How to completely reset Workspace ONE UEM and Workspace ONE Access Integration
How to completely reset Workspace ONE UEM and Workspace ONE Access integration
In some cases, it could be the Workspace ONE UEM and Access integration is not working anymore. In the Workspace ONE UEM Admin Console there is a DELETE button to delete the configuration and start over again, but in Workspace ONE Access, there is no possibility to delete the configuration, and we must find a way with 3rd party tooling, such as POSTMAN, to delete the configuration.
Before we continue, note to the following DISCLAIMER:
- Only test and verify the mentioned steps in a TEST environment.
- For PRODUCTION environments, always consult and follow instructions from VMware
Workspace ONE UEM:
In Workspace ONE UEM, delete the WS1 Access configuration. Go to the Systems menu, Enterprise Integration, Workspace ONE Access Configuration. Click DELETE.
Workspace ONE Access:
There is no delete button in Workspace ONE Access. We will do this with POSTMAN. Before we can use postman, we are required to configure OAuth settings. If you are using new navigation GUI In WS1 Access, then go to Settings and Oath 2.0 Management and Add Client
Add Client
Fill in the following client configuration details:
- Access type = Service Client Token
- Client ID= Postman-API
- Write down “Client ID” value, you’ll need it later!
Click on Save
Copy Shared Secret in the next step, if you don’t do it then later you won’t be able to copy and redo these steps.
Copy the Shared Secret and save it to a text file, you’ll need it later.
Leave other configuration settings as it is.
Download & install POSTMAN: https://www.postman.com/downloads/
After successful postman installation, either sign in, create an account or skip to the app
In Postman, Create a request
Use Post
URL = {{VIDMhost}}/SAAS/auth/oauthtoken?grant_type=client_credentials
Click the tab Authorization
Type = Basic Auth
Username = Postman-API (Make sure to type it exactly as you’ve created in the previous step)
Password = Paste the Shared Secret from the previous step.
Send and you should have a result with access token
Copy the Access Token, make sure you copy only text without the double quotes
Click the “+” sign
Select DELETE from the request types drop-down menu.
URL = {{VIDMhost}}/SAAS/jersey/manager/api/tenants/tenant/airwatchoptin/config
Click the tab Authorization
Type = Bearer Token
Token = Access Token (copy from previous step)
Click SEND.
you should see the following output if “DELETE” request was executed successfully
Confirm that the UEM configuration in WS1 Access Admin Portal is now gone!
Joined VMware in July 2015 as a consultant and worked in different BU over 7 years. Having experience in the IT industry of over 10 years with a Master's degree in IT.
Jeroen
Hi, great article! I performed this and could (re)connect UEM and ACCESS but im having trouble with Hub enrollments. The Hub on Android, Windows etc will still display an UEM authentication user/password screen after settings Source of auth. Intelligent Hub to WS1 ACCESS. I noticed a line in the enrollment log from Windows which states: ‘vidm server url not configured, continuing with uem authentication’. Uhmm what? How does UEM not know the ACCESS url since i have connected it via filling in that URL? Any idea whats wrong here?
Muhammad Adnan Asim
Hi Jeroen, Thanks for the feedback. It’s not easy to pinpoint the issue you are facing. There are a few things you could double-check, if still facing the same issue then I would suggest contacting support to get the issue fixed.
– Please make sure the WS1 Access URL (if On-Prem) is public-facing
– check that configuration you have done for Workspace ONE Access is at the customer OG level in UEM
– Double-check that UEM integration settings in WS1 Access are matching and correct