Connect Workspace One to Anzenna
Integrate Anzenna with VMware Workspace One UEM to monitor device management, application deployment, and security compliance across all endpoint types.
Prerequisites
- Workspace One UEM administrator access
- Anzenna account
Ability to create OAuth clients in Workspace One
Overview
The integration provides:
- Multi-platform device inventory
- Application management visibility
- Compliance policy monitoring
- Security posture assessment
- User assignment tracking
Step-by-Step Instructions
Part 1: Access REST API Settings
Log into your Workspace One UEM console
Navigate to Groups & Settings
Select All Settings
Click on System
Select Advanced
Click on API
Select REST API
Part 2: Copy REST API URL
- Copy the REST API URL displayed
Format: https://your-instance.awmdm.com/api
Save this URL - you'll need it later for Anzenna
Click Close to exit the API information dialog
Part 3: Create OAuth Client
From the main navigation, go to Configurations
Scroll down and locate OAuth Client Management
Click OAuth Client Management
Click ADD to create a new OAuth client
Part 4: Configure OAuth Client
Enter client details:
- Name:
Anzenna - Description:
Anzenna Client Credentials
- Name:
Select the appropriate Organization Group
Under Role, select Read Only
Click SAVE to create the OAuth client
Choose the OG that covers all devices you want to monitor. Higher-level OGs provide broader access.
Part 5: Copy Credentials
After creation, a dialog displays the credentials
- Copy the Client ID
- Copy the Client Secret
Save both values immediately. The Client Secret cannot be retrieved later.
Click Close after copying the credentials
Part 6: Connect in Anzenna
Log into Anzenna at
app.anzenna.ai
Navigate to Settings > Integrations
Find the Workspace One integration card
Toggle the switch to enable the integration
Enter the Client ID in the designated field
Paste the Client Secret into the secret field
Enter the REST API URL you copied earlier:
https://your-instance.awmdm.com/api
Click Save to establish the connection
Verify the integration shows as Connected
Verification
Check integration status shows Connected
- Wait 15-30 minutes for initial sync
Navigate to Devices dashboard in Anzenna
Verify Workspace One devices are appearing
Check device details and compliance status
What Data is Collected
Device Inventory
- Windows devices
- macOS devices
- iOS and iPadOS devices
- Android devices
- Chrome OS devices
Device Details
- Serial numbers
- Model information
- OS versions
- Enrollment status
- Last seen timestamps
Compliance Status
- Policy compliance
- Security settings
- Certificate status
- Profile deployment
- Encryption status
Application Data
- Installed applications
- Managed app status
- Application versions
- Assignment status
User Information
- Assigned users
- User groups
- Email addresses
- Department information
Organization Groups
Workspace One uses Organization Groups (OGs) for hierarchy:
Parent OGs - Inherit settings to child OGs
Child OGs - Specific departments or locations
Access scope - OAuth client access determined by assigned OG
Choose the appropriate OG level based on monitoring scope needed.
Troubleshooting
Connection Fails
- Verify Client ID and Secret are correct
Check REST API URL format (include
/api)- Ensure OAuth client is active
- Confirm Read Only role is assigned
No Devices Appearing
- Wait 30 minutes for initial sync
Verify OAuth client OG covers target devices
- Check devices are enrolled and online
- Ensure Read Only role has device access
- Review Workspace One audit logs
API URL Errors
Verify URL includes
/apipath- Check no extra characters or spaces
- Ensure HTTPS protocol
- Confirm URL matches your tenant
- Test URL accessibility
Permission Errors
- Verify Read Only role is assigned
- Check OG assignment is correct
- Ensure no conflicting roles
Review API access settings in Workspace One
Security Considerations
OAuth 2.0 - Industry-standard authentication
Read-only access - Cannot modify configurations
Client credentials - Secure credential storage
Organization scope - Limited to assigned OG
Audit logging - All API access logged
Best Practices
Choose appropriate OG — Balance scope vs. security
Document credentials — Store in password manager
Test in sandbox — Verify before production
Monitor initially — Check for errors in first week
Regular reviews — Audit quarterly
Update documentation — Record OG and access scope
Credential rotation — Plan annual updates
Integration Maintenance
Regular Checks
Perform monthly:
- Verify connection status
- Check data sync freshness
- Review sync timestamps
- Test sample device queries
Credential Management
Best practices:
- Store in secure vault
- Document OG assignment
- Set calendar reminders for reviews
- Have backup access plan
OAuth Client Updates
- Edit client in Workspace One
- Update credentials if regenerated
- Test connection thoroughly
- Update documentation
Organization Group Changes
- Review OAuth client OG assignment
- Verify access scope is still appropriate
- Test device visibility
- Update documentation
Workspace One Editions
The integration works with:
Workspace One UEM - Full endpoint management
Workspace One Intelligence - Enhanced analytics (provides additional insights)
Workspace One Access - Identity integration
All editions support REST API and OAuth clients.
API Rate Limits
Workspace One enforces API rate limits:
- Limits vary by edition and tenant
- Anzenna automatically handles throttling
- Monitor usage in Workspace One console
Contact VMware if limits are consistently reached
Related Resources
Need help? Contact
Anzenna Support
for assistance.