Vmware Workspace One Uem Integration With Servicenow

Summary

VMware Workspace One UEM
Integration with ServiceNow
VMware Workspace ONE
VMware Workspace One UEM Integration with ServiceNow
You can find the most up-to-date technical documentation on the VMware website at:
https://docs.vmware.com/
VMware, Inc

3401 Hillview Ave

Palo Alto, CA 94304
www.vmware.com
©
Copyright 2022 VMware, Inc. All rights reserved. Copyright and trademark information

VMware, Inc. 2
Contents
1 VMware Workspace ONE UEM ServiceNow Integrations 4
Integration with ServiceNow CMDB 5
Integration with the ITSM Connector for ServiceNow 6
Using the Workspace ONE ITSM Connector for ServiceNow 12
VMware, Inc. 3
VMware Workspace ONE UEM
ServiceNow Integrations 1
With the Workspace ONE UEM integrations with ServiceNow, you can resolve issues quicker and
make data-driven decisions based on a wide range of data sets. This topic describes integrating
Workspace ONE UEM ServiceNow CMDB and the ITSM Connector for ServiceNow to improve
efficiency for helpdesk and support organizations

Integration with ServiceNow CMDB
ServiceNow CMDB (Configuration Management Database) gives visibility into users’ devices and
apps for specific incidents. This visibility gives helpdesk administrators a better understanding
of the incident and speeds remediation. With ServiceNow CMDB, you can store contextual
information relevant to your users or assets

Using the ServiceNow Service Graph connector for Workspace ONE UEM, you can populate
the device and the application data into the ServiceNow CMDB enabling asset tracking and IT
Operations Management (ITOM) Visibility. Imported device details in ServiceNow CMDB include
important hardware information, user details, and management status. Application details include
application name and identifiers, installation statuses, and more

Use this data within ServiceNow to find device and app details. Helpdesk users include the details
for managing tickets and reconciling deployed assets and warranty statuses with procurement

Integration with the ITSM Connector for ServiceNow
Helpdesk and support organizations face challenges with managing and using multiple tools
efficiently. The Workspace ONE UEM ITSM (IT Service Management) connector for ServiceNow
helps teams manage these tools

Before an integration, a support ticket is raised within ServiceNow when encountering an issue
ion a device or by an employee. The helpdesk or the support administrator reviews the issue
within ServiceNow. Then, they navigate to Workspace ONE UEM for further troubleshooting,
remote support, and issue remediation. This frequent switching between multiple systems, while
keeping them all in sync with the necessary troubleshooting notes and updates, is inefficient and
an annoyance

VMware, Inc. 4
VMware Workspace One UEM Integration with ServiceNow
With the seamless integration within ServiceNow for Workspace ONE UEM and Workspace ONE
Assist, you can simplify Support workflows and increase efficiency. Using the Workspace ONE
UEM ITSM Connector for ServiceNow, the helpdesk or the support administrators can access
Workspace ONE UEM and Workspace ONE Assist actions from within the ServiceNow portal
without navigating to the Workspace ONE UEM console or authenticating multiple systems

This chapter includes the following topics:
n Integration with ServiceNow CMDB
n Integration with the ITSM Connector for ServiceNow
Integration with ServiceNow CMDB
With ServiceNow CMDB, you can simplify operations, solve issues faster, and make data driven
decisions. Also, you can track assets and have ITOM Visibility with the Workspace ONE UEM and
ServiceNow CMDB integration

Before You Begin
To use this Service Graph connector, you need a subscription to a Subscription Unit based in the
ITOM Visibility application or in the ITOM Discovery application. Also, you must be able to access
the API settings. Create API configurations in Workspace ONE UEM at the Organization Group
relevant to this setup (typically the latest parent group including all device and app data)

ServiceNow CMDB supported versions:
n Workspace ONE UEM - any version
n ServiceNow - must be at least Orlando or later
Configure ServiceNow CMDB
1 Set up the Service Graph Connector. You need the following information to complete the
graph connector setup:
Form Description
Application Registries Form OAuth authentication credentials. You don't need
these credentials when configuring Basic Authentication
credentials

HTTP(s) Connection Form HTTP connection settings for Basic Authentication
Data Source Form Validate data source settings
Status Values of Applications Status of applications you want to import
Scheduled Data Import Form Pre-populated scheduled data
VMware, Inc. 5
VMware Workspace One UEM Integration with ServiceNow
Form Description
Connection Form Connection settings for another OAuth connection
SG-Workspace ONE UEM Create Data Source and Service graph data sources and scheduled data import
Scheduled Import Form settings for another OAuth connection
For information on setting up the Service Graph Connector, see Service Graph Connector for
VMware Workspace ONE UEM

2 Complete API integration. To complete the integration, you need the API URL for your
instance that appears under Settings > System > Advanced > API > REST API

3 Configure the connection for authentication

Option 1: Configure OAuth Client. Authentication appears in the Workspace ONE UEM console
under Settings & Groups > Configurations > OAuth Client Management

n To add a new OAuth Client and a sufficient role for API access, such as Console, see
Create an OAuth Client to Use for API Commands

n To set up the Token URL for the OAuth for the correct region and URL, see Using UEM
Functionality With a REST API

Option 2: Configure Basic Authentication in Workspace ONE UEM

a Create and use a Workspace ONE UEM Administrator account for Service Graph with API
permissions

b Select the organization group for connecting to third-party services

c To generate an API key, go to Groups & Settings > All Settings > System > Advanced
> API > Rest API. Workspace ONE Intelligence uses the API key to connect to any third-
party service

Integration with the ITSM Connector for ServiceNow
Improve your daily operations for IT management with the Workspace ONE ITSM Connector for
ServiceNow. With the ITSM Connector for ServiceNow, helpdesk and support organizations face
can access Workspace ONE UEM and Workspace ONE Assist actions from within the ServiceNow
portal

Before You Begin
To configure this connector, you must be able to access the API settings and create API
configurations in Workspace ONE UEM at the Organization Group relevant to this setup (typically
the latest parent group including all device and application data)

ITSM for ServiceNow supported versions:
n ServiceNow - Quebec or later
n Workspace ONE UEM - 2107 or later
VMware, Inc. 6
VMware Workspace One UEM Integration with ServiceNow
n Workspace ONE Assist - 21.03 or later
Determine your authentication connection. Before configuring the connection in the application,
create an OAuth 2.0 client on Workspace ONE UEM or a new dedicated account. Create a role
with the required security rights

For information on the following, see:
n Roles with required security rights: Access-based New User Roles under Assigning Roles
n Creating new role: Create a Role That Can Use REST APIs
n Creating an OAuth Client: Create an OAuth Client to Use for API Commands (Saas)
n Basic Auth account: Admin Accounts
Install the Workspace ONE ITSM Connector for ServiceNow
With the Workspace ONE ITSM Connector for ServiceNow, Workspace ONE UEM device actions
can only performed on Workspace ONE UEM enrolled devices. While it is not mandatory, consider
installing the Service Graph connector for VMware Workspace ONE UEM prior to installing the
ITSM connector. The Service Graph connector ensures that all Workspace ONE UEM devices and
their details are available in ServiceNow. For more information, see Integration with ServiceNow
CMDB
To access Workspace ONE UEM and Workspace ONE Assist functionality from the ServiceNow
Incidents page, download and install the VMware Workspace ONE ITSM Connector from the
ServiceNow Store

1 Log in to your ServiceNow instance as an administrator

2 Install the VMware Workspace ONE ITSM Connector plugin from the plugins directory

3 Continue through the Guided Setup for the connector

Configure the Workspace ONE ITSM Connector for ServiceNow
To set up the ITSM connector, you must have the necessary credentials. Search for and select the
VMware Workspace ONE ITSM Connector

To configure the ITSM connector, follow the guided setup. The following are the core
configuration actions:
n Configure the connection - Connects your ServiceNow instance to Workspace ONE UEM

n Configure the actions - Configures the actions available to the ITSM agents

n Configure the application defaults - Sets the defaults for the application behavior

n Assign Roles - Assigns VMware Workspace ONE ITSM Connector roles to Groups and Users

VMware, Inc. 7
VMware Workspace One UEM Integration with ServiceNow
Configure the Connection
The Workspace ONE ITSM Connector supports authentication to Workspace ONE UEM through
an OAuth 2.0 client or a Basic Auth and tenant key. OAuth 2.0 is industry standard protocol for
secure authentication and authorization for REST API calls

Option 1: Configure OAuth Details
Use this option in the ServiceNow guided setup if you are using OAuth 2.0. All details for
configuration are for the Workspace ONE UEM API. To complete configuration, select and update
the following details:
1 Go to the Configure OAuth Host details tab and select Configure

2 Update the Host text box with the hostname for the Workspace ONE UEM API

3 Select the Active check box

A warning message might display if you are switching from Basic Auth

All the other details on this page are preconfigured and should not be modified

4 Go to the Configure OAuth Client details tab and select Configure

5 Enter the OAuth Client details the Client ID

6 Update the Client Secret

7 Update the Token URL

All the other details on this page are preconfigured and should not be modified

Option 2: Configure Basic Auth Details
Use this section in the ServiceNow guided setup if you are using Basic Auth Details. All details for
configuration are for the Workspace ONE UEM API. To complete configuration, select and update
the following details

1 Go to the Configure Basic Auth Host tab and select Configure

2 Update the Host text box with the hostname for the Workspace ONE UEM API

3 Select the Active check box

A warning message might display if you are switching from OAuth

All the other details on this page are preconfigured and should not be modified

4 Go to the Configure Basic Credentials tab and select Configure

5 Update the User Name and the Password text boxes with credentials of the Basic Auth
account you created

6 Select Update

All the other details on this page are preconfigured and should not be modified

7 Go to the Configure Tenant Code tab and select Configure

VMware, Inc. 8
VMware Workspace One UEM Integration with ServiceNow
8 Update the Value text box with the Tenant Code for the Workspace ONE UEM API. The
Tenant Code for your instance appears in your Workspace ONE UEMinstance under Settings >
System > Advanced > API > REST API > AirWatchAPI

9 Select Update

Validate Connection Details
After configuring the OAuth or the Basic Auth details, validate the connection. This section is
read-only and shows the previously configured key values

When using OAuth 2.0, select Verify OAuth Token. A message appears confirming that a token
can be retrieved. If an error is reported, then verify and fix the credentials. Repeat until it
succeeds

When using OAuth 2.0 or Basic Auth, select Test Connection. The connection to Workspace ONE
UEM is verified. The version of the Workspace ONE UEMplatform appears. If there is an error
code and error message, then the connection failed. If necessary, verify and update credentials

Mark each tab as complete before configuring the actions

Configure the Actions
Configure all the actions available to the ServiceNow ITSM agents. By default, all actions are
available. Edit to remove actions that you do not need

For more information, see Device Actions

Configure the Application Defaults
Configure the following Workspace ONE UEM default settings:
n Workspace ONE UEM Note - For additional audit capabilities, configure this setting to add a
note to a device in Workspace ONE UEM after every successful action is performed. This note
details the time, action, and the ServiceNow user that performed the action

n Workspace ONE UEM Email Validation Check - For all Workspace ONE UEM actions triggered
within an incident, the ITSM Connector validates that the email address of the caller is the
same as the email address retrieved from the device in Workspace ONE UEM

n Exception List for Email Validation - An exception list of email addresses where the email
validation check is not carried out. Individual emails can be added, or a semicolon separated
list can be used for multiple entries

Assign Roles
After configuring the Application Defaults, you must assign roles. Complete the following to assign
roles:
1 Go to the Assign roles to User Groups or Assign roles to User tab and select Configure

2 Select the User or User Group

VMware, Inc. 9
VMware Workspace One UEM Integration with ServiceNow
3 Go to the Role tab and select Edit to add the required roles

4 Select Save

The Workspace ONE ITSM Connector application has preconfigured roles

The WS1UEMStandard and WS1UEMAdvanced roles control what actions are available to the
ServiceNow ITSM agents. With the WS1UEMConsoleViewer role, you can access the Workspace
ONE UEM console from the Incident form if you need further investigation or actions

There are also enhanced roles which add flexibility. With enhanced roles, individual actions can
be assigned to users and groups. While the WS1UEMStandard and the WS1UEMAdvanced roles
provide the default set of actions, each action has its own associated role that can be managed
individually

The following are the available actions and roles:
Action Role
WS1UEMStandard x_vmw_ws1uem.ws1uemstandard

WS1UEMAdvanced x_vmw_ws1uem.ws1uemadvanced

WS1UEMConsoleViewer x_vmw_ws1uem.ws1consoleviewer
Change Passcode x_vmw_ws1uem.ws1uemchangepasscode
Lock Device x_vmw_ws1uem.ws1uemlockdevice
Remote Assist x_vmw_ws1uem.ws1uemremoteassist
Request Device Log x_vmw_ws1uem.ws1uemdevicelogs
Send Message x_vmw_ws1uem.ws1uemsendmessage
Soft Reset x_vmw_ws1uem.ws1uemsoftreset
Sync Device x_vmw_ws1uem.ws1uemsyncdevice
Device Wipe x_vmw_ws1uem.ws1uemdevicewipe
Enterprise Wipe x_vmw_ws1uem.ws1uementerprisewipe
The following represents actions that are available for WS1UEMStandard and WS1UEMAdvanced

Action WS1UEMStandard WS1UEMAdvanced
Change Passcode Yes Yes
Lock Device Yes Yes
Remote Assist Yes Yes
Request Device Log Yes Yes
Send Message Yes Yes
VMware, Inc. 10
VMware Workspace One UEM Integration with ServiceNow
Action WS1UEMStandard WS1UEMAdvanced
Soft Reset Yes Yes
Sync Device Yes Yes
Device Wipe No Yes
Enterprise Wipe No Yes
Access-based New User Roles
Access-based roles for a new user in Workspace ONE UEM. For a new Workspace ONE UEM
user, give the user the following permissions for a proper connection between the ITSM connector
and Workspace ONE:
Category Edit Read
API > REST > Devices > REST API Yes No
MDM Devices
API > REST >Devices > REST API Yes No
Devices Write
API > REST >Devices > REST API Yes No
Devices Execute
API > REST >Devices > REST API Yes No
Devices Advanced
API > REST >Devices > REST API No Yes
Devices Read
Assist Yes No
Device Management > Device Details Yes No
> Messaging > Device Send Message
Device Management > Device Details Yes No
> Messaging > Device Send Message
Device Management > Device Details Yes No
> Messaging > Device Send Message
Push Notification
Device Management > Device Details Yes No
> Lock > Remote Device Lock
Device Management > Device Details Yes No
> Enterprise Wipe > Device Remote
mdm
Device Management > Device Details Yes No
> Enterprise Wipe > Enterprise Reset
Device Management > Device Details Yes No
> Device Wipe > Device Wipe
Device Management > Device Details Yes No
> Passcode
VMware, Inc. 11
VMware Workspace One UEM Integration with ServiceNow
Category Edit Read
Device Management > Device Details Yes No
> Request Check-in
Device Management > Device Details Yes No
> Remote Control
Device Management > Device Details Yes No
> Remote View - Device Details
API > REST > Users > REST API Users No Yes
Read
Using the Workspace ONE ITSM Connector for ServiceNow
The VMware Workspace ONE ITSM Connector for ServiceNow provides the ability to perform
Workspace ONE UEM and Assist actions from within ServiceNow. This topic covers using the ITSM
Connector for ServiceNow

A new Workspace ONE UEM tab is added to the Incident page when the WS1UEMStandard or the
WS1UEMAdvanced role is assigned to the administrator

A Workspace ONE UEM Action drop-down menu displays on the Workspace ONE UEM tab for
the support administrator. The support administrator can perform an action from the drop-down
menu on the configuration item (CI) or device assigned to the incident. The configuration item
or device assigned to the incident should be enrolled within Workspace ONE UEM to perform
Workspace ONE UEM actions on the device

Note Actions are only successful if the attached device corresponds to a device in Workspace
ONE UEM. This match is verified by serial number, along with an email address validation of the
caller against the assigned user in Workspace ONE UEM

The Workspace ONE Action tab and actions are enabled if the Incident status is In Progress, and
a caller and a configuration item are assigned to the incident. The Action tab and actions are
disabled for other Incident statuses

The Notes tab in ServiceNow Incidents records all successful actions performed on the device
when audit capability is configured during the guided setup. The note details the time, action, and
the ServiceNow user that performed the action

A Workspace ONE UEM Console button appears on the Incidents page if the Workspace ONE
ConsoleViewer role is configured. When the support administrator opens the console, they can
navigate to advanced troubleshooting. If the configuration item is not associated with the Incident,
or the Device is not available within ServiceNow, then the support administrator can use the
Workspace ONE UEM button to log in to the Workspace ONE UEM console and perform further
troubleshooting

For an action to be successful, the serial number of the configuration item in ServiceNow must
match the device serial number of the device in Workspace ONE UEM

VMware, Inc. 12

The API settings. Create API configurations in Workspace ONE UEM at the Organization Group relevant to this setup (typically the latest parent group including all device and app data). …

Download Now

Documemt Updated

Popular Download

• › V 32 March 2020 Amazon Web Services
• › Volkswagen Of America 2022 Taos Auto Brochures
• › Visuplan 500 From Zeiss Non Contact Tonometer
• › Volume 1 Of 2 Cutting Parts Catalog Agco Parts And Service
• › Version 10 This Document Describes The Email Message
• › Vintage Greeting Card Templates Hoover Web Design
• › Victorias Secret Job Application Thevorhcom
• › Vocational Firm Quality Assurance Plan Washington State
• › Vegetable Planting Guide Po Box 739 Garner Nc 27529
• › Volets Roulants Portes De Garage Brise Soleil
• › View And Update Your Personal Info In Employee
• › Verint Experience Management For Web And Mobile
• › Vpn Policy Template National Cybersecurity Society
• › Vegetable Varieties For Travis County
• › Varieties Of Heirloom Seeds And Roots For The 1812
• › V Design Program Space Program Room Data Sheets
• › Vcs Project Description Template Verra
• › Vegetable Garden Guide Countryside
• › Vima Tunes Player Crack With Serial Key Free Download
• › Version Classic Economy 204 Efm

Frequently Asked Questions

How does the workspace one uem itsm connector for servicenow work?

The Workspace ONE UEM ITSM (IT Service Management) connector for ServiceNow helps teams manage these tools. Before an integration, a support ticket is raised within ServiceNow when encountering an issue ion a device or by an employee. The helpdesk or the support administrator reviews the issue within ServiceNow.

How does the servicenow cmdb integrate with vmware workspace one?

Data is inserted into the ServiceNow CMDB using the Identification and Reconciliation Engine (IRE). When you complete the guided setup, you configure the integration to periodically pull data from VMware Workspace ONE UEM.

What do our customers use workspace one uem for?

Our customers manage complex digital workspaces with large fleets of devices, users and apps. When dealing with so many users and devices, it is not uncommon that issues come up and users open help desk tickets through the ITSM system in place. As a leading ITSM platform, ServiceNow has many shared customers with Workspace ONE UEM.

Which applications require management in the vmware workspace one uem device profile?

Applications that are deemed to have a higher risk to user or company data are set to require management in the VMware Workspace ONE ® UEM device profile.