SSO With VMware Workspace ONE

1. In Workspace ONE, click Catalog and then click New to create a new SSO application with an OpenID Connect authentication type.

2. On the Settings tab, configure the application by entering the following information (do not use a trailing slash for the URLs):

   1. Authentication Type: Select OpenID Connect.

   2. Client ID: Enter strongdmoidc or any other string value.

   3. Redirect URL: https://app.uk.strongdm.com/auth/return

   4. Target URL: https://app.uk.strongdm.com

3. Click Save to create the app.

4. Copy the Client ID and Client Secret values. You will need these values in the next step.

5. Next, enter the account details in the StrongDM Admin UI. Go to Settings > User Management. In the Single Sign-on section, set the following:

   1. Provider: Select VMWare Workspace ONE.

   2. Single Sign-on URL: Add your URL in the format https://yourorg.workspaceoneaccess.com/SAAS/auth. Do not include a trailing slash.

   3. Client ID: Paste your Client ID.

   4. Client Secret: Paste your Client Secret.

   5. Select your desired General SSO settings, then click Activate.

6. Confirm user access by doing the following:

   1. In Workspace One, make sure your users are entitled to the app you just created.

   2. In StrongDM, make sure you have created users whose email addresses match those in VMware exactly.

   3. In StrongDM, assign a Role to your test user that will grant access to one or more resources. 4. Install the StrongDM Client, and try logging in with a VMware account.

If your test is successful, you should be ready to roll out SSO to your teams.

1. In Workspace ONE, click Catalog and then click New to create a new SSO application with an OpenID Connect authentication type.

2. On the Settings tab, configure the application by entering the following information (do not use a trailing slash for the URLs):

   1. Authentication Type: Select OpenID Connect.

   2. Client ID: Enter strongdmoidc or any other string value.

   3. Redirect URL: https://app.eu.strongdm.com/auth/return

   4. Target URL: https://app.eu.strongdm.com

3. Click Save to create the app.

4. Copy the Client ID and Client Secret values. You will need these values in the next step.

5. Next, enter the account details in the StrongDM Admin UI. Go to Settings > User Management. In the Single Sign-on section, set the following:

   1. Provider: Select VMWare Workspace ONE.

   2. Single Sign-on URL: Add your URL in the format https://yourorg.workspaceoneaccess.com/SAAS/auth. Do not include a trailing slash.

   3. Client ID: Paste your Client ID.

   4. Client Secret: Paste your Client Secret.

   5. Select your desired General SSO settings, then click Activate.

6. Confirm user access by doing the following:

   1. In Workspace One, make sure your users are entitled to the app you just created.

   2. In StrongDM, make sure you have created users whose email addresses match those in VMware exactly.

   3. In StrongDM, assign a Role to your test user that will grant access to one or more resources. 4. Install the StrongDM Client, and try logging in with a VMware account.

If your test is successful, you should be ready to roll out SSO to your teams.