Self-Service Portal (SSP) Token Enrollment Security Enhancements


Currently, users in an Organization Group (OG) with token-based (single or two-factor) enrollment enabled, can view and send the token from the Self-Service Portal (SSP) to an email or device. In an upcoming console release, VMware is implementing security improvements in the SSP and disabling contact fields as well as hiding token enrollment information when token-based enrollment is enabled for an OG.

Note: VMware is not disabling the QR code option from the SSP. Enrollment workflows which require scanning of the QR code from within the SSP will still be possible through the Add Device modal. 


Customer Impact

Customers who have token-based (single or two-factor) enrollment enabled in an Organization Group will experience the following changes in the Self-Service Portal:

  • The email address and phone number fields will be disabled on the Add Device, Resend Enrollment Message and My Account screens.
  • Enrollment messages will be sent to the email address or phone number from the user’s account instead.
  • The View Enrollment Message button will not be available.


Support Contact Information

To receive support, either submit a ticket via the My Workspace ONE portal or call your local support line.


Best Regards,

The VMware Workspace ONE Team

Other Languages: 日本語

Have more questions? Submit a request


Article is closed for comments.