top of page
Search
  • Writer's pictureJK
    • Aug 28, 2023
    • 3 min read

Tutorial: Automating Device Tagging in Workspace ONE UEM Using Postman Collection Runner

Introduction


Workspace ONE UEM by VMware allows for robust device management across a wide range of devices and operating systems. One of the powerful features of Workspace ONE UEM is the capability to assign tags to devices. These tags are more than just labels; they act as identifiers that can be used to manage and control the devices more effectively.


Why Are Tags Useful?

  1. Simplified Management: Tags help in simplifying the complex organizational hierarchies and device categories. They provide an additional layer of metadata that can be quickly searched or filtered.

  2. Dynamic Assignments: Tags can be used to dynamically assign policies, apps, or configurations to a subset of devices without having to manually update device assignments.

  3. Operational Flexibility: Using tags, admins can group devices based on various operational needs like geography, department, or security levels, rather than relying solely on static attributes.

  4. Auditing and Reporting: Tags make it easier to conduct audits or generate reports for specific device groups. This can be incredibly helpful for compliance and operational oversight.

Smart Groups and Tags


Smart Groups in Workspace ONE UEM offer an intelligent way to group devices based on specific criteria. Tags can be used as one of the criteria to create these Smart Groups. For instance, you might have a Smart Group that includes all devices with a specific tag, such as "Sales" or "RemoteEmployees."


Here's how tags can enhance Smart Groups:

  1. Automated Management: By using tags as a criteria in Smart Groups, the administration becomes even more dynamic. As soon as a device is tagged, it can automatically be added to or removed from a Smart Group without any manual intervention.

  2. Policy Customization: Smart Groups often dictate the policies that are applied to devices. By manipulating tags, administrators can indirectly steer the kind of policies that are deployed to specific devices.

  3. Enhanced Security: Smart Groups can also define compliance rules and security protocols. Using tags as a criteria can therefore help enhance the organization’s overall security posture.

By understanding the utility of tags and their connection with Smart Groups, we can appreciate the importance of automating the tagging process for efficiency and better control.


Tutorial Overview


This tutorial aims to guide you through the process of automating device tagging in Workspace ONE UEM via API. It demonstrates how to:

  1. Query a device by its Serial Number.

  2. Dynamically extract the Device ID.

  3. Use that Device ID to apply a tag to the device.

Prerequisites

  1. Postman installed on your computer.

  2. Access to Workspace ONE UEM APIs.

  3. Workspace ONE UEM "environment" set in Postman.

  4. Create a Collection in Postman. * Important that each API call is n the same collection for collection runner to work, I use a folder inside a collection to isolate the calls.

  5. Enrolled Device to test

  6. Tag to test

Steps


Add Your First API Request to Query a Device by Serial Number

  1. Click "Add requests."

  2. Name it something like "Query Device by Serial Number."

  3. Fill in the details for your API call to Workspace ONE UEM to query a device by Serial Number

    1. e.g.,GET https://your.ws1.server/API/mdm/devicessearchby=Serialnumber&id=XXXXXXXXXX

  4. Add Test Script to Parse XML, Extract Device ID, and Set Next Request

    1. Go to the "Tests" tab for this request.

    2. Add the following script to parse the XML response and extract the Device ID.

    3. This parses the data and creates a variable "deviceId" we will use in the second call

    var jsonData = xml2Json(pm.response.text());
    var deviceId = jsonData.Device.Id._;
    console.log("Parsed Device ID: " + deviceId);
    pm.environment.set("deviceId", deviceId);
    postman.setNextRequest("Add Device Tag");

NOTE: The last line "postman.setNextRequest("Add Device Tag");" will be used by collection runner to call the next API call "Add Device Tag"


Add Your Second API Request to Apply a Tag to the Device

  1. Add another request to your collection and name it "Add Device Tag."

    1. Configure the request as POST and fill in the URL (e.g., `https://your.ws1.server/API/mdm/tags/TAGID/adddevices`).

    2. In the "Body" tab, set it up like this:

    {
      "BulkValues": {
        "Value": [
          "{{deviceId}}"
        ]
      }
    }


NOTE: We are using `{{deviceId}}`variable, which will be replaced by the actual device ID set in the previous step.


Use Collection Runner

  1. Right-click your collection (or folder) and choose "Run Collection."

  2. Select your collection and the environment you set up.

  3. Click the "Run" button.

Review Results

Once the collection run is complete, review the Postman Console to ensure that everything worked as expected.

Check the device tags in Workspace ONE UEM.

18 views0 comments

Recent Posts

See All
bottom of page