In this article, I will provide the Use Case and Steps to Integrate VMware Workspace ONE with Okta.
VMware Identity Manager (vIDM) is part of Workspace ONE Platform.
vIDM provides Identity & Access management and used as a standalone federation Identity Provider (IDP). Also provides single sign-on(SSO) for enterprise and SaaS-based web apps. Integrating vIDM with Workspace ONE UEM, we can also achieve Mobile SSO, unified catalog and Device compliance.
Okta is also a identity provider. Okta enables you to provide SSO access to cloud, on-premise, and mobile applications. You sign into Okta and you can then launch any of your web apps without having to reenter your credentials. Okta establishes a secure connection with a user’s browser and then authenticates the user to Okta-managed apps using one of two SSO integration methods:
- Okta’s Secure Web Authentication (SWA)
- Federated (supporting SAML or another proprietary federated authentication protocol)
- Using Okta as Third Party Identity Provider (IDP) to vIDM or Workspace ONE
- Unified Catalog
- Device Compliance / Trust
Okta can added as trusted/ third party identity provides to Workspace ONE. This will allow end users to log in using Okta authentication policies.
Workspace ONE / vIDM catalog can configured to publish Okta federated applications, along with Native applications from Workspace ONE UEM and applications federated with Workspace ONE. This allows end users to go to a single app to discover, launch, or download their enterprise apps from any device with the consistent user experience.
For a critical application, Okta will forward the authentication request to Workspace ONE to check the Device compliance. If the Device is enrolled and compliant, User will get access to the application. If the device is not enrolled or Not compliant with policies, User will get redirected to the enrollment page.
Below diagram shows the flow for 2 applications:
Hope this article helped you understand Use cases with okta and Workspace ONE. In the next part, we will walk you through steps to integrate Okta as a 3rd party Identity provider to Workspace ONE.