is generated and displayed.
  13. To verify that the bearer token was added, click the Headers tab and click hidden headers.
    hidden headers
    The bearer token appears.

    bearer token

  14. If the bearer token was not added, return to the Authorization tab and select your token from the available tokens drop-down list and check again.