Skip to main content

VMware Workspace ONE Walkthrough

The following steps will demonstrate how to set up an OIDC connection within the Workspace ONE Access Console that leverages AuthID's biometric authentication platform. The steps to fully integrate authID are as follows:

  • Create a new integration in the authID Identity Portal
  • Configure authID as an identity provider within the Workspace ONE Access Console
  • Create and test access policy configuration

Add Identity Provider

First, navigate to the Integrations > Identity Providers section of your dashboard and click the button labeled Add Identity Provider. Select the option marked Create OpenID Connect IDP.

Select Automatic Discovery for the Authentication Configuration section and paste in the following value:

https://id.authid.ai/oidc/web/.well-known/openid-configuration

Use the saved values from your AuthID integration to fill out the Client ID and the Client Secret fields.

info

If you wish, you can enable Just-in-time user provisioning. Specify a directory name, domains, and user attribute mappings.

Finally, enable ALL RANGES and give a name to be used later as part of an Access Policy. Turn on Pass through Claims, and save to create the identity provider.

caution

Once the identity provider has been created, you must ensure that at least one value from the Login redirect Urls parameter for your authID integration matches the Redirect URI. This value can be found at the bottom of the creation screen in the screenshot above.

Add Authentication Policy

Authentication policies are used to direct users to the preferred identity provider based on their conformance to the conditions you set forth. In this way, we can make a determination to send a subset of the user population through the OIDC identity provider we have created. To begin, navigate to the Resources > Policies section of your dashboard and edit the default_access_policy_set or create a new one by clicking ADD POLICY.

You can configure the rule as you see fit, but ensure that the section for authentication method points to the identity provider created earlier.

Testing the Policy

To test the effect of the policy, you can simply login as a member of the group that would activate such policy. You should see the authID experience appear in the browser: