Skip to main content
Sign in

Creating an extended integration for VMware Workspace ONE assets

Caroline Maguire
  • September 08, 2022 11:49
  • Updated

Let Oomnitza be your single source of truth!

You'll get complete visibility of your assets as data from Workspace ONE is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and Workspace ONE in minutes

  • Configurable dashboards and list views of key asset information
  • Configurable reports to share information about your assets with your colleagues and management
  • Configurable workflows that you can easily create to automate tasks such as :
    • activating, updating, deleting, and installing applications on devices in Workspace ONE.
    • assigning and removing Smart Groups to applications on devices in Workspace ONE.

Navigation

small_blue_link.svgSetting your Workspace ONE Subdomain as a global variable

small_blue_link.svgAdd credentials to the vault in Oomnitza

small_blue_link.svgIntegrate Workspace ONE with Oomnitza

small_blue_link.svgCreating custom mappings

small_blue_link.svg Creating a workflow

Activate Internal Application
Activate Public Application
Assign Smart Group to Internal Application 
Assign Smart Group to Public Application
Deactivate Internal Application
Deactivate Public Application
Delete Internal Application
Delete Public Application
Install Internal Application on Device
Install Public Application on Device
Install Purchased Application on Device
Internal Application Save
Remove Smart Group from Internal Application
Remove Smart Group from Public Application
Retire Internal Application
Uninstall Internal Application from Device
Uninstall Public Application from Device
Uninstall Purchased Application from Device
Unretire Internal Application 
Update Internal Application
Update Removal Logs 

Before you start

Best practice
For the integration with Oomnitza, create a dedicated user account.

You will need the following information to create the Workspace ONE integration with Oomnitza:

Workspace ONE OAuth credentials

Workspace ONE uses OAuth2.0 for authentication and requires a Client ID and Client Secret from Workspace ONE to activate in Oomnitza. You should note the following when working with Workspace ONE OAuth2.0:

  • When setting up a new client, ensure that you follow the steps in Add OAuth 2.0 Service Client Tokens in Workspace ONE AccessSupply the following redirect URL: 
    https://generic-oauth2-proxy.oomnitza.com/oauth2/redirect_url 
  • By default, OAuth access tokens remain valid for 3600 seconds (1 hour). Refer to the VMWare documentation for more information.
  • As an organization owner, you can regenerate the app secret of an OAuth app in your organization. This is useful if the organization owner who created the OAuth app is no longer with your corporation and you want to continue running the app. Refer to the VMWare documentation for more information.
  •  Only organization owners, or organization members with the Developer role, can create and manage OAuth devices. Refer to the VMWare documentation for more information. 

Workspace ONE URL

In addition to the Client ID and Client Secret, you will also need to supply your Workspace ONE URL, for example:https://cn123.awmdm.com, when creating the integration in Oomnitza.

Workspace ONE API Region

Refer to the below table when adding your Workspace ONE region to Oomnitza.

Region Workspace ONE UEM SaaS Data Center Location API Region
Ohio (United States) All UAT environment uat
Virginia (United States) United States na
Virginia (United States) Canada na
Frankfurt (Germany) United Kingdom emea
Frankfurt (Germany) Germany emea
Tokyo (Japan) India apac
Tokyo (Japan) Japan apac
Tokyo (Japan) Singapore apac
Tokyo (Japan) Australia apac
Tokyo (Japan) Hong Kong apac

Setting your Workspace ONE Subdomain as a global variable

To save time when you create workflows, set your subdomain as a global variable:

  1. Click Configuration > General > Global Settings.
  2. Click Add new variable (+).
  3. Add the WorkspaceONEUEM.Subdomain variable and its value. The value is the name of your Workspace ONE subdomain. If your Workspace ONE URL is https://mycompany.awmdm.comyour subdomain would be: mycompany.
  4. Save your changes.

Add credentials to the vault in Oomnitza

To authorize connections between Oomnitza and Workspace ONE, complete these steps:

  1. In Oomnitza, click Configuration > Security > Credentials.
  2. Click Add new credential (+).
  3. Search for the integration, and then click the forward button > to select the integration.
  4. Enter your client credentials and any other additional information.
  5. Click Authenticate. You are prompted to log in to authorize your request.
  6. Click CREATE.

Information
If the integration is not listed, click Advanced Mode, and add your credentials.

  1. Add the information details.
  2. Ensure that OAuth 2.0 is selected as the Authorization type.
  3. Ensure that VMware Workspace ONE is selected from the SaaS list.
  4. Enter the Client ID and Client Secret obtained above. 
  5. Enter the API Region
  6. Save your changes.

You use the credentials that you added to create and customize your Workspace ONE integration with Oomnitza.

Integrate Workspace ONE with Oomnitza

  1. In Oomnitza, click Configuration> Integrations> Overview.
  2. Click Integrations List View.
  3. Scroll down to the Extended section for asset integrations.
  4. Click NEW INTEGRATION.
  5. Select the integration in the sidebar.
  6. Click ADD.

Integration Overview

More information is provided about the following fields to help you complete the integration:

  • Integration preferences:  By default,  Create and Update are selected. To ensure that only live user records are synced with Oomnitza, select Update Only. When you run the integration, you can check the error logs to see the records that weren't uploaded and why they weren't uploaded. Then, you can decide whether to upload the user records that were skipped by changing your integration preference back to Create and Update.

Integration details

To review or update the integrations details, click the pencil:

  1. Update the integration name if necessary. 
  2. For installation type, ensure that Cloud is selected.
  3. For integration preferences, select an option.
  4. Enter the name of the integration user.

Credential details

Choose one of the following options:

  • Select the credentials that were created for the integration.
  • Edit the credentials that were created for the integration.
  • Create new credentials

Schedule

By default, user data is streamed to Oomnitza once every day.

You can configure the schedule to meet your needs such as changing the interval or changing the time so that the data is streamed when your system isn't busy.

  1. Click the pencil.
  2. Configure your schedule.
  3. Click Update.

Mappings

To map the fields to Oomnitza, click the pencil.

Creating custom mappings

Map the Workspace ONE fields to Oomnitza fields and create custom mappings to get the user information that you need.

Complete these actions:

  1. Create custom mappings to map any other field that you want to add to Oomnitza:
    1. Click the down arrow on the field that you want to map.
    2. Select Add new Oomnitza assets field.
    3. Change the name of the field.
    4. Click CREATE
  2. Assign a sync key.
  3. Click NEXT

Custom mappings

AC Line Status
Asset Number
Compliance Status
Compromised Status
Device Current Mobile Country Code
Device Friendly Name
Device SIM Mobile Country Code
Enrollment Status
ID
IMEI
Is Supervised
Last Compliance Check On
Last Compromised Check On
Last Enrolled On
Last Seen
Location Group ID
Location Group Name
Mac Address
Model
Model ID
Operating System
Ownership
Phone Number
Platform
Platform ID
Platform Name
Serial Number
UDID
User Email Address
User ID
User Name
Virtual Memory

Did you know? 
You can define rules for your integration by selecting Edit integration at the top of the screen. For example, you may only want to run the integration if a certain contact or region exists. See Filtering integration results.  

You can add new fields to your integration by selecting the + (Add) option. All you need to do is specify the field name and then enter the JSON path, for example {{response.email}}. See Creating custom API fields. 

Launching the integration

Your integration is in Draft mode until all the required mandatory fields are added. Once you have added all of the required fields, we recommend that you complete the following steps

  1. Select Launch to activate your integration.
  2. Change your Integration preferences to Update only so that no records are imported and do a Test Run.
  3. Click Sync Sessions and review the status of the integration. If you encounter any errors, see troubleshooting integrations.
  4. When the test run has been completed, change your Integration preferences and click Run Now.

Getting your results
To view the information that is collected about your assets, click Assets. To view the information about software, click an asset and then click the Software tab. To view the information that is collected about your users, click People

Related Links

Creating a workflow

Creating asset workflows with the API block

To reduce your workload and automate complex and repetitive tasks, you can create workflows with the API block by following the steps in Creating asset workflows with the API block. When creating the asset workflows with the API block for Workspace ONE, the following specific configuration is required:

To locate the available presets, enter VMware Workspace ONE in the Select Preset search field. Select your preset of choice and for every preset enter the following information in the Configure section:

  1. Your correct Workspace ONE Credentials that you created in Add credentials to the vault in Oomnitza.
  2. Your Subdomain should be derived from the variable created in Setting your Workspace ONE Subdomain as a global variable or entered manually. 

For information on the specific requirements for each preset, click one of the links below:

Activate Internal Application
Activate Public Application
Assign Smart Group to Internal Application 
Assign Smart Group to Public Application
Deactivate Internal Application
Deactivate Public Application
Delete Internal Application
Delete Public Application
Install Internal Application on Device
Install Public Application on Device
Install Purchased Application on Device
Internal Application Save
Remove Smart Group from Internal Application
Remove Smart Group from Public Application
Retire Internal Application
Uninstall Internal Application from Device
Uninstall Public Application from Device
Uninstall Purchased Application from Device
Unretire Internal Application 
Update Internal Application
Update Removal Logs 

For further information on creating workflows in Oomnitza see:

small_blue_link.svg Understanding workflows

small_blue_link.svg Workflow block overview

Using the VMware Workspace ONE UEM Activate Internal Application preset

The VMware Workspace ONE UEM Activate Internal Application preset enables administrators to activate an internal mobile application in Workspace ONE. If the application is already active, the workflow will proceed down the negative/exit path. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the internal application to be activated.

Using the VMware Workspace ONE UEM Activate Public Application preset

The VMware Workspace ONE UEM Activate Public Application preset enables administrators to activate a public mobile application in Workspace ONE. If the application is already active, the workflow will proceed down the negative/exit path. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the public application to be activated.

Using the VMware Workspace ONE UEM Assign Smart Group to Internal Application preset

The VMware Workspace ONE UEM Assign Smart Group to Internal Application preset enables administrators to assign a Smart Group to an internal mobile application in Workspace ONE. Devices that belong to the designated Smart Group are automatically provisioned over-the-air with the specified application. When constructing a workflow that uses this preset, the following information is required:

  • App ID. The unique internal application identifier.
  • Smart Group ID. Smart group id to be assigned to the application.

Using the VMware Workspace ONE UEM Assign Smart Group to Public Application preset

The VMware Workspace ONE UEM Assign Smart Group to Public Application preset enables administrators to assign a Smart Group to a public mobile application in Workspace ONE. Devices that belong to the designated Smart Group are automatically provisioned over-the-air with the specified application. When constructing a workflow that uses this preset, the following information is required:

  • App ID. The unique internal application identifier.
  • Smart Group ID. Smart group id to be assigned to the application.

Using the VMware Workspace ONE UEM Deactivate Internal Application preset

The VMware Workspace ONE UEM Deactivate Internal Application preset enables administrators to deactivate an internal mobile application in Workspace ONE. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the internal application to be deactivated.

Using the VMware Workspace ONE UEM Deactivate Public Application preset

The VMware Workspace ONE UEM Deactivate Public Application preset enables administrators to deactivate a public mobile application in Workspace ONE. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the public application to be deactivated.

Using the VMware Workspace ONE UEM Delete Internal Application preset

The VMware Workspace ONE UEM Delete Internal Application preset enables administrators to delete an internal mobile application from Workspace ONE. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the internal application to be deleted.

Using the VMware Workspace ONE UEM Delete Public Application preset

The VMware Workspace ONE UEM Delete Public Application preset enables administrators to delete a public mobile application from Workspace ONE. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the public application to be deleted.

Using the VMware Workspace ONE UEM Install Internal Application on Device preset

The VMware Workspace ONE UEM Install Internal Application preset enables administrators to install an internal mobile application on a device in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Serial Number must be specified to indicate the device and application to be installed.

By default, the Serial Number is used to identify the device. To use a different identifier for the device:

  1. In the API block window, click the Advanced Mode button located in the upper right of the window.
  2. Select the Body tab. Update the Serial Number to any of the following device identifiers in the request body: Device Id, UDID, Mac Address.

Using the VMware Workspace ONE UEM Install Public Application on Device preset

The VMware Workspace ONE UEM Install Public Application on Device preset enables administrators to install a public mobile application on a device in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Serial Number must be specified to indicate the device and application to be installed.

By default, the Serial Number is used to identify the device. To use a different identifier for the device:

  1. In the API block window, click the Advanced Mode button located in the upper right of the window.
  2. Select the Body tab. Update the Serial Number to any of the following device identifiers in the request body: Device Id, UDID, Mac Address.

Using the VMware Workspace ONE UEM Install Purchased Application on Device preset

The VMware Workspace ONE UEM Install Purchased Application on Device preset enables administrators to install a purchased mobile application on a device in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Serial Number must be specified to indicate the device and application to be installed.

By default, the Serial Number is used to identify the device. To use a different identifier for the device:

  1. In the API block window, click the Advanced Mode button located in the upper right of the window.
  2. Select the Body tab. Update the Serial Number to any of the following device identifiers in the request body: Device Id, UDID, Mac Address.

Using the VMware Workspace ONE UEM Internal Application Save preset

The VMware Workspace ONE UEM Internal Application Save preset enables administrators to save a new internal mobile application in Workspace ONE. Once saved, an application can be associated to a device by assigning the application to a Smart Group. The following details are required when saving the new application:

  • Blob Id. Prior to this API call, you should have obtained a Blob Id as a result of POSTing a binary file to /api/mam/blobs/uploadblob. 
  • App Name. The desired application name.
  • Developer Email. The email address of the developer.
  • App Version. The version of the application.
  • File Name. The name of the binary file (including extension) posted to /api/mam/blobs/uploadblob. 

Using the VMware Workspace ONE UEM Remove Smart Group from Internal Application preset

The VMware Workspace ONE UEM Remove Smart Group from Internal Application preset enables administrators to remove a Smart Group from an internal mobile application in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Smart Group ID must be specified to indicate which items are to be disassociated.

Using the VMware Workspace ONE UEM Remove Smart Group from Public Application preset

The VMware Workspace ONE UEM Remove Smart Group from Public Application preset enables administrators to remove a Smart Group from a public mobile application in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Smart Group ID must be specified to indicate which items are to be disassociated.

Using the VMware Workspace ONE UEM Retire Internal Application preset

The VMware Workspace ONE UEM Retire Internal Application preset enables administrators to retire an internal mobile application within Workspace ONE. If the application is already retired, the workflow will proceed down the negative/exit path. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the internal application to be retired.

Using the VMware Workspace ONE UEM Uninstall Internal Application from Device preset

The VMware Workspace ONE UEM Uninstall Internal Application from Device preset enables administrators to uninstall an internal mobile application from a device in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Serial Number must be specified to indicate the device and application to be uninstalled.

By default, the Serial Number is used to identify the device. To use a different identifier for the device:

  1. In the API block window, click the Advanced Mode button located in the upper right of the window.
  2. Select the Body tab. Update the Serial Number to any of the following device identifiers in the request body: Device Id, UDID, Mac Address.

Using the VMware Workspace ONE UEM Uninstall Public Application from Device preset

The  VMware Workspace ONE UEM Uninstall Public Application from Device preset preset enables administrators to uninstall a public mobile application from a device in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Serial Number must be specified to indicate the device and application to be uninstalled.

By default, the Serial Number is used to identify the device. To use a different identifier for the device:

  1. In the API block window, click the Advanced Mode button located in the upper right of the window.
  2. Select the Body tab. Update the Serial Number to any of the following device identifiers in the request body: Device Id, UDID, Mac Address.

Using the VMware Workspace ONE UEM Uninstall Purchased Application from Device preset

The VMware Workspace ONE UEM Uninstall Purchased Application from Device preset enables administrators to uninstall a purchased mobile application from a device in Workspace ONE. When constructing a workflow that uses this preset, an Application ID and Serial Number must be specified to indicate the device and application to be uninstalled.

By default, the Serial Number is used to identify the device. To use a different identifier for the device:

  1. In the API block window, click the Advanced Mode button located in the upper right of the window.
  2. Select the Body tab. Update the Serial Number to any of the following device identifiers in the request body: Device Id, UDID, Mac Address.

Using the VMware Workspace ONE UEM Unretire Internal Application preset

The VMware Workspace ONE UEM Unretire Internal Application preset enables administrators to unretire an internal mobile application within Workspace ONE. If the application is already unretired, the workflow will proceed down the negative/exit path. When constructing a workflow that uses this preset, an Application ID must be specified to indicate the internal application to be unretired.

Using the VMware Workspace ONE UEM Update Internal Application preset

The VMware Workspace ONE UEM Update Internal Application preset enables administrators to update an internal mobile application's details within Workspace ONE. The following details are required when updating the application:

  • App ID. The unique internal application identifier to be updated.
  • App Rank. The application rank.
  • App Name. The desired application name.
  • Auto Update Version. Defines if the application can be updated automatically. Boolean/False.
  • Build Number. The build version of the file.
  • Major Version. The major version of the file.
  • Minor Version. The minor version of the file.
  • Developer Email. The email address of the developer.
  • Developer Phone. The phone number of the developer.
  • Enable Provisioning. The provisioning status. Supported value is Boolean/False.
  • Patch Type. The type of the uploaded patch. 
  • Push Mode. The deployment mode for the applications. The values are 'auto' and 'ondemand’.
  • Support Email. User defined email address of support.
  • Support Phone. User defined phone number of support.

Using the VMware Workspace ONE UEM Update Removal Logs preset

The VMware Workspace ONE UEM Update Removal Logs preset enables administrators to update the removal logs in Workspace ONE. The following details are required when updating the logs:

  • Threshold Id. The identifier for the log record.
  • New Threshold Status. The action taken or to be taken by the administrator on the
    held commands. The values can be:
    • Held for admin approval
    • Commands released to devices
    • Commands dismissed from the queue.
  • Organization Group ID. The unique identifier of the Organization Group.

tipicon.pngTip:
While not directly related to Workspace ONE APIs, the VMware AirWatch REST API Guide is a useful guide to refer to for additional information on the above presets.

Unleash the power of Oomnitza

To get valuable actionable insights that help you manage your assets, learn how to:

  • Configure dashboards for your users and software
  • Configure custom reports about your users and software
  • Create workflows to automate tasks

See small_blue_link.svg Getting started for more information.

 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk