SSO Validation

You will now validate that the Workspace ONE UEM iOS Profile was successfully configured with the appropriate certificates and Single Sign-On settings to allow Safari on your iOS device to authenticate without requiring users to input their credentials.

Once the iOS Profile is validated, you will sign in to the Workspace ONE catalog to confirm that the Single Sign-On works and experience the end user interaction.

1. Verify the Single Sign-On Profile Settings

Open Settings

Tap Settings on the iOS device.

Navigate to General Settings, Digital Workspace
  1. Tap General
  2. Scroll down to find the Device Management option
  3. Tap Device Management

1.2. Open the Digital Workspace profile

Open the Digital Workspace profile

Tap the Workspace Services profile.

1.3. View More Details

View More Details

Tap More Details to view the profiles and settings contained within the Workspace Services profile.

1.4. Open the Singe Sign On Account

Open the Singe Sign On Account

You will see the Single Sign On Account that you added as part of the iOS Profile you created in the Workspace ONE UEM console.

Tap TestSSO.

NOTE: If you set a different Account Name for your Single Sign-On payload for your iOS Profile, the Single Sign On Account will be listed as a different name.

1.5. Verify Settings

Verify Settings

Verify that the following Single Sign-On settings are correct:

  1. Principal Name is set to aduser.
  2. Realm is set to VIDMPREVIEW.COM.
  3. URL Prefix Matches is set to https://{tenantName}.vidmpreview.com/.  This URL will be your Workspace ONE Access Tenant URL.
  4. Eligible App IDs includes com.apple.mobilesafari.

NOTE: If any of these settings are incorrect, return to the Workspace ONE UEM Console and inspect your iOS Identity KDC Cert Profile that was previously created.

2. Clear the Safari Cache

Clear the Safari Cache

Navigate back to the main Settings page.

  1. Scroll down to find the Safari settings
  2. Tap Safari
  3. Scroll down to find Clear History and Website Data
  4. Tap Clear History and Website Data

2.1. Confirm the Clear History and Data Prompt

Click Clear.

3. Launch Safari on the iOS Device

Launch Safari on the iOS Device

Tap the Safari icon.

Navigate to Identity Manager in Safari
  1. Enter the URL of your Workspace ONE Access tenant in the URL bar.  This will be in the format https://{tenantName}.vidmpreview.com.
  2. Click Go

5. Workspace ONE App Catalog Single Sign-On

Workspace One Single Sign-On

Notice that Workspace ONE Access is signing you in without requiring any authentication.

6. Workspace ONE App Catalog

Identity Manager Application Catalog

You are now signed into the Workspace ONE catalog! The Single Sign On settings and certificates you configured and distributed to your device with Workspace ONE UEM allowed your user account to authenticate without having to enter any credentials.

There are no applications visible because they haven't been added in Workspace ONE Access or Workspace ONE UEM.  If you add applications, they will be visible here.

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.