How to use Workspace ONE Access APIs
APIs can be very useful when managing your environment and integrating it with other systems. Workspace ONE Access (former Identity Manager) offers a range of APIs that can be used for a number of things, including managing Users and getting reports. You can also use APIs to clear the cache of your on-prem virtual appliances (instead of rebooting them) in disaster recovery scenarios.
Below is an overview on how to connect to Workspace ONE Access APIs and do a simple GET query. More information can be found on the VMware© {code}™ website:
https://code.vmware.com/apis/57I am utilising Postman as an API client (www.postman.com) which has the option of a free account for individual users/developers.
In order to authenticate to the API server we need to obtain the HZN cookie. This is done by logging in to the Workspace ONE Access tenant and then checking the cookie cache of the browser. For this, I am using Chrome:
1. Login to your environment as your tenant administrator (System Domain).
2. Open Developer Tools by pressing F12 or going to Menu > More Tools > Developer Tools.
3. Select the Application tab and expand Cookies.
4. Select your tenant’s URL and locate the HZN cookie and copy its value.
On Postman, create a new request. On the Authorization tab, select No Auth.
On the Headers tab, create a new key called Authorization with the value HZN followed by a space then the cookie value copied from the browser.
Leave all the other tabs as default.
Next to the URL field, select GET as the method and then type the following URL:
https://<your Access tenant URL>/SAAS/jersey/manager/api/scim/UsersCheck the Response field to verify that this API call was successful. In this example, the response should return details on all users in the environment.
Filters can be applied in this case (further details can be found on the VMware documentation). Below is an example of how the URL would look like when retrieving only the “Admin” user:
https://<your Access tenant URL>/SAAS/jersey/manager/api/scim/Users?filter=userName%20eq%20%22admin%22In order to build this URL, I used the following UTF-8 codes:
%20 = Space
%22 = “
—