Workspace ONE UEM comes with a set of REST API to allow manage all the MDM features remotely. For example, you can integrate UEM with your HR system so whenever there is an employee status change, a API can be triggered to get an employee’s device un-enrolled.
API server supports both credential and token based authentication. In the post, I am going to walk you through how you can get a token in no more than 10 minutes. You can actually do this with your iPhone.
To do this, we need to have access to UEM console to create a OAuth client. Once we define an OAuth client, we can use any HTTP post tool app like Curl to get an access token.
Reference: https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/UEM_ConsoleBasics/GUID-BF20C949-5065-4D
On your UEM console, create an OAuth client. You should have the client ID and client secret ready after you completed this configuration.
2. Now you can call one of the regional token servers to retrieve an API token. You can use your preferred HTTP post client. iCurl is used here. You need to create a variable “grant_type” with value “client_credentials”. Basic authentication is used in the call. Use Client ID obtained from UEM console as Username and Client Secret as Password respectively.
Regional API token services are listed out here: https://kb.vmware.com/s/article/76967
We are using https://apac.uemauth.vmwservices.com/connect/token here in our example.
POST your request to https://apac.uemauth.vmwservices.com/connect/token to get a token.
Here are what you need to do with the iCurlHTTP app in an iPhone.
Let’s take a closer look to the POST command. You can see from below we throw a POST request to our regional token server https://apc.uemauth.vmwservices.com/connect/token
Basic authorisation is used and grant_type is set to client_credentials. An access_token is returned.
This the curl command to generate the same POST request
User is “Client ID “ and password is “Client Secret” in the “Authorization Header“
Getting a token using command line curl.
Reference: https://bit.ly/34GLGYG
This is how to get a token for API call.
Comments