Review Your Configuration in Workspace ONE Access

In the previous section, you configured the integration between your Workspace ONE Access tenant and your Workspace ONE UEM tenant by using the Getting Started wizard in the Workspace ONE UEM console.  The Getting Started wizard generates an API Admin key, an API Enrollment User API key, and an API certificate.  These API keys and certificates are used to establish a secure connection between Workspace ONE Access and Workspace ONE UEM and are linked by your Workspace ONE UEM Group ID.

If you do not use the Getting Started Wizard, you would need to generate these API certificates and keys manually and supply the information in the Workspace ONE Access tenant.

To showcase where these configurations would need to be made manually and to confirm that the Getting Started wizard created the secure connection for you, you will navigate to the Setup section in Workspace ONE Access for review.

1. Validate the Workspace ONE UEM Integration

In your Workspace ONE Access Tenant,

  1. Click on Identity & Access Management
  2. Click on Setup
  3. Click VMware Workspace ONE UEM
  4. Validate that the API URL, REST API Certificate, Admin API Key, Enrolled User API Key, and Group ID fields are populated
    NOTE: You can find your Group ID by hovering over your organization group name in the Workspace ONE UEM Console!

If you did not use the Getting Started wizard, these values would need to be retrieved from the Workspace ONE UEM console and entered here manually.  To reduce complexity and eliminate erroneous input, you utilized the Getting Started wizard to configure these automatically.

NOTE: The Admin and Enrolled User API Keys will be unique each time, so they may not match

2. Updating the Workspace ONE UEM Configuration

  1. Scroll down to the bottom of the Workspace ONE Configuration section.
  2. After any changes are made here, you would need to manually save them by clicking Save.  
    NOTE:     You can find your Group ID by hovering over your organization group name in the Workspace ONE UEM Console!
  3. A pop-up will confirm if the configuration was saved successfully.

3. Configure the Workspace ONE App Catalog

  1. Scroll down to find the Workspace ONE Catalog section.
  2. Ensure the boxes for Fetch from Workspace ONE Access and Fetch from Workspace ONE UEM are both checked. This ensures that the Workspace ONE app catalog will contain all the applications you make available in both the Workspace ONE UEM and Workspace ONE Access consoles.  This behavior can be modified here if desired.
  3. If Fetch From Workspace ONE UEM is enabled, you need to provide the Device Services URL of your Workspace ONE UEM environment.  The Getting Started wizard entered and configured this automatically for you.
  4. After any changes are made here, you would need to manually save them by clicking Save.  
  5. A pop-up will confirm if the configuration was saved successfully.

4. Enable Compliance Check and Workspace ONE User Password Authentication

  1. Scroll down to find the Compliance Check and User Password Authentication sections
  2. Select Enabled for Compliance Check
  3. Click Save
  4. Select Enabled for User Password Authentication through Workspace ONE UEM
  5. Click Save

Enabling User Password Authentication through Workspace ONE UEM will allow Workspace ONE Access to authenticate directory users through Workspace ONE UEM.

5. Return to the Workspace ONE UEM Console

For the next steps, we will return to the Workspace ONE UEM Console. Click the Workspace ONE UEM tab, which should be the first tab, on your browser to return to the Workspace ONE UEM Console Login page.

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.