Appendix B - VMware Workspace ONE UEM API Permissions
This Appendix lists the API permissions required to integrate VMware Workspace ONE UEM
Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point. with Harmony Mobile.
|
Permissions Name |
Permission Type |
Description |
Usage |
|---|---|---|---|
|
REST API Apps Read |
Read |
Enables access to all READ only APIs in Apps collection |
App sync. Used to run an inventory of the mobile apps installed on the devices for malware and risky app detection. |
|
REST API Devices Write |
Edit |
Enables access to all write/update APIs in Devices collection |
App and device sync. Used to trigger the upload of installed apps list (to the UEM) and update the device tag. |
|
REST API Devices Read |
Read |
Enables access to all READ only APIs in Devices collection |
Device sync and device addition. Used to read the list of devices and import them to Harmony Mobile. |
|
REST API Apps For Device Read |
Read |
REST API to get a list of apps eligible for a device |
App sync. Used to read the inventory of the installed apps on the device from the UEM. |
|
REST API Smart Groups Read |
Read |
Enables access to all READ only APIs in Smart Groups collection |
Device sync. Used to read all the device (Smart) groups defined in the UEM. |
|
REST API User Groups Read |
Read |
Enables access to all READ only APIs in User Groups |
Device sync |
|
REST API Groups Read |
Read |
Enables access to all READ only APIs in Organization Group collection |
Device sync. Used to read all the device groups defined in the UEM. |
|
REST API User Groups Execute |
Edit |
Enables access to all execute APIs in User Groups |
Device sync |
|
Device Bulk Management assign Tags |
Edit |
Allows the user to assign tags to device(s) |
Add a device to tag or remove a device from tag. Used for bulk operations to add and remove devices to and from tag. |
|
View Tag |
Read |
Grants permission to view tag management |
Get all organization group tags. Used to retrieve the list of tags in the organization and create own tags, if required. |
|
Tag Management View |
Read |
Grants permission to view a tag |
Get all organization group tags. Used to retrieve the list of tags in the organization and create own tags, if required. |
|
Create Tag |
Edit |
Grants permission to create a new tag |
Get or create tag. Used to create the new Harmony Mobile necessary tags. |
|
Delete Tag |
Edit |
Grants permission to delete a tag |
Remove all tags. Used to remove Harmony Mobile tags which are no more needed in the UEM from time to time. |
|
Edit Tag |
Edit |
Grants permission to edit a tag |
Edit tag. For future use. |