Setting Up Workspace ONE UEM Integration

Configure integration settings to quickly deploy the Mobile Agent app and app configuration to managed mobile devices.

Before starting the integration process, make sure that you have:

  • VMware Workspace ONE UEM console admin credentials

  • Trend Vision One console admin credentials

  1. On the Trend Vision One console, access the configuration screen for Workspace ONE UEM integration.

    • Go to Mobile Security Operations > Mobile Inventory to display the Mobile Security landing page.

      Select I have an MDM solution, select VMware Workspace ONE UEM (AirWatch), and click Next.

    • Go to Workflow and Automation > Third-Party Integration, and click VMware Workspace ONE UEM (AirWatch) in the integration list.

    The configuration screen appears.

    Note:

    To edit your Workspace ONE UEM integration settings, go to Workflow and Automation > Third-Party Integration, and click VMware Workspace ONE UEM (AirWatch) in the integration list.

    Only administrators with the Master Administrator or Operator role can edit the integration settings.

  2. In the Integration Settings section, perform the following actions.
    1. Configure the API authentication settings.

      Field

      Description

      API URL

      Root URL of the integrated Workspace ONE UEM console server.

      To obtain the URL, open the Workspace ONE UEM console and go to Groups & Settings > All Settings > System > Advance > Site URLs.

      API key

      Unique character string used to authenticate the communication between Mobile Security and Workspace ONE UEM.

      Copy and paste the API key generated when you enabled API access on the Workspace ONE UEM console.

      Account

      Account used to authenticate the communication between Mobile Security and Workspace ONE UEM.

      Specify the account you created on the Workspace ONE UEM console when preparing for the integration.

      Password

      Password of the account described above.

      Use the password of the account you created on the Workspace ONE UEM console when preparing for the integration.

      (Optional) After your configuration is complete, click Test Connection to verify the connection between Mobile Security and Workspace ONE UEM.

    2. Select the platform of the mobile devices you are managing through Workspace ONE UEM.

      • iOS/iPadOS

        To manage iOS/iPadOS devices with the Apple Volume Purchase Program (VPP), you must integrate Apple's Managed Distribution system with Workspace ONE UEM before clicking Save. (The path to VPP Managed Distribution screen on the Workspace ONE UEM console is GROUPS & SETTINGS > All Settings > Devices & Users > Apple > VPP Managed Distribution.)

        To verify the integration, make sure your Apple Business/School Manager has purchased the Mobile Security as a Service app. Then, in the UEM console go to RESOURCES > Apps > Native, click Purchased, click SYNC ASSETS, and check that Mobile Security as a Service appears in the app list.

        For more information, see the VMware documentation.

      • Android

        Important:

        To integrate Android devices, you must first register VMware Workspace ONE as your Android EMM provider.

        For more information, see Registering Workspace ONE as Your Android EMM.

  3. In the Other Settings section, select the data sync frequency.
    Note:

    The Sync data every field indicates the number of days between the attempts by Mobile Security to automatically synchronize user and device information from Workspace ONE UEM.

  4. Click Save.

    Mobile Security adds Mobile Agent and platform-specific app configuration keys to Workspace ONE UEM. The following are examples of app configuration keys:

    • Token assigned to the Mobile Agent

    • User's company region

    • Mobile Security's API server address

  5. (Optional) On the Deploy Mobile Agent to Devices window, confirm which groups will have Mobile Agent installed on their devices, and click Deploy Now.
    Note:

    This window appears only when Mobile Security detects that some mobile apps were previously assigned to mobile devices of the groups using Workspace ONE UEM.

    Mobile Security starts to install the Mobile Agent on the specified groups' devices. When the installation is complete, end users need to launch the agent for the devices to auto-enroll with Mobile Security using the configuration keys in app configuration.

    Once enrolled, Mobile Security immediately performs a security scan on the devices without any user interference.

Parent topic: VMware Workspace ONE UEM Integration