VMware workspace one

Integrating VMware workspace one with env0 as a SAML provider

Introduction

This guide will detail the various steps required to integrate VMware workspace one as a SAML provider for your env0 organization. The current implementation is used for authentication only, where you define your users in your workspace one account to enable them access to your env0 organization.

Steps

  1. Login to your workspace one account and go to the Home tab.
  2. Under Services you should see Workspace ONE Access, click on the Manage button.
  1. In the Workspace One Access go to the Catalog tab.
  2. Click on the New button.
  3. Enter under the name textbox - env0
  4. Add a description, icon, and select the category of the app, and click on the Next button.
  5. In the Authentication Type choose SAML 2.0
  6. In the Configuration choose manual.
  7. In the Single Sign-on URL and Recipient URL enter the following: https://login.app.env0.com/login/callback?connection={YOUR_ENV0_ORG_ID}
  8. In the Application ID enter the following: urn:auth0:env0:{YOUR_ENV0_ORG_ID}
  9. Username Format should be Unspecified
  10. Username Value should be ${user.userName}
  11. Click on the Advanced Properties link.
  12. In the Request Signature and the Encryption Certificate enter the data found in this file here.
  13. Under the Custom Attribute Mapping section add the following:

Name

Format

Value

email

Basic

${user.email}

firstName

Basic

${user.firstName}

lastName

Basic

${user.lastName}

name

Basic

${user.firstName} ${user.lastName}

  1. Click on the Next button.
  2. Choose the relevant Access Policy and click on the Next button.
  3. Make sure the summary is correct and click on `Save and Assign”.
  4. Assign the relevant users.
  5. Go back to the Catalog tab.
  6. Click on the Settings tab.
  7. Click on the SAML Metadeta
  8. Download the Signing Certificate
  9. Close the Settings modal, and click on the env0 application you have just created.
  10. Copy the Launch URL and send it to us.
  11. Please send your account manager the Launch URL and the Certificate you have downloaded.

Did this page help you?