login to workspace one admin portal

click catalog and select application catalog

click on + Add application and select create a new one

Provide Application name , description , browse for selecting icon select Authentication profile as SAML 2.0 POST profile

click Next

provide Relay State (this is optional your application team will ask if they need it )

Provide Login Redirection URL (this is optional as well .depends on application team)

check Sign Assertion (again this is optional from application team)

next step is to update metadata there are 3 ways to update metadata

1) Application team may provide you a metadata URL

2) Application team may provide you a text file with metadata in it

3) Application team may provide you manual data to update

Update Metadata As per the requirement and way application team wants you to do (for example i am using a direct URL)

https://appserver.domain.com/metadata

once you click save workspace on will fetch all needed information from metadata URL.

next you have to update metadata that Application team will request

you have to map the Attributes from AD to the attributes that application understand

click here to learn more about AD attributes

next we have to entitle users or groups which will be having access to this application

click Add Group Entitlement search for the group you are looking for (can be a AD group or Workspace one local group)

once you see your group click to add it

Entitlement type either as Automatic or user activated click here to know more about entitlement type

hit Save to add entitlement . follow same steps to add individual users as well .

click Done to finish configuration

User should be able to see the application under launcher tab when he logs into workspace one portal

this is how you configure a web app using SAML 2.0 on workspace one portal