Workspace ONE UEM can be integrated with Workspace ONE Access! Here are a couple of reasons why you want to do this:
Fortunately, the integration of the two Workspace ONE components is not too difficult. In the following chapters, the step-by-step configuration is shown.
First, we are going to create a (local directory) system account in Workspace ONE Access. This account is actually the service account that makes the integration possible.
In the Workspace ONE Access Admin Console, open the Users & Groups tab and click on the “Add User” button.
Fill in the account details, with a valid email address, and click Add.
You will now get an email to activate the account and supply a password.
Next, click the Roles tab, select the Super Admin group and click Assign.
Search and select the newly created service account.
The service account is now added, click SAVE.
The Workspace ONE Access configuration is now completed.
VMware has created the possibility to do the integration configuration via configuration wizard. To access this wizard, click “Getting Started”, Workspace ONE and click Configure in the Identity and Access Management menu.
Note: The Getting Started menu can only be used at an Organization Group of type “Customer”
If it is not a Customer OG, you can access this wizard in Settings, System, Enterprise Integration, Workspace ONE Access, Configuration menu.
Fill in the Workspace ONE Access tenant URL, the previously created Service Account and Password, and click TEST CONNECTION.
If authentication is successful, you will see the message “Test connection successful”
Next, the API keys must be generated. Click the button “Use Autogenerated API Key”
In my case, the API keys were already created.
As the last step, we will configure Workspace ONE UEM to use Workspace ONE Access for authentication. Go to Settings, System, Devices & Users, General, Enrollment
In Workspace ONE Access, you will see the Workspace ONE UEM configuration is automatically configured.
If you scroll down, make sure the “Fetch from Workspace ONE Access & UEM” check-boxes are enabled.
This completes the setup! Stay tuned for more topics, such as enabling the Unified Application Catalog, Mobile SSO and how to set up the Device Compliance Authentication Policy.