Use Case:
Display VMware Identity Manager (VMware Workspace ONE) federated web/SaaS applications in OneLogin end-user portal.
Prerequisites:
- OneLogin configured as IDP for VMware Identity Manager. Following guide describes how to set it up:
OneLogin as federated Identity Provider for VMware Identity Manager - A SaaS application federated with your VMware Identity Manager tenant. For simplicity, in this tutorial we use Salesforce.com. In your setup, assume your own app. In VMware Identity Manager, ensure that this application is assigned/entitled to your user(s).
- This tutorial assumes you have basic understanding of identity federation concepts.
Steps:
- Locate application "Launch URL" in VMware Identity Manager.
- In OneLogin, configure app RelayState for VMware Identity Manager federated app.
- Test Federation Connection.
Detailed steps are provided below.
1. Locate application "Launch URL" in VMware Identity Manager
- Log into VMware Identity Manager and navigate to Catalog > Application Catalog.
- Click on the link for application you are interested in (app should already be federated with VMware Identity Manager).
- Go to "Configuration tab". Note "Launch URL", this will be used in step 2.
2. In OneLogin, configure app RelayState for VMware Identity Manager federated app
- Configure OneLogin as IDP for VMware Identity Manager using following instructions:
OneLogin as federated Identity Provider for VMware Identity Manager
- Log into OneLogin admin console and navigate to APPS > Company Apps.
- Select VMware Identity Manager, application (configured using above instructions).
Under "Info" tab, change "Display Name" to appropriate app name. In this example, we are using Salesforce.com, so we call it "Salesforce - VMware IDM Federated".
- Under "Configuration" tab, paste app "Launch URL" from step 1 in "RelayState" text box.
- Click Save.
3. Test Federation Connection
This can be tested by going to your OneLogin tenant and clicking on the respective app in OneLogin end-user portal.
Following video demonstrates this login flow:
More Information: