SSO with VMWare
This document details the steps to set up VMWare Workspace One to manage authentication for strongDM.
- Create application: In Workspace One, click Catalog, then click New to create a new application with an OpenID Connect Authentication Type.
- Configure application: On the settings tab, enter the following information (do not use a trailing slash for the URLs):
- Authentication Type: OpenID Connect
- Client ID: strongdmoidc, or any other string value you care to use
- Redirect URL:
- Target URL:
- Capture Client ID and Client Secret: Click Save to create the app. Note the Client ID and Client Secret fields. You will need these values in the next step.
- Enter the account details in strongDM: In the strongDM app, go to Settings -> Authentication. Under Single Sign-On, click Unlock, then choose VMWare Workspace One from the drop down menu and add your URL (
https://<yourorg>.workspaceoneaccess.com/SAAS/auth), Client ID, and Client Secret. Do not include a trailing slash for the URL.
- Confirm user access:
- In Workspace One, make sure your users are entitled to the app you created above.
- In SDM, make sure you have created users whose email addresses match those in VMWare exactly.
- For your test user in SDM, assign a Role or direct access to one or more resources.
- Install the "SDM client", and try logging in with a VMWare account.
If your test is successful, you should be ready to roll out SSO to your teams.
If any errors occur or if the integration fails in any way, please contact firstname.lastname@example.org for assistance.