MDM Integration
You can configure integration with a mobile device management (MDM) platform, such as VMware Workspace ONE. The following table provides descriptions for options that are common to all supported MDM platforms:
Option |
Description |
---|---|
Enable MDM Integration |
Enable MDM integration configuration. |
Vendor |
Select the desired MDM platform. This feature supports the following:
|
Test Connection |
After configuring other fields as the following tables describe, verify that EMS can communicate with the MDM platform. |
For details on deployments using MDM, see:
The following provides descriptions for options that are specific to each MDM platform:
Workspace ONE
Option |
Description |
---|---|
Site URL |
Enter your site URL. Workspace ONE is a software-as-a-service deployment and each enterprise has a unique URL. The URL format is https://<unique identifier>.awmdm.com/api. |
Smart Group Name |
Enter the name of the Workspace ONE assignment group that contains the mobile devices to issue zero trust network access certificates to. |
Authorization Type |
Select Basic Auth, Certificate, or OAuth 2.0 for the authorization between EMS and Workspace ONE. The on-premise version of Workspace ONE does not support OAuth. When using OAuth, ensure that you are using the SaaS version of Workspace ONE. |
API Key |
Available if you selected Basic Auth or Certificate for the authorization type. Enter the API key value from Workspace ONE. |
Username |
Available if you selected Basic Auth for the authorization type. Enter the Workspace ONE username. |
Certificate |
Available if you selected Certificate for the authorization type. Upload the certificate that you exported from Workspace ONE. You must create an admin user with certificate authentication and the Console Administrator role in Workspace ONE, and then export hthe certificate. |
Available if you selected Basic Auth or Certificate for the authorization type. Enter the Workspace ONE password. |
|
Region |
Available if you selected OAuth 2.0 for the authorization type. Select your assigned geographic region. For redundancy, VMware has set up multiple servers to generate OAuth tokens |
Client ID |
Available if you selected OAuth 2.0 for the authorization type. Enter the client ID from the Workspace ONE portal. |
Client Secret |
Available if you selected OAuth 2.0 for the authorization type. Enter the client secret from the Workspace ONE portal. |
Microsoft Intune
Option |
Description |
---|---|
Tenant ID |
Enter the tenant ID from Intune. |
Authorization Type |
Select Client Secret or Certificate for the authorization between EMS and Intune. |
Client ID |
Enter the client ID from Intune. |
Client Secret |
Enter the client secret from Intune. |
Certificate |
Available if you selected Certificate for the authorization type. Upload the certificate from Intune. |
Jamf
Option |
Description |
---|---|
Site URL |
Enter your site URL. |
Username |
Enter the Jamf username. |
Password |
Enter the Jamf password. |
Site Name |
This field is optional. Enter the Jamf site name. |
ManageEngine MDM Plus
Option |
Description |
---|---|
Deployment | Select On-Premise or Cloud depending on your ManageEngine Mobile Device Manager (MDM) Plus deployment. |
Site URL |
Available for on-premise ManageEngine MDM. Enter your site URL. ManageEngine MDM Plus is a software-as-a-service deployment and each enterprise has a unique URL. |
API Key |
Available for on-premise ManageEngine MDM. Enter the API key value from ManageEngine MDM. |
Region |
Available for cloud ManageEngine MDM. Select your assigned geographic region. For redundancy, ManageEngine MDM has set up multiple servers. |
Client ID |
Enter the client ID from ManageEngine MDM. |
Client Secret |
Enter the client secret from ManageEngine MDM. |