Workspace ONE Access Sandbox Walkthrough

Updated on

In this quick walkthrough, we’re going to review how to access your own instance of Workspace ONE Access from TestDrive. In your Workspace ONE Access tenant, you will be able to make your own configurations and perform end to end testing.

Before you Begin

In order to complete this demo please make sure you have the following:

  • A valid account in the VMware TestDrive environment, sign up here if you don't
Background Info - Workspace ONE Access Overview

The Workspace ONE platform is comprised of Workspace ONE Access (previously known as VMware Identity Manager - vIDM) and Workspace ONE UEM (previously known as VMware AirWatch).

Workspace ONE Access is identity management for the mobile cloud era that delivers on consumer-simple expectations like one-touch access to nearly any app, from any device. Empower employees to get productive quickly with a self-service app store while giving IT a central place to manage user provisioning and access policy with enterprise-class directory integration, identity federation and user analytics. A few of the key features of Workspace ONE Access include:

  • Self-Service Unified App Catalog - Now, employees can access all their applications regardless of type in one central app catalog across all their devices. This aggregates entitlements to applications, regardless of where those entitlements are managed and allows for provisioning to be user activated or automatic. The app catalog includes applications brokered through Workspace ONE UEM from the Google, Microsoft or Apple app stores, remotely hosted Windows apps entitled through Horizon or Horizon Air, remote Citrix apps, internal web apps, packaged Windows apps and more.
  • Enterprise Single Sign On - Enable your employees to launch directly into the apps they need without requiring multiple sets of credentials or needing to continuously authenticate. Through Workspace ONE Access and Workspace ONE UEM a seamless Single Sign-On (SSO) experience can be achieved for web, mobile, SaaS, and legacy applications.
  • Conditional Access Policies - Apply conditional access policies, denying or allowing access to individual apps, by user security group, network, and authentication strength.
  • A Workspace ONE Access sandbox is your own, personal tenant. 
  • Your tenant will get deleted when your TestDrive account expires.
  • The tenant is not convertible to production.
  • The ability to simply reset a tenant is not currently available. 
Section 1: Accessing the Workspace ONE Access Sandbox via TestDrive

To get started navigate to the TestDrive Portal.  Log in with your TestDrive username and password.

Once you're logged in, scroll down to the Workspace ONE Access in the Sandbox Experience section. Enable it.  

By clicking the down arrow on the left side of the Workspace ONE Access tile, you can view your login credentials.

Click the Launch button. A new tab will open for the Workspace ONE user portal for your personal Workspace ONE Access instance. Log in using your Admin credentials from the previous step.

After logging in you'll see the catalog page which an end user would see. Note that the Catalog is empty, as no apps have been configured in your personal tenant yet. Let's navigate to the admin piece, so choose the dropdown next your your account in the top right.

Select "Administration Console".

Section 2: Admin Portal Feature Walkthrough

Now you're logged into the Workspace ONE Access Administrative Console. First, you'll land on the dashboard which provides analytics for your Workspace ONE Access deployment including top applications and login statistics.

Choose the "Catalog" tab at the top. Here you would see all apps that have been added to the Workspace ONE Access instance (Native mobile apps will not appear as those are added in the Workspace ONE UEM Admin Console). You can tag your apps so they appear in specific categories within the Workspace ONE catalog. Also, you can add an app by clicking "New" at the top left.

Click the "New" button. You can search for an application by name in the search bar. For this walkthrough, let's click the "or browse from catalog" link.

Next the cloud app catalog will load and you can choose any app your organization uses from the list. 

Here we can modify how the app will appear in the Workspace ONE catalog to end users as well as define user entitlements, conditional access policies and your organization's tenant information for the app.

Next, lets take a deeper look at the policies which can be applied by app. Navigate to "Identity & Access Management" at the top and choose "Policies" from the grey bar. Here you'll see the default access policy. Choose "default_access_policy_set".

The details page for this policy will display. If this policy had been configured, you would see which apps this policy applies to as well as the primary and failover authentication methods for each device type.

Now let's see how to integrate Workspace ONE Access with Workspace ONE UEM (formerly VMware AirWatch). From the Administration Console, open the Identity and Access Management tab and click the Setup button at the top right.

Click AirWatch at the right end of the menu bar. Now you can configure the settings for this integration.

For more information on integrating Workspace ONE UEM with Workspace ONE Access, please reference https://docs.vmware.com/en/VMware-Workspace-ONE-Access/index.html

Section 3: Resetting Tenant Admin Password

If you need to reset your Workspace ONE Access Sandbox password at any point, you can do so by either of two methods. First, if a user resets their TestDrive AD password, the Workspace ONE Access tenant password will change too. Second, you can go to Settings within the Workspace ONE Access User Portal and change it directly.

Note: If you change your password using the Workspace ONE Access User Portal, please document your new password as it will not update on the TestDrive portal under "Admin Credentials" in the Workspace ONE Access tile.

For the first method, resetting your TestDrive password, start by navigating to the TestDrive portal. Open the dropdown menu in the top right and select 'Change Password'.

For the second method, navigate to the Workspace ONE Access User Portal and open the Tenant Admin dropdown and click Settings.

From the Account section, you can click the "Change" link next to Password to initiate the process.

For more information on the features of Workspace ONE Access, refer to the full product documentation hosted at https://docs.vmware.com/en/VMware-Workspace-ONE-Access/index.html

For Additional Support
Previous Article Android - Corporate-Owned Device Management
Next Article Android BYO Device Management