As part of the Fig release, we continue to move towards a single admin experience for your mobility and identity needs. Along with the pre-existing Workspace ONE getting started track -- helping admins setup and configure their Workspace ONE deployments -- you can look forward to the following new features:
SaaS Apps w/ SSO support:
SaaS apps have traditionally been managed separately inside the VMware Identity Manager (IDM) console. New in Fig:
- Now available in the AirWatch admin console under Apps & Books > Applications > Web > SaaS
- These cloud-based SaaS apps support:
- SAML (2.0 or 1.1)
- WSFed 1.2
- No authentication (simple web link)
- Additionally, these apps support
- Assignment to users / user groups; including "user-activated" or "automatic" assignment where the links will appear in the Workspace ONE app "Bookmarks" tab versus the "Catalog" tab.
- Configuration to open only in VMware Browser
- Configuration for conditional access (see next section below)
Management of Conditional Access Policy
Access policy has traditionally been managed separately inside the VMware Identity Manager (IDM) console. New in Fig:
- Now available in the AirWatch admin console under Apps & Books > Applications > Access Policies
- Ability to manage access policy rules, allowing you to control access into single sign-on enabled apps
- For example, allow SSO normally but block access to these apps if device is compromised
- This can apply to your native mobile apps too! You just need to set up mobile single sign-on (see next section below)
Mobile Single Sign-on Simplification
- To take full control of your app deployment using single sign-on enabled apps, you can leverage mobile single sign-on and use conditional access policies for your native mobile apps too.
- For example, if SSO is enabled for Salesforce, you can control app access to Salesforce web/cloud AND access to Salesforce1 native mobile app through conditional access policies
- A new getting started step has been created inside the Workspace ONE getting started track to simplify the prerequisite steps to configure mobile single sign-on
- Mobile single sign-on offers convenience to your end-users and also granular security for your admins. The best of both worlds!