In the VMware Identity Manager admin console, configure the built-in identity provider to enable single sign-on authentication for AirWatch users.

AirWatch configured in VMware Identity Manager.

If using AirWatch Cloud Connector for password authentication, the VMware Identity Manager directory set up to sync to the AirWatch directory.

List of the network ranges that you want to direct to the built-in identity provider instance for authentication.


In the Identity & Access Management tab, go to Manage > Identity Providers.


Select the identity provider labeled Built-in and configure the identity provider details.



Identity Provider Name

Enter the name for this built-in identity provider instance.


Select the directory that syncs from AirWatch to use the built-in identity provider.


The existing network ranges configured in the service are listed. Select the network ranges for the users based on their IP addresses that you want to direct to this identity provider instance for authentication.

Authentication Methods

Click the gearbox icon for the authentications method to be configured. Make sure the option is enabled in the AirWatch page.

Enable the authentication methods for AirWatch users. See Configure Authentication to the AirWatch Cloud Connector and Configure Mobile SSO for iOS Authentication in the Built-in Identity Provider


If you are using Built-in Kerberos authentication, download the KDC issuer certificate to use in the AirWatch configuration of the iOS device management profile.


Click Save.