Leverage Identity Management To Simplify Your Business

Identity Manager is an Identity as a Service (IDaaS) offering, providing application provisioning, self-service catalog, conditional access controls and Single Sign-On (SSO) for SaaS, web, cloud and native mobile applications.


Identity Management and the Mobile Cloud Era

What Identity Manager Does

Enterprise Single Sign-On

Simplify business mobility with included identity provider (IDP) or integrate with existing on-premises identity providers so you can aggregate SaaS and Native Mobile and Windows 10 apps into a single catalog.

Identity Management with Adaptive Access

Establishes trust between users, devices and the hybrid cloud for a seamless user experience and powerful conditional access controls leveraging AirWatch device enrollment and SSO adaptors.

Self-Service App Store

Build a branded self-service app store so employees can subscribe to applications across devices with automated or manual provisioning.

Enterprise-Grade Hybrid Cloud Infrastructure

Identity Manager leverages the same identity management solution as vCloud Air and the vCloud Suite, used in the most advanced data centers and private clouds.


Identity Manager and AirWatch Cloud Mobile App Delivery


Simplify Business Mobility with One Touch from Any Device

Identity Manager is a service that extends your on-premises directory infrastructure to provide a seamless Single Sign-On (SSO) experience to web, mobile, SaaS, and legacy applications.

Enterprise Single Sign-On

Enable users with single sign on while saving on service desk calls and protecting against data leakage. Aggregate SSO apps into one convenient catalog and launcher across any device type through the included identity provider or token generator or integration with an existing identity provider.

Industry-leading support

Support a wide range of web, virtual desktops, published applications, Windows packaged apps, and native mobile apps, all from one place.

Preintegration with many enterprise apps

VMware works with a range of enterprise SaaS vendors leveraging the SAML standard to provide pre-defined integrations including automated user provisioning.

Empower Employees with a Self-Service App Store

Manage the complete user lifecycle across the hybrid cloud complete with a custom brandable launcher and app store application provisioning, and user analytics to monitor and manage resources.

Self-service app catalog

Employees can simply search and select applications that they want to subscribe to and kick-off automated or manual provisioning as required.

Responsive HTML5 app launcher

Support anydevice through a responsive and skinable web app that includes simple sorting by category and favorites.

User analytics

Easy to use analytics help you understand usage trends, capacity planning and licensing management powered with rich and detailed information.

Custom-brandable web portal

Identity Manager customization tool allows you to transform the self-service app store and launcher with your colors, logos, backgrounds, textures and design elements.

Application provisioning

Once a new application is placed in the app catalog, administrators may auto-provision to users by group, or enable self-subscription. Permit subscription events to kickoff approval workflows through existing partners like Remedy.

Optimize User Experience & Security with AirWatch

Identity Manager leverages the same core identity management solution that may be seen powering VMware vCloud Air and the vCloud Suite in the world’s most advanced datacenters and enterprise-class infrastructure clouds.

Conditional access

Apply conditional access policies by user security group, network, and authentication strength.

Conditional access by device

Distinguish between managed and unmanaged devices to allow broad access to low risk apps and then enforce device management with encryption and wipe controls for apps that contain sensitive data.

Native integrated app launcher

Adding AirWatch EMM integrates subscribed applications into the AirWatch catalog where they can be “installed” directly onto the native springboard as just another application icon, ready for use.

Device analytics

Beyond app usage analytics, device analytics supplied through AirWatch enrolled devices permit IT to understand the intersection of apps and devices to make intelligent decisions about capacity planning and new service development.

Trusted VMware Enterprise-Grade Hybrid Cloud Infrastructure

Identity Manager was designed for the mobile cloud world for AirWatch enrolled devices providing a seamless consumer-grade user experience.

Directory integration and federation

Supports multiple Active Directory domains, multiple forests and different trust configurations offering extreme flexibility for integrating with existing environments.

Hybrid deployment model

Identity Manager is built from a single multi-tenant code base whether deployed on premises, or in the cloud. Cloud-based and on-premises instances of Identity Manager may federate for added flexibility.


VMware Identity Manager is available as part of VMware Workspace ONE Standard, Advanced and Enterprise Editions. It provides secured access to corporate applications across all devices and platforms, and a single sign-on experience to cloud apps, single portal access for employee work applications, and conditional access control to apps based on device, network, and user.



To begin deployment and configuration of VMware Identity Manager, make sure you have the URL, Username, Password, and Activation Code included in your activation email. Your activation code is used to establish communication between your tenant and your connector instance. The VMware Identity Manager Connector virtual appliance OVA will be required for set up (download Connector OVA).

Deploy the Connector OVA and use the Setup wizard to activate your tenant. Once completed, you will use the administration console to configure your Active Directory information and setup your authentication methods.

*VMware vSphere server virtualization platform and vSphere client is required to deploy the OVA file. For more information please see the Installation guide. To know more about vSphere, and how to make a purchase, click here or contact your VMware or AirWatch account manager.



The catalog is the repository for all resources that you can entitle to users. In the catalog tab, you can add web applications from the cloud application catalog, create a new application, group applications into categories, and access information about each resource.

Integrating with LDAP


VMware Identity Manager uses your Active Directory infrastructure for user authentication and management. Using the administration console, configure the information to connect to your Active Directory. You can select users and groups to sync with the VMware Identity Manager directory. This will enable you to provide SSO to all SAML compliant apps creating a seamless end user experience.

The Active Directory connection can use Active Directory over LDAP, or Active Directory Integrated Windows Authentication. Active Directory over LDAP connection supports DNS service location lookup by default. With Active Directory Integrated Windows Authentication, you configure the domain to join.

Identity & Access Management


The Identity & Access Management tab contains the manage and setup screens.

The Manage screen allows you to set up your directory connection to Active Directory and sync users and groups to the directory. You can also configure a third-party identity provider, recover passwords for users, enable/manage authentication methods and set policies.

Use the Setup screen to setup the connector service, apply customer branding, define user attributes, and define network ranges.

Console Management


The VMware Identity Manager administration console provides the management interface for your tenant. You can use the administration console to configure your directory sync to Active Directory, managing users and groups, add resources to the catalog, and set up and manage authentication and access policies. The tasks in the administration console are organized by tabs.

Dashboard - The user engagement dashboard can be used to monitor user and resource usage. This dashboard displays information about who signed in, which applications are being used, and how often they are being used. You can create reports to track users and groups activities and resource usage.