tag:blogger.com,1999:blog-37920127362658001152024-03-03T03:53:50.472-05:00Lessons learned on the digital workspace journey with Workspace ONEa user experience so secure and seamless, your boss won't even know you're working at the pool in HawaiiRyan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.comBlogger21125tag:blogger.com,1999:blog-3792012736265800115.post-10418925064435199692023-02-16T12:56:00.006-05:002023-02-16T13:26:40.928-05:00Delivering Managed Configurations (key/value pairs) to Android applications with Workspace ONE UEM profiles<span style="font-family: helvetica;">Applications often have secrets that should not be hardcoded in the source code. This poses a challenge for developers, as ProGuard can change classes and method names, it won't help with secrets. Examples of secrets that can be removed from application source code include an API key or a OAuth refresh token. Another capability is for the MDM to dynamically deliver values to the application, such as the current logged in user, device serial number, or organization group. Google has made it more challenging to access non-resettable device identifiers like the serial number in recent years, and this remains a viable solution to provide non-resettable device identifiers (and other values) to applications running on the device. So how do we do it?<br /><br /></span><div style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjmxe3iJsxRhMi7O_GGopQBWI2bC04OE8sdK3FbUW-9rGRpkAXC1_DWSiU_zdvQF97Q6THzAh8ncmikfXNP9dhV3V0840C4UxKopzLlHfC_-D-Y1BpKMhjFjAyjRv9E_-Fdia5Bw9xHiR483sBPJHSz8tJ_CmkTmUK6Od1_N-zBmqrYq6gizfFSWEkiQ/s4020/blogpost.jpg" imageanchor="1"><img border="0" data-original-height="2756" data-original-width="4020" height="438" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjmxe3iJsxRhMi7O_GGopQBWI2bC04OE8sdK3FbUW-9rGRpkAXC1_DWSiU_zdvQF97Q6THzAh8ncmikfXNP9dhV3V0840C4UxKopzLlHfC_-D-Y1BpKMhjFjAyjRv9E_-Fdia5Bw9xHiR483sBPJHSz8tJ_CmkTmUK6Od1_N-zBmqrYq6gizfFSWEkiQ/w640-h438/blogpost.jpg" width="640" /></a></div><br /><div><span style="font-family: helvetica;"><br /></span></div><div><span style="font-family: helvetica;">Workspace ONE UEM can deliver profiles to devices. Profiles can configure a number of settings, in addition to delivering key/value pairs to your applications. Google refers to these key/value pairs as Managed Configurations, aka application restrictions. In this post, I will go cover;</span></div><div><ul style="text-align: left;"><li><span style="font-family: helvetica;">how to add key/value pairs to a profile</span></li><li><span style="font-family: helvetica;">read key/value pairs in the application source code</span></li></ul><div><span style="font-family: helvetica;"><br /></span></div><div><span style="font-family: helvetica;">To begin, you will need;</span></div><div><ul style="text-align: left;"><li><span style="font-family: helvetica;">Android Studio</span></li><li><span style="font-family: helvetica;">Gradle</span></li><li><span style="font-family: helvetica;">Workspace ONE UEM</span></li></ul></div><p style="text-align: left;"><span style="font-family: helvetica;">Create a profile for your application secrets</span></p><div><i><span style="font-family: helvetica;">Note - this demonstration will use the management console to create the profile. This task can also be completed using Workspace ONE UEM REST API's.</span></i></div><div><ol style="text-align: left;"><li><span style="font-family: helvetica;">Login to Workspace ONE UEM management console</span></li><li><span style="font-family: helvetica;">In the upper right corner, click Add -> Profile</span></li><li><span style="font-family: helvetica;">Select Android</span></li><li><span style="font-family: helvetica;">Name the profile</span></li><li><span style="font-family: helvetica;">Add the reference profile XML payload in 'Custom Settings'</span></li><li><span style="font-family: helvetica;">Save and publish the profile to your test device(s)</span></li></ol></div><div><span style="font-family: helvetica;">Reference Profile: </span></div>
<span style="font-family: helvetica;"><script src="https://gist.github.com/HawaiiRyan/4a7c3e3b015c6edfa14f7e19614fdc14.js"></script>
</span><div><span style="font-family: helvetica;"><br /></span></div><div><span style="font-family: helvetica;">The reference profile will deliver the device serial number, current user on the device (enrollment user. Yes - <b>enrollment</b> user is somewhat misleading, in that it is the current user logged in to the device), key/value pairs for VALUE1, URL, and ENVIRONMENT. </span></div><div><span style="font-family: helvetica;"><br /></span></div><p style="text-align: left;"><span style="font-family: helvetica;">Add Application Restrictions to your Android project</span></p></div><div><span style="font-family: helvetica;"><br /></span></div><div><ol style="text-align: left;"><li><span style="font-family: helvetica;"><br />Open Android Studio, create a project, and expand the project layout<br /></span><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgKE7938h4U60ZIF5nNW2PTLNpLw7nEgcott_Uc2y0M0vCoftzCUTMkdjpZTs-1ZNtfZxgM21-EOk5XwMyOVV5KHjYj1HTFt2jLU32fR2EnpFpnblp7SpU2ULkP6wDck9t6STuUYYIxaV2twxi_aJXhqyp_xHnUCbDm_6ZF4DMk8TpHVQScgMgk5yjgXw" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: helvetica;"><img alt="" data-original-height="1238" data-original-width="958" height="640" src="https://blogger.googleusercontent.com/img/a/AVvXsEgKE7938h4U60ZIF5nNW2PTLNpLw7nEgcott_Uc2y0M0vCoftzCUTMkdjpZTs-1ZNtfZxgM21-EOk5XwMyOVV5KHjYj1HTFt2jLU32fR2EnpFpnblp7SpU2ULkP6wDck9t6STuUYYIxaV2twxi_aJXhqyp_xHnUCbDm_6ZF4DMk8TpHVQScgMgk5yjgXw=w496-h640" width="496" /></span></a></div><span style="font-family: helvetica;"><br /></span></li><li><span style="font-family: helvetica;">Create a class and name it AppConfig</span></li><li><span style="font-family: helvetica;">Now we'll add logic for getters, retrieving the values from the MDM profile, and storing them in variables. Copy and paste the text below in to your AppConfig class<br /><br /></span><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEg628W2IVsVOAuLoFv7kq5NtWGEg4n0lkme6-CpuGLeysl6PS5NuJ_vVYiHGLGYX6LSeGVAfX8UGCEfLefPfi4SC0cSSORUhiLYUPcDUHL_7GoUvDoO7BVVmkMNFAAIZvwpwyxuBtatJJ0K_jm3avnthGJdT3HUJyqYxMQMjNiiWF1Lyw3H-9ks4suHGw" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: helvetica;"><img alt="" data-original-height="2362" data-original-width="3048" src="https://blogger.googleusercontent.com/img/a/AVvXsEg628W2IVsVOAuLoFv7kq5NtWGEg4n0lkme6-CpuGLeysl6PS5NuJ_vVYiHGLGYX6LSeGVAfX8UGCEfLefPfi4SC0cSSORUhiLYUPcDUHL_7GoUvDoO7BVVmkMNFAAIZvwpwyxuBtatJJ0K_jm3avnthGJdT3HUJyqYxMQMjNiiWF1Lyw3H-9ks4suHGw=s16000" /></span></a></div><span style="font-family: helvetica;"><br /><br /><script src="https://gist.github.com/HawaiiRyan/eda24415f0ff389087f634626579cbe4.js"></script></span></li><li><span style="font-family: helvetica;">Create a class and name it AppConstants. You can optionally store it in a package</span></li><li><span style="font-family: helvetica;">Now we'll add the tag want to displayed in our log messages. Copy and paste this text in to your AppConstants class<br /><br /></span><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjZvnAHnoIcSLtp7O2O3MsvGm2V4nt2UWK3HAK1QVQ_KMkk0gYPRTByxs4jUrY8gwqqY3evpKCRG8ca7YToD7cln2HNmSr3wjf6cSQ3HcHOPkUGiQTyWp-uD2-NWlB8vtwwjbfeNLeKnCE_yL8uMGMDtwtFtuiYiJnLxytN5LKt6KByEoPfmbQkWx8Nkg" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: helvetica;"><img alt="" data-original-height="1514" data-original-width="2672" src="https://blogger.googleusercontent.com/img/a/AVvXsEjZvnAHnoIcSLtp7O2O3MsvGm2V4nt2UWK3HAK1QVQ_KMkk0gYPRTByxs4jUrY8gwqqY3evpKCRG8ca7YToD7cln2HNmSr3wjf6cSQ3HcHOPkUGiQTyWp-uD2-NWlB8vtwwjbfeNLeKnCE_yL8uMGMDtwtFtuiYiJnLxytN5LKt6KByEoPfmbQkWx8Nkg=s16000" /></span></a></div><span style="font-family: helvetica;"><br /><br /><script src="https://gist.github.com/HawaiiRyan/88871db6cb298f68dd2aa50ef0cf468e.js"></script></span></li><li><span style="font-family: helvetica;">Create a class and name it MainActivity</span></li><li><span style="font-family: helvetica;">Now we'll add logic to log and display toast messages with the values retrieved from the MDM profile. Copy and paste this text in to your MainActivity class<br /><br /></span><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEijbBkFHQNj26Dhu35AF_tw1ZbU4AQjHKqT7PNJGVb8tlo-BWLXxzpyiRpgFivkJr1tp6vKRq_h6hMDBQ0Qok-nPVAf7aMzk1zgTnyPjjKvAjfnSxVfEYO6kc15Ii8eG0Ex70NNfqB-IyrDJl7U4JxrNz2uGrBWhiMl1vZ6NfJ7cNYscN3uxWTes_-wAQ" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: helvetica;"><img alt="" data-original-height="1197" data-original-width="1469" src="https://blogger.googleusercontent.com/img/a/AVvXsEijbBkFHQNj26Dhu35AF_tw1ZbU4AQjHKqT7PNJGVb8tlo-BWLXxzpyiRpgFivkJr1tp6vKRq_h6hMDBQ0Qok-nPVAf7aMzk1zgTnyPjjKvAjfnSxVfEYO6kc15Ii8eG0Ex70NNfqB-IyrDJl7U4JxrNz2uGrBWhiMl1vZ6NfJ7cNYscN3uxWTes_-wAQ=s16000" /></span></a></div><span style="font-family: helvetica;"><br /><br /><script src="https://gist.github.com/HawaiiRyan/0b354ee6054c8632c77c7daabe099680.js"></script></span></li><li><span style="font-family: helvetica;">Now you can build an APK file, upload it to Workspace ONE UEM, and assign it to your test devices</span></li></ol><div><span style="font-family: helvetica;"><br /></span></div></div><div><span style="font-family: helvetica;">Once the application is launched, it will log the values in logcat, visually display them on the Android device with a toast notification, and also log it with Java's system out print statement. If you wish to use the values from the MDM profile in your application, instantiate the AppConfig class and reference the getters. That is all there is to it.</span></div><div><span style="font-family: helvetica;"><br /></span></div><div><span style="font-family: helvetica;">The MainActivity is referenced by the layout file for the UI, and the MainActivity makes references to the AppConfig class, along with the AppConstants class. The values from the profile are passed as strings to the application source code, and can be used where appropriate. If you wish to know more about Managed Configurations, <a href="https://developer.android.com/work/managed-configurations" target="_blank">Google</a> has a great post covering it as well.</span></div><div><span style="font-family: helvetica;"><br /></span></div><div><span style="font-family: helvetica;">Source code on <a href="https://github.com/vmware-samples/euc-samples/tree/master/Android-Samples/ReferenceApplications/WS1-Profile-CustomSettings-Android-Reference-App" target="_blank">GitHub</a></span></div><div><span style="font-family: helvetica;"><br /></span></div><div><span style="font-family: helvetica;"><br /></span></div><div><span style="font-family: helvetica;">Hopefully this post has been helpful. Mahalo!</span></div>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0O‘ahu, Hawaii, USA21.4389123 -158.0000565-6.8713215361788471 166.8436935 49.749146136178844 -122.8438065tag:blogger.com,1999:blog-3792012736265800115.post-17677848656183639002022-01-08T16:19:00.001-05:002022-01-08T16:26:01.314-05:00How to use Square's OkHttp Java library to access Workspace ONE UEM API's<span style="font-family: verdana;">Digital workspace solutions often require consuming other services. When doing so, you may work with things like; REST API
endpoints, Webhooks, gRPC, GraphQL - the list goes on. You can interact with these in a number of ways, but one way I've come to appreciate is with Java. It has been especially helpful when I've wanted to work with libraries like Appium, Selenium, OKHttp, or the Workspace ONE UEM SDK in a workflow. With that, I thought it would be
helpful to share how to work with Workspace ONE UEM API's using Java. </span><span style="font-family: verdana;">In this blog post, we will cover;</span>
<div>
<ul style="text-align: left;">
<li>
<span style="font-family: verdana;">Basics of JetBrain's IntelliJ IDE, touching on Apache Maven</span>
</li>
<li>
<span style="font-family: verdana;">Using <a href="https://github.com/square/okhttp" target="_blank">Square's OkHttp</a> <span style="font-family: verdana;">library</span> to
call Workspace ONE UEM API's<br /><br /><div style="text-align: left;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgNVUIEX_cVGde4FscIP0Mz2tPf4p9CIbsWRqaTxBcbgbvNAulXrnmL3k8dA7V-a7dc_Ehe6KL3zA5uItiLo81WJacPOS8X44-npOjHdAm_JfNzLXGWlYS_GBc6TjPeS5pxk6ukCbjkjmx_5Bv_BDbEg5vIiWOOlSvbOelL7ciz8TbMfMP2Yz7DxUAM-A=s4032" imageanchor="1" style="font-family: Times; font-weight: 700; margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="3024" data-original-width="4032" height="480" src="https://blogger.googleusercontent.com/img/a/AVvXsEgNVUIEX_cVGde4FscIP0Mz2tPf4p9CIbsWRqaTxBcbgbvNAulXrnmL3k8dA7V-a7dc_Ehe6KL3zA5uItiLo81WJacPOS8X44-npOjHdAm_JfNzLXGWlYS_GBc6TjPeS5pxk6ukCbjkjmx_5Bv_BDbEg5vIiWOOlSvbOelL7ciz8TbMfMP2Yz7DxUAM-A=w640-h480" width="640" /></a></div></span></li>
</ul>
<h4 style="text-align: left;">
<span><span style="font-family: verdana;">Why Java?<br /></span></span><br /></h4>
</div>
<div>
<span style="font-family: verdana;">Java is used by many and supported by most (Docker, Kubernetes, static code
analysis tools, cloud service providers, Android, Windows, macOS, Tanzu
Application Service, etc). Many languages compile to
<a href="https://en.wikipedia.org/wiki/List_of_JVM_languages" target="_blank">j</a>ava bytecode (Kotlin, Scala, Groovy); which is to say if you know Java, you can
pivot to any of these languages that compiles to java bytecode. Some examples of
where Java has enabled me;<br />
<ul style="text-align: left;">
<li>
<span style="font-family: verdana;">writing end-to-end mobile automation tests with <a href="https://appium.io/" target="_blank">Appium</a> and <a href="https://www.selenium.dev/" target="_blank">Selenium</a>
libraries; capturing performance metrics, and writing data to <a href="https://dev.splunk.com/enterprise/docs/devtools/java/logging-java/howtouseloggingjava/enableloghttpjava" target="_blank">Splunk HTTP Endpoint Collector</a></span>
</li>
<li>
<span style="font-family: verdana;">interacting with API endpoints in <a href="https://kb.vmware.com/s/article/2960676" target="_blank">Workspace ONE UEM</a></span>
</li>
<li>
<span style="font-family: verdana;">testing <a href="https://firebase.google.com/docs/cloud-messaging" target="_blank">Firebase Cloud Message</a> delivery on Android native client
applications</span>
</li>
<li>
<span style="font-family: verdana;">performing OAuth authentication with <a href="https://developers.strava.com/docs/authentication/" target="_blank">Strava fitness API's</a></span>
</li>
<li>
<span style="font-family: verdana;">retrieving power output details from <a href="https://www.solaredge.com/sites/default/files/se_monitoring_api.pdf" target="_blank">SolarEdge inverter API'</a>s</span>
</li>
<li>
Deserializing data, using certificates to authenticate to <a href="https://www.cockroachlabs.com/docs/stable/deploy-cockroachdb-on-google-cloud-platform.html" target="_blank">CockroachDB on Google Cloud</a>, and writing the data to a table
</li>
</ul>
<div>You just can't go wrong with a little Java in your life.</div>
<div>
<h3 style="text-align: left;">
<span style="font-family: verdana;">The Setup:</span>
</h3>
</div>
<div>
<ul style="text-align: left;">
<li>
<span style="font-family: verdana;"><a href="https://www.jetbrains.com/idea/" target="_blank">JetBrain's</a>
IntelliJ Community Edition</span>
</li>
<li>
<span style="font-family: verdana;"><a href="https://maven.apache.org/guides/getting-started/maven-in-five-minutes.html" target="_blank">Maven</a></span>
</li>
<li><a href="https://square.github.io/okhttp/" target="_blank">Square OkHttp library</a></li>
<li>
<a href="https://docs.oracle.com/en/java/javase/11/install/overview-jdk-installation.html" target="_blank">JDK</a>
</li>
</ul>
<div>
For the sake of simplicity, we will assume you have some of the basics
covered, such as;<br />
</div>
<div>
<ul style="text-align: left;">
<li>IntelliJ installed</li>
<li>JDK installed</li>
<li>Environment variables specified for JAVA_HOME</li>
<li>Workspace ONE UEM API key obtained</li>
<li>Account with read access to Workspace ONE UEM REST API</li>
</ul>
</div>
<div>
To verify environment variables are correctly specified, enter 'env' in
Terminal, and look for JAVA_HOME<br /><br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;">
<tbody>
<tr>
<td style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1PeoLCsxjVvq44haNERiwTMg2hkbbSwRY6u2Kasn59yILHShRPfreOpJ7g_aG3XIO4l5OOnz0oinZcQg4uP38UUq6iwy2E9xk2ZKTfllXFegf15PGa-M3TzsagFSAPHIGvvQ0IR_jT225/" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="80" data-original-width="1102" height="46" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1PeoLCsxjVvq44haNERiwTMg2hkbbSwRY6u2Kasn59yILHShRPfreOpJ7g_aG3XIO4l5OOnz0oinZcQg4uP38UUq6iwy2E9xk2ZKTfllXFegf15PGa-M3TzsagFSAPHIGvvQ0IR_jT225/w640-h46/image.png" width="640" /></a>
</td>
</tr>
<tr>
<td class="tr-caption" style="text-align: center;">reference.</td></tr></tbody></table></div>
<div><br /></div>
<div>
<div>
<h3>
<span style="font-family: verdana;">Making REST API calls to Workspace ONE UEM with Java:</span>
</h3>
<h3>
<ol style="text-align: left;">
<li>
<span style="font-size: small; font-weight: normal;"><span>Open IntelliJ</span>
</span>
</li>
<li>
<span style="font-size: small; font-weight: normal;"><span><span>Create a New Project<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH8abvFQyHgvrpSKU2HjSEpCOrbf7sECNL97BM-xSpMh91jWWwvgPfl7j8Z6p-_f6D_CckRLACV92dz2beQY8mOhfXMjoCk2hGAj-ZI3Rr2Si2SU4CEYgjIpJ3PFgwTHuhE29NBB11kjX9/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="111" data-original-width="793" height="90" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiH8abvFQyHgvrpSKU2HjSEpCOrbf7sECNL97BM-xSpMh91jWWwvgPfl7j8Z6p-_f6D_CckRLACV92dz2beQY8mOhfXMjoCk2hGAj-ZI3Rr2Si2SU4CEYgjIpJ3PFgwTHuhE29NBB11kjX9/w640-h90/image.png" width="640" /></a><br /><br /></span></span></span>
</li>
<li>
<span style="font-size: small;"><span><span><span style="font-weight: normal;">Click 'Next', followed by 'Next', name the project
RESTExample and click 'Finish'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4yQbq3V_TwwZ1jqLTtNxiyZntQSz0eq6J7b5JvMYKGKAyR1bZhpO1XvUWG-xq-wqY0Aqv8Ym48pmmRhxR_C2oaRj1yXemA7WTIiypn-YeRsaRcdjtZQr0fRtrspXI_EGkJ_MzXkrx7_Nw/" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="826" data-original-width="966" height="548" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4yQbq3V_TwwZ1jqLTtNxiyZntQSz0eq6J7b5JvMYKGKAyR1bZhpO1XvUWG-xq-wqY0Aqv8Ym48pmmRhxR_C2oaRj1yXemA7WTIiypn-YeRsaRcdjtZQr0fRtrspXI_EGkJ_MzXkrx7_Nw/w640-h548/image.png" width="640" /></a><br /><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<div class="separator" style="clear: both; text-align: center;">
<div class="separator" style="clear: both; text-align: center;">
<div class="separator" style="clear: both; text-align: center;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd7b9Qbn8Qdqc22wPsffm1Xp_Yxe31KkUy2zImLS4s729smEj170hEfO3QbLngEAgSIz7KAsLb0N6oekalAqvz6pbmhdotfDXNe-ON9J7fzIor7TxtytqSPOgEAlsOdzoZqMR3xFCbBavb/" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;"><img alt="" data-original-height="820" data-original-width="956" height="548" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd7b9Qbn8Qdqc22wPsffm1Xp_Yxe31KkUy2zImLS4s729smEj170hEfO3QbLngEAgSIz7KAsLb0N6oekalAqvz6pbmhdotfDXNe-ON9J7fzIor7TxtytqSPOgEAlsOdzoZqMR3xFCbBavb/w640-h548/image.png" width="640" /></a><div style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: left;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicTR51PVy39UpV2j9gsjRY_xUlux3qWHFVi_7w6PDbn5gFAFyAJm_FL-5DuczxG05Qp4ThTZDxdylf5-EFnxLO8TapQjl0P8QPaMG_GubnslzRd9rC8-Aoqk_Xqe6gUWSEYuk3czycoRku/" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="317" data-original-width="637" height="318" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEicTR51PVy39UpV2j9gsjRY_xUlux3qWHFVi_7w6PDbn5gFAFyAJm_FL-5DuczxG05Qp4ThTZDxdylf5-EFnxLO8TapQjl0P8QPaMG_GubnslzRd9rC8-Aoqk_Xqe6gUWSEYuk3czycoRku/w640-h318/image.png" width="640" /></a></div></div>
<div class="separator" style="clear: both; text-align: center;"></div>
</div>
</div>
</div></div></span></span>
</span>
</li>
<li>
<span style="font-size: small; font-weight: normal;">
In the upper left corner, right click the RESTExample project,
and click 'Add Framework Support...'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc9rcn7zxTuOm59mATTpESvD7iizat9ryMMtoI564yo8nUIXp6-vw3FTm-Z-KackknjOMJ_ImpzVdBMAk5dvnsDHeFiojBCQIZ44rKXL58i8ogqTCNTgFwc0z-HzayQfD9JhYd_EQy-f_Z/" style="clear: left; font-size: 18.72px; font-weight: 700; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="348" data-original-width="535" height="416" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgc9rcn7zxTuOm59mATTpESvD7iizat9ryMMtoI564yo8nUIXp6-vw3FTm-Z-KackknjOMJ_ImpzVdBMAk5dvnsDHeFiojBCQIZ44rKXL58i8ogqTCNTgFwc0z-HzayQfD9JhYd_EQy-f_Z/w640-h416/image.png" width="640" /></a><br /><br /></span>
</li>
<li>
<span style="font-size: medium; font-weight: normal;">Scroll down until you find Maven, and select Maven, followed
by 'OK'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzNwV4HrGXaDvEcGs94nPOynY4zryXZiZYEBYiOd0Y4jBLVIdCWJlczw2upC-qFF183AtIR7mICon0E0DhvabNNKSZR4SHFrgXK4SQyAXSfx2uDskTcRjifmpLGFB1k-QfFYkuZPk1FLso/" style="clear: left; font-size: medium; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="606" data-original-width="789" height="493" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzNwV4HrGXaDvEcGs94nPOynY4zryXZiZYEBYiOd0Y4jBLVIdCWJlczw2upC-qFF183AtIR7mICon0E0DhvabNNKSZR4SHFrgXK4SQyAXSfx2uDskTcRjifmpLGFB1k-QfFYkuZPk1FLso/w640-h493/image.png" width="640" /></a><br /><br /></span></li><li><span style="font-size: medium; font-weight: normal;">In the Maven window, right click on 'Unknown' and click 'Reload project', followed by 'Generate Sources and Update Folders'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg1BYwJT8acmZmLST5YFxp7Acp3htA0hkwKf2-02J75GUHRyBNn2KrekZmgHLHZ5nXWP0Ka2tIOTH7VD_g0ZqAd5YG05ZU9kxhh7cB3XjjAo4cyI9ivJDwMMWDBAjXG78vwpvlzd82Xv6Y/" style="clear: left; font-size: 18.72px; font-weight: 700; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="447" data-original-width="507" height="353" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg1BYwJT8acmZmLST5YFxp7Acp3htA0hkwKf2-02J75GUHRyBNn2KrekZmgHLHZ5nXWP0Ka2tIOTH7VD_g0ZqAd5YG05ZU9kxhh7cB3XjjAo4cyI9ivJDwMMWDBAjXG78vwpvlzd82Xv6Y/w400-h353/image.png" width="400" /></a><br /><br /></span></li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">
Maven will update the name of the artifactId to correctly
show RESTExample<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi00OpkO4RFNsRODsW6Yut3Y20Kwawkd6mrTmEoBakP8amjeLz5oR5DU3TVgELsaarrWQ3N5Lr_JA1K2N7_VW734udCyYdVR_rbMDkkc3eQ2KBvA8osfVMf43aDUKcXRetRYPbIPaMPbMV5/" style="clear: left; font-size: 18.72px; font-weight: 700; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="347" data-original-width="412" height="337" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi00OpkO4RFNsRODsW6Yut3Y20Kwawkd6mrTmEoBakP8amjeLz5oR5DU3TVgELsaarrWQ3N5Lr_JA1K2N7_VW734udCyYdVR_rbMDkkc3eQ2KBvA8osfVMf43aDUKcXRetRYPbIPaMPbMV5/w400-h337/image.png" width="400" /></a><br /><br /></span>
</div>
</li>
<li>
<span style="font-size: small; font-weight: normal;"><span><span>Inside the project, some new folders will be created for
you<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjT_2xhgf9W_wlfN_F0ATki8L4zKCuXybmvTnBr7uNFbGjLNMH877r1AGutqJ2MXXsZZI40XuPb-HkvWavfnrjT0u4NmF6OhoiKTz1zILMROzQ2gVZp4WZI_pCoFEMyeJ5zXBYchm7brnbk/" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="308" data-original-width="523" height="235" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjT_2xhgf9W_wlfN_F0ATki8L4zKCuXybmvTnBr7uNFbGjLNMH877r1AGutqJ2MXXsZZI40XuPb-HkvWavfnrjT0u4NmF6OhoiKTz1zILMROzQ2gVZp4WZI_pCoFEMyeJ5zXBYchm7brnbk/w400-h235/image.png" width="400" /></a><br />
<br /></span></span>
</span>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">
Right click on java and click New -> Java Class<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjy07UV6GQ0TT-F9TRVfM6eeRLNV3KOg1kHr4yCIWYZ6RzV_74H0UMoN7QchdPkvaiPgRR2E3xcjLB8hsWHEVJXVqdIAgr-FI3RBRsf5y73rhPXJhpn-sfYfbME3G7aFTr_9H9UWoJ9RNcO/" style="clear: left; font-size: 18.72px; font-weight: 700; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="367" data-original-width="681" height="215" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjy07UV6GQ0TT-F9TRVfM6eeRLNV3KOg1kHr4yCIWYZ6RzV_74H0UMoN7QchdPkvaiPgRR2E3xcjLB8hsWHEVJXVqdIAgr-FI3RBRsf5y73rhPXJhpn-sfYfbME3G7aFTr_9H9UWoJ9RNcO/w400-h215/image.png" width="400" /></a><br /></span>
<span style="font-size: small; font-weight: normal;"><br />
</span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">
Name the Java class com.vmware.restexample and hit return<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy3HkhSlcL3ktJ1GGQXSuI9CRyt2VVkdlTgL6pbmhZ9_WM5arj38O-TuDUL7lbmchu1J-_LaKYlnousTd0YduMWi-kQRt5HX9pH86PHJ95fDfL79ZTSG41XaK6VoiQN0hoSTFljvdJXhYl/" style="clear: left; font-size: 18.72px; font-weight: 700; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="227" data-original-width="314" height="231" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy3HkhSlcL3ktJ1GGQXSuI9CRyt2VVkdlTgL6pbmhZ9_WM5arj38O-TuDUL7lbmchu1J-_LaKYlnousTd0YduMWi-kQRt5HX9pH86PHJ95fDfL79ZTSG41XaK6VoiQN0hoSTFljvdJXhYl/" width="320" /></a><br /></span>
<span style="font-size: small; font-weight: normal;"><br />
</span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">
Now we have a empty Java class created for us<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTXq9CLI9Eybs6dcZotWbMTu_MycNpp6KZGK4m1gbUbMVs-qenxY2WHDPHnUqVncJLVa9z5RWSIcGiXbnxSvTuPTC4mx4uTBC-aU0otHgQqW9jqbVt85pcBEo-P-Xzh9XTBmElfGijRRGR/" style="clear: left; font-size: 18.72px; font-weight: 700; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="157" data-original-width="438" height="144" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTXq9CLI9Eybs6dcZotWbMTu_MycNpp6KZGK4m1gbUbMVs-qenxY2WHDPHnUqVncJLVa9z5RWSIcGiXbnxSvTuPTC4mx4uTBC-aU0otHgQqW9jqbVt85pcBEo-P-Xzh9XTBmElfGijRRGR/w400-h144/image.png" width="400" /></a><br /></span>
<span style="font-size: small; font-weight: normal;"><br />
</span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">
On line 4, paste the code below. <br />
<script src="https://gist.github.com/HawaiiRyan/dac4c6e40752771213bcfd1d6707e897.js"></script>
<br />
</span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">
The code will look like this;<br />
<script src="https://gist.github.com/HawaiiRyan/b4246a583dd6d5020e514d4aa062314f.js"></script>
<br /></span>
</div>
</li>
<li>
<span style="font-size: small; font-weight: normal;"><span><span>One shortcut I use to create boilerplate code for OkHttp
requests is to leverage Postman. Open Postman, and make an
API call to Workspace ONE UEM. On the right side of
postman, tap the code button<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipbXWT91tBuZ90GdWUeXi39g4FQxRfZhb1PbMcGA1C6Q15G6zgO04MDWZtlrEQVjJV4o5sKt508Nns6uTcbiioEDMXlr4Nq8GhvI1cbycXUDFzFEjf9UH6Sqjuzv_MDApXYqssh8-DKOHe/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="671" data-original-width="1321" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipbXWT91tBuZ90GdWUeXi39g4FQxRfZhb1PbMcGA1C6Q15G6zgO04MDWZtlrEQVjJV4o5sKt508Nns6uTcbiioEDMXlr4Nq8GhvI1cbycXUDFzFEjf9UH6Sqjuzv_MDApXYqssh8-DKOHe/s16000/deletethis.png" /></a><br />
<br /></span></span>
</span>
<div class="separator" style="clear: both; text-align: center;"></div>
</li>
<li>
<span style="font-size: small; font-weight: normal;"><span><span>In the dropdown box, look for 'Java - OkHttp'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0QlnBsMYH6J8hf8gsDv_g7chcO1fPf-peJSbRVavcp1A_TOkZeQ0dYEicc2BK8NI4x6penUSARywGTbz4RczlLdiw5osEpwM99fhjldeC8SgQ5lZd9sQdScnW9g-B2LwNdi5M8HPPEqlM/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="315" data-original-width="728" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0QlnBsMYH6J8hf8gsDv_g7chcO1fPf-peJSbRVavcp1A_TOkZeQ0dYEicc2BK8NI4x6penUSARywGTbz4RczlLdiw5osEpwM99fhjldeC8SgQ5lZd9sQdScnW9g-B2LwNdi5M8HPPEqlM/s16000/image.png" /></a><br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div></span></span>
</span>
</li>
<li>
<span style="font-size: small; font-weight: normal;"><span><span>Select the code snippet, and copy it to your
clipboard</span></span>
</span>
</li>
<li>
<span style="font-size: small; font-weight: normal;">On line 5, paste in the code from Postman. Note: line 10 has your API key. This would have been provided in Postman, and obtained from your Workspace ONE UEM environment. Line 12 has Basic Header authentication, containing base64 encoded credentials. These credentials (user/pass) would have been provided in Postman previously, and converted to base64 in the code sample provided by Postman.<br /><br /><img alt="" data-original-height="451" data-original-width="822" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqrjr7AOjctyyJRQvQx_WmAanyUo2VDo6YvFI3hmhOo3sKJYakfWCt0R-1EgR6QljKlgHt2CKVmU3zPoZPwpLl9jvLN1MC3rbN_0PO4zBiD5TDPAvRfufxB8vIVDw8vPZlkEAXlCqiAymd/s16000/image.png" style="font-weight: 700; text-align: center;" /><br /><br /></span>
<div class="separator" style="clear: both; text-align: center;"></div>
</li>
<li>
<span style="font-size: small; font-weight: normal;">Right click on 'OkHttpClient on line 5, and click 'Show
Context Actions'<br /><br /></span><span style="font-size: small; font-weight: normal;"><img alt="" data-original-height="258" data-original-width="449" height="368" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqu8FxkY3iXv5K6YDUWcIyM9UAwdlak2klUvsNNqEUqcoDOHXtBPM0rzQJ_4GSvx8olxh6vQHjVTAiDoMUP2NjlItzYuyCu8wathVOKjmUe2yqCHWGsI7ZJt-mWe46HoKzylBtuGbJAZbT/w640-h368/image.png" style="text-align: center;" width="640" /></span>
</li>
<li>
<span style="font-size: small; font-weight: normal;">Click 'Add Maven dependency'. This will allow us to add the missing library.<br /><br /><img alt="" data-original-height="390" data-original-width="503" height="496" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhI07TWE1jtW62GoZU_x8srpoe8rldJsZDbpG3iLdl-5PtPhHy0yg4j9tcDbu1m9l3xI-MOYbwCuUnXnEMUnGrSWdE9WYrvq0yPcVgN0a4aBFHqRK9gAWO7jFrhpcq8JyVqcFXDGQfMjND7/w640-h496/image.png" style="text-align: center;" width="640" /><br /></span>
<span style="font-size: small; font-weight: normal;"><br /></span>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">In the new window that appears, make sure the
com.squareup.okhttp:okhttp:3.11.0 library is selected, and
click 'Add'<br /><br /><img alt="" data-original-height="673" data-original-width="926" height="466" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFy-ImwAZyGz5ISgMImy39X9qiW_gzTVVU3uIclwh5yeXlkXlSXDQIHOE8JwYR6E7yuMzSJ-lbuUBuNjbgExpeDTXUJ-zd2PsXCzs_iHhVuyVplB0O80I4TUua2-CzSannhVb4PfMBmCLy/w640-h466/image.png" style="text-align: center;" width="640" /><br /></span>
<span style="font-size: small; font-weight: normal;"><br /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">While nothing appears to have happened, the pom.xml file
was updated with the dependency. Note: this a particularly old version of OkHttp that was automatically added. You can use more recent versions such as 4.9.x. You can find samples from <a href="https://mvnrepository.com/artifact/com.squareup.okhttp3/okhttp" target="_blank">MvnRepository</a>.<br /><br /><img alt="" data-original-height="524" data-original-width="639" height="525" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGcWqvAH_jJ0VcIi5ILsLxL-5jj1tAluxS1ijGgrxae2xB17mOaaK7TQqbCV4dCz_yqagfMP0o-g-rREAp_6cTxp82W4wEvh5Z5COgwv5FrupzeouuGKx2o6OSeRtL3JC5fnfaFOu3lmRC/w640-h525/image.png" style="font-weight: 700; text-align: center;" width="640" /><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-weight: normal;"><br /><br /></span>
</div>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">The dependency has been added to the project, but not
imported in the class. To do this, right click on
OkHttpClient again, click 'Show Context Actions', and you
will be able to select 'Import Class'<br /><br /><img alt="" data-original-height="397" data-original-width="558" height="456" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRaKcEmViDzQIp9ElfSrRAAIQlZA7LpF2-kB-AoOnoDons7fkQo3p8gZQvGRE8IpxEuHJ4dn5kMWxTp999vZTE34LgANVSp3t0dTQnZdSMrtqSjuDjDgxm85s4Aor8f4IuprP-DPclEoMd/w640-h456/image.png" style="text-align: center;" width="640" /><br /></span>
<span style="font-size: small; font-weight: normal;"><br /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">This needs to be done two more times for Request and
Response<br /></span><br /><img alt="" data-original-height="42" data-original-width="487" height="35" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDRQ84v4y7-CCVOsx9K5wTDnqLIuWHC8tWazq-z0VL1oeBRVtvv_32nxCcKzcn31GJ-5AWfJNQ1fMeeke1aeK_klvQ0R_SM3DSkToJt6CpPW99kH9XU9TZkHbDpxand2IitAs51vzJqAcy/w400-h35/image.png" style="font-size: medium; font-weight: 400;" width="400" /><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipDZ6kl87tCZTEflcJclCBjzXlrS1U5KC7YMtRLM_DYQOMRUgDQJ76FTQbQCclT99bJ8jCj5D4FXaPbO40OfxxCZ9QZRfP-tKK-YAzFLR-xCccG4Pu3adR57atrkeBIkttm_AldT00Hbs6/" style="clear: left; display: inline; font-size: 18.72px; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="37" data-original-width="329" height="36" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipDZ6kl87tCZTEflcJclCBjzXlrS1U5KC7YMtRLM_DYQOMRUgDQJ76FTQbQCclT99bJ8jCj5D4FXaPbO40OfxxCZ9QZRfP-tKK-YAzFLR-xCccG4Pu3adR57atrkeBIkttm_AldT00Hbs6/" width="320" /></a><br /><br /></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-size: small; font-weight: normal;">Three lines have been added to the class, these import
statements allow you to use the OkHttp library in any
methods within the class<br /><img alt="" data-original-height="86" data-original-width="268" height="103" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIiE7Jibyty2Q9KZBusETqlDZ28vANDdMMa_uC3HlxotUcFxJYu7ROA2Drs9T3X9it9oUYthGdEFE8263QPa1s4Wvg2LnpyqG3xQW3Y5zT6Xh5z6axs4DVe-42mo5kfC3isnMtdKMwe7M5/" style="text-align: center;" width="320" /><br /></span>
<span style="font-size: small; font-weight: normal;"><br /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">To run the code, click 'Add Configuration' in the upper
right corner<br /><br /><img alt="" data-original-height="82" data-original-width="258" height="102" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj743nmQRoI7YrbJX4xJ697FBAcsEjC0hv7mGDkd99e805Jd6MfUd7tn3iO0r7zMFRDsXNX9EOi0Z6E__NrwHzvKSuX9zDMtrB5sWyHTkMlsyiP4lxJJ2prFxievgOBdhfxRAXEwgKYou6b/" style="text-align: center;" width="320" /><br /></span>
<span style="font-size: small; font-weight: normal;"><br /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="clear: left; float: left; font-size: small; font-weight: normal; margin-bottom: 1em; margin-right: 1em;">In the new window that appears, click the + symbol in the
upper left corner, followed by 'Application'<br /><br /><img alt="" data-original-height="341" data-original-width="726" height="301" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiivu-J3pjXXYNkXvUyVLH8JhiRlUsUK1DxdkF6BE2Gnw42U-cm0VD5r6-YtEjBoGocWpZFCS_sfVnCPHpf5J8YBY14Iw-kfmVwdzmcpJ29O8Z03Hq6htbvEUSaY982UDXOGIOrPPoUZghT/w640-h301/image.png" style="text-align: center;" width="640" /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">Name the configuration 'main'<br /><br /></span><img alt="" data-original-height="193" data-original-width="818" height="152" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5FsTZhDVk07jRBQQVslwH8ks4-YpjP6gvMmX66WXif8DNhiwH7YXtaijQZwEAdPO1WPTAY9aEMTKpY7TY1US2e4NYb6xhte8zU9dZg_BJeVUmwGnp2bxsJKMCYD6_XoyydjAaXGoVMYNL/w640-h152/image.png" style="font-size: medium; text-align: center;" width="640" />
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: small; font-weight: normal;">Select the little box within the box that says 'Main
class'<br /><br /></span>
<div class="separator" style="clear: both; text-align: left;">
<span style="clear: left; float: left; font-size: small; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="158" data-original-width="711" height="142" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpAv08UnysbN9cCPt_qkAxh9Va2CL_1m6Ggrkea626MzQTmGN1gvmBTCIogrUF8eGjnqI90Ol26B7druKQIczbo2tBKXafQZmY9nZg0ksSp5csIH3xM9aB-g_ZE_lqhVAnOmR1NufutqAH/w640-h142/image.png" width="640" /></span>
</div>
<span style="font-size: small; font-weight: normal;"><br /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: center;">
<div style="text-align: left;">
<span style="font-size: small; font-weight: normal;">If the class is highlighted, click 'OK'<br /><br /></span>
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="clear: left; float: left; font-size: small; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="411" data-original-width="530" height="498" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgB1v5intAukakH2OsuMpUTebyQVTVx7EbyQfKuMh97XrjlxiIA-46FF8svdjvxg__RMTwRlMywisbT5XBM79q58dhXazi-zXwiS1C5jc3w-dM4oF2PEgrud2iEkA6M0i6ynI0tWUMQQ2L5/w640-h498/image.png" width="640" /></span>
</div>
<div style="text-align: left;">
<span style="font-size: small; font-weight: normal;"><br /></span>
</div>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: center;">
<div class="separator" style="clear: both; text-align: center;">
<div style="text-align: left;">
<span style="clear: left; float: left; font-size: medium; font-weight: normal; margin-bottom: 1em; margin-right: 1em;">Click 'OK' again<br /><img alt="" data-original-height="667" data-original-width="1042" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyXatCGESNbDJW_BGGQ_YPnExhRZGobb7xwaR-RnuKWdivG7fL9qRtJxxIU4TB0wFYcNA5H9Sy-kpGBWycTDsMAfsd9pbV4VeHjubI3QLuzzt2YEJxv59DkQT0wP2X0DTjM4cmRN72PHBy/s16000/image.png" style="font-size: 18.72px; text-align: center;" /></span>
</div>
</div>
<div style="text-align: left;"></div>
<div style="text-align: left;">
<span style="font-size: small; font-weight: normal;"><br /></span>
</div>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">In the upper right corner of the IDE, you will notice some
buttons appear. These are the run, debug, and run with code
coverage buttons </span>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjX-ownlh69raF-BtcVjnSel_YFgWABEgcvtLRALXx6ikpjuDrAydSaNX3HoNFeLOlX_uUH4MmeTCiClRYzoOzSpod14lXF961DysUWgTCH7KBsDNCNi8udqGs2n5dwayDRKaFPIIld6qS-/" style="clear: left; float: left; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="102" data-original-width="388" height="105" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjX-ownlh69raF-BtcVjnSel_YFgWABEgcvtLRALXx6ikpjuDrAydSaNX3HoNFeLOlX_uUH4MmeTCiClRYzoOzSpod14lXF961DysUWgTCH7KBsDNCNi8udqGs2n5dwayDRKaFPIIld6qS-/w400-h105/image.png" width="400" /></a>
</div>
<span style="font-weight: normal;"><br /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: center;">
<div style="text-align: left;">
<span style="font-weight: normal;">Hover over the red line on line 18. Notice we have an
unhandled exception. Java is a compiled language, and to
compile the project, you will need to handle this
exception. </span>
</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJFHpSepSlKNi4OKREF9P7CeEjJmYCxmGxMa22SLqSt-SgA0zUkqQyUK85MkBcCqfwMsIWGrUm3fgUGo9tqjDkdRScrfWPGXHqDRgdJqwv4Hxc6C35Ebx-XJWuBxJ-H_DEXcI0XfM_WMJJ/" style="clear: left; float: left; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="225" data-original-width="866" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJFHpSepSlKNi4OKREF9P7CeEjJmYCxmGxMa22SLqSt-SgA0zUkqQyUK85MkBcCqfwMsIWGrUm3fgUGo9tqjDkdRScrfWPGXHqDRgdJqwv4Hxc6C35Ebx-XJWuBxJ-H_DEXcI0XfM_WMJJ/w640-h166/image.png" width="640" /></a><br /><br />
</div>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: center;">
<div style="text-align: left;">
<span style="font-weight: normal;">Right click on execute (with the red underline on line
18)<br /><br /></span>
</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpP44yNlqDTRgKCbBiauWf-IfxhyphenhyphenetFmXBVamsjoZ9eN90Y4htzARLm_UWDTcbEhdoiedOdupk51mlYdb-5HaVcSgA0qLu74eZXA6dcx6lNcPy9KD9B7J8mePySqNAxpcfvjTXhOywg0En/" style="clear: left; float: left; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="211" data-original-width="790" height="170" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpP44yNlqDTRgKCbBiauWf-IfxhyphenhyphenetFmXBVamsjoZ9eN90Y4htzARLm_UWDTcbEhdoiedOdupk51mlYdb-5HaVcSgA0qLu74eZXA6dcx6lNcPy9KD9B7J8mePySqNAxpcfvjTXhOywg0En/w640-h170/image.png" width="640" /></a>
</div>
<div style="text-align: left;">
<span style="font-weight: normal;"><br /></span>
</div>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">Two options are presented. The better choice for us will be
to 'Surround with try/catch', and we will click this</span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: center;">
<div style="text-align: left;">
<span style="font-weight: normal;">A try/catch block was automatically generated for
you. <br /><br /></span>
</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOgNwgZVORe01_zG-0XrQXusr-8am_P0D1mI7VlhOXr6mggwXYc0x-CXfP-yuulCZHLYJNaJnlMrvRLlHE5jz8OWxT5f55VeF-pABepna-WO274QeHddWhnldriWJOxW0lND85IFVvcD4I/" style="clear: left; float: left; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="170" data-original-width="606" height="181" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOgNwgZVORe01_zG-0XrQXusr-8am_P0D1mI7VlhOXr6mggwXYc0x-CXfP-yuulCZHLYJNaJnlMrvRLlHE5jz8OWxT5f55VeF-pABepna-WO274QeHddWhnldriWJOxW0lND85IFVvcD4I/w640-h181/image.png" width="640" /></a>
</div>
<div style="text-align: left;">
<span style="font-weight: normal;"><br /></span>
</div>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">After line 24, hit the return key, and type<br />sout</span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">Hit tab, and IntelliJ will auto-generate
System.out.println</span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">Within the parenthesis, type "Workspace ONE UEM REST API
Response:" + response<br />(note: don't forget, Java statements need to be ended with a semicolon</span></div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">The response variable is no longer in scope now, to correct
this, right click on response on line 25, and click ''Bring
response' into scope'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLNPvfWsULRxWDy-FMSzxk5rVFt7VLWqW-C_zVvWz-u9ysiXKiraiI925P3gZGXla_8CXZE3SXqExa4BGGYbSyzp_d6I-BtIrFMKkz34Xwk9YFqocob20nbjgQxgsA8sMDeSG_YnJwjT9P/" style="font-size: 18.72px; margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="187" data-original-width="390" height="153" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLNPvfWsULRxWDy-FMSzxk5rVFt7VLWqW-C_zVvWz-u9ysiXKiraiI925P3gZGXla_8CXZE3SXqExa4BGGYbSyzp_d6I-BtIrFMKkz34Xwk9YFqocob20nbjgQxgsA8sMDeSG_YnJwjT9P/" width="320" /></a><br /></span>
<span style="font-weight: normal;"><br /></span>
</div>
</li>
<li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">The response variable is instantiated before the try/catch
block. This allows the contents of the variable to be
referenced outside of the try/catch block, like we are
trying to do in the System.out.println statement</span>
</div>
</li>
</ol>
<div style="text-align: center;">
<span style="font-weight: normal;"><br /></span>
</div>
<div style="text-align: left;">
<span style="font-weight: normal;">Now, the code is ready to be ran. We can add a breakpoint on
line 26, and click the little green debug to have the code stop executing at the breakpoint. When the code hits the breakpoint, the debugger will appear, and allow
you to see the contents of the currently instantiated
variables.</span>
</div>
<div style="text-align: left;">
<span style="font-weight: normal;"><br /></span>
</div>
<div style="text-align: left;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibOH947XPDMfxE5-q3nkR7Imi4fKZZgc0khs-kfsVcRpKwz1LXEqiGhdwYlSU8R-dakTQYY38PuUpYpA_oMbTn1Dgr03ApN3ikhsxUukoQM-0e87zNnON2sBQEovQUDCEIQTzIESwKRvwy/" style="font-weight: normal; margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="717" data-original-width="1562" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibOH947XPDMfxE5-q3nkR7Imi4fKZZgc0khs-kfsVcRpKwz1LXEqiGhdwYlSU8R-dakTQYY38PuUpYpA_oMbTn1Dgr03ApN3ikhsxUukoQM-0e87zNnON2sBQEovQUDCEIQTzIESwKRvwy/s16000/image.png" /></a>
</div>
<span style="font-weight: normal;"><br />In the HTTP Response, there is a body containing all of
the data. If you wish to see this data, just to spotcheck your
response you can evaluate the expression by clicking the little
calculator in 'Debugger'</span>
</div>
<div style="text-align: left;">
<span style="font-weight: normal;"><br /></span>
</div>
<div style="text-align: left;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRcA8TkK7lbp8LUmjw66Q9Pjt77invK_bQAkG2HuECxB_G-4nU0XEPiIdwG9RYXdADfEPW9laUczsYbQk27CD7iDpilnKB0aeLYi7TEKHpiY0p-O6nlCE6xiQD0M14iK9O3QJ4ahCAqUJ7/" style="clear: left; float: left; font-weight: normal; margin-bottom: 1em; margin-right: 1em;"><img alt="" data-original-height="100" data-original-width="421" height="76" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRcA8TkK7lbp8LUmjw66Q9Pjt77invK_bQAkG2HuECxB_G-4nU0XEPiIdwG9RYXdADfEPW9laUczsYbQk27CD7iDpilnKB0aeLYi7TEKHpiY0p-O6nlCE6xiQD0M14iK9O3QJ4ahCAqUJ7/" width="320" /></a>
</div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-weight: normal;"><br /></span>
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;">In the new window that appears, just type:<br /><br />response.body().string(); <br /><br /></span>
</div>
<span style="font-weight: normal;">Then click 'Evaluate', and you will will see the results from
the REST API response<br /><br /></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrV5qDILRZiBBG1EihJK0AKpc8LBenNLfvGHJ3v60rRTJcP73fIDXdZoVHdpPmPxB-bviufFEv4bFFFveQxxaJyGj_QduSEP-bHPwIelPBZ83LGnA8jo4L8IaWQgvpraW0Cu82BB7QuipJ/" style="font-weight: normal; margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="820" data-original-width="761" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrV5qDILRZiBBG1EihJK0AKpc8LBenNLfvGHJ3v60rRTJcP73fIDXdZoVHdpPmPxB-bviufFEv4bFFFveQxxaJyGj_QduSEP-bHPwIelPBZ83LGnA8jo4L8IaWQgvpraW0Cu82BB7QuipJ/s16000/image.png" /></a>
</div>
<div class="separator" style="clear: both; text-align: center;">
<br />
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;"><span style="font-size: small;">Below is a Gist example of the code you would be expected
to implement. Lines 14, 16 and 18 would need to be updated
with the API key, base64 encoded credentials, and REST API
URL. </span></span>
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: normal;"><span style="font-size: small;"><br /></span></span>
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-weight: 400;"><span style="font-size: small;">While this is not meant to demonstrate a solution to a
particular problem or business need; this exercise allowed
you to familiarize yourself with the IntelliJ IDE, start
using a build tool like Maven to manage dependencies,
leverage Square's OkHttp Java library, and ultimately perform a
HTTP Request against a Workspace ONE UEM API endpoint. For those newer to Java, and working with Workspace ONE UEM API's, this will serve as a good introduction.</span></span></div>
<div style="text-align: left;">
<span style="font-weight: normal;"><br /></span>
</div>
<script src="https://gist.github.com/HawaiiRyan/4396572e8e76dc02c70e1c5c4b7dafe0.js"></script>
<span style="font-weight: normal;"><br /></span><br /><br />
</div>
</h3>
</div>
</div>
</div>
<div>
<span style="font-family: verdana; font-size: medium;"><br /></span></div></span>
</div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Princeville, HI, USA22.2236111 -159.485277822.096483604938285 -159.62260690156251 22.350738595061713 -159.34794869843751tag:blogger.com,1999:blog-3792012736265800115.post-35350652469287567042021-08-01T14:41:00.000-04:002021-08-01T14:41:04.124-04:00How to proxy your Workspace ONE UEM traffic to Fiddler, and retrieve the Android Enterprise access token<span style="font-family: verdana;">Workspace ONE allows you to present the exact user experience your use case requires. One of the things that Workspace ONE UEM does a great job with is interacting with various API's across all the major operating systems. There can be times when you might wish to interact with those API's directly. Some examples of the types of API's that could be helpful would include: Google's <a href="https://developers.google.com/android/work/play/emm-api" target="_blank">Play EMM API</a> or the <a href="https://developers.google.com/android/management" target="_blank">Android Management API</a>.<br /><br /><div style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4RAsHVDNuWA3nSii0J4UnyF7MRv2g8JyhH5PtqqHl_vhM7Qr7m1ec2k55BmRiV4YNjuviqlMBoDnR6y3zskARi48OJ734sLk8vy27nYzF6mFM1vMBHHsKZgNqQouSsJXdSvN-rUdSXSmN/"><img alt="" data-original-height="1536" data-original-width="2048" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4RAsHVDNuWA3nSii0J4UnyF7MRv2g8JyhH5PtqqHl_vhM7Qr7m1ec2k55BmRiV4YNjuviqlMBoDnR6y3zskARi48OJ734sLk8vy27nYzF6mFM1vMBHHsKZgNqQouSsJXdSvN-rUdSXSmN/w640-h480/IMG_1714.jpeg" width="640" /></a></div><br /></span><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">A scenario where this could be useful is when you want to retrieve a set of data that isn't currently captured by Workspace ONE UEM. If there is something you wish Workspace ONE captured, don't hesitate to submit a <a href="https://wsone.ideas.aha.io/" target="_blank">Feature Request</a> on the crowdsourced portal. In the meantime, this blog will cover how to update the access token used with Android Enterprise, and how to retrieve the access token with Fiddler. </span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Configure on-premise environment to proxy traffic:</span></div><div><ol style="text-align: left;"><li><span style="font-family: verdana;">Open Fiddler, and make sure it is capturing traffic. For reference on how to configure Fiddler and Microsoft Windows to proxy traffic see below;<br /><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjR1V4mZRvvc00tkeK9YkdJy7E5IowJ2MExYorDoVa7tFXyQPvRVYHWOthDsFalDGfR8kplHXoc8bvE2Hegf63s7CMyusC_dtJABTh0OrbPJq5W54_t87iVRxoHecWUT-qaJzQhoJsnTId/" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="758" data-original-width="421" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjR1V4mZRvvc00tkeK9YkdJy7E5IowJ2MExYorDoVa7tFXyQPvRVYHWOthDsFalDGfR8kplHXoc8bvE2Hegf63s7CMyusC_dtJABTh0OrbPJq5W54_t87iVRxoHecWUT-qaJzQhoJsnTId/w355-h640/Screen+Shot+2021-07-30+at+12.00.11+PM.png" width="355" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">Set Internet Options to proxy traffic back to 127.0.0.1 and the port Fiddler is listening on.<br /><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUZAmDhT2wpKsTzZWOebUvzNaCAzCIe5bDh6W_8fG49UFGvuLsSgxb1IEab-p2GE8704C0lS_KjHKO8zfOyByNJ5QMJEn-I7smLa567UyFWDYBKNIYXBQHoxNw5B4mKw6zyn3UW-94ONGi/" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="384" data-original-width="575" height="268" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUZAmDhT2wpKsTzZWOebUvzNaCAzCIe5bDh6W_8fG49UFGvuLsSgxb1IEab-p2GE8704C0lS_KjHKO8zfOyByNJ5QMJEn-I7smLa567UyFWDYBKNIYXBQHoxNw5B4mKw6zyn3UW-94ONGi/w400-h268/Screen+Shot+2021-07-30+at+11.59.26+AM.png" width="400" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;">Fiddler is set to listen on the same port used in Internet Options<br /><br /></td></tr></tbody></table></td></tr></tbody></table><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDbZL1JdxK-s1LNNuZYUias9EZARj3zhIjAJDgvfjST6ftFUYR1m8HXwHRBmQwcdFqpDxyzx92URwm2rJZZ_MzJGL56rLSpF1GKc17WOSoWzwlaP8QGha6lw2-7u49jw8_TzTdBN6J_MdL/" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="407" data-original-width="579" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDbZL1JdxK-s1LNNuZYUias9EZARj3zhIjAJDgvfjST6ftFUYR1m8HXwHRBmQwcdFqpDxyzx92URwm2rJZZ_MzJGL56rLSpF1GKc17WOSoWzwlaP8QGha6lw2-7u49jw8_TzTdBN6J_MdL/w400-h281/Screen+Shot+2021-07-30+at+11.57.50+AM.png" width="400" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="text-align: left;">Ensure Fiddler is capturing HTTPS traffic, ignoring certificate errors, listening for ssl2, ssl3, tls1.0, tls1.1, and tls1.2 traffic. <br /><br /></span></td></tr></tbody></table></span></li><li><span style="font-family: verdana;">Login to Workspace ONE UEM console<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6oLZQ9Ed_ukR_bH5fxTGBvn3lx9m94zSFoNxXR1NCJ9PwFeKUz1jp-j3sJ_UGYOotokqWM845mufETpII5MoURAiI_lfSzn_cPz28hR176QMlYEA_FDhp3GVr3A0b_WxU7cRZweyKg4sw/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="1120" data-original-width="2048" height="350" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6oLZQ9Ed_ukR_bH5fxTGBvn3lx9m94zSFoNxXR1NCJ9PwFeKUz1jp-j3sJ_UGYOotokqWM845mufETpII5MoURAiI_lfSzn_cPz28hR176QMlYEA_FDhp3GVr3A0b_WxU7cRZweyKg4sw/w640-h350/Screen+Shot+2020-04-18+at+3.54.06+PM.png" width="640" /></a><br /><br /></span></li><li><span style="font-family: verdana;"><div class="separator" style="clear: both; text-align: left;">Navigate to Groups & Settings -> All Settings -> Installation -> Proxy<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyaUSiyPRSM2uutIOjBc_j76qHz7qfLN2n7cPBtW6_YRTbJlO4o56Ec5Vf4p8Ujho89s3KpUjeX5v0tlwhp6A5YB10UCsw7UkCu3eXCyrkQEXzVnSd9vOBofJB_w62FLQkQybZvsNZs_Vr/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="1281" data-original-width="1371" height="598" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyaUSiyPRSM2uutIOjBc_j76qHz7qfLN2n7cPBtW6_YRTbJlO4o56Ec5Vf4p8Ujho89s3KpUjeX5v0tlwhp6A5YB10UCsw7UkCu3eXCyrkQEXzVnSd9vOBofJB_w62FLQkQybZvsNZs_Vr/w640-h598/Screen+Shot+2021-07-23+at+9.19.38+AM.png" width="640" /></a><br /><br /></div></span></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">Configure the SOCKS5 Proxy Settings, Console Proxy Settings, and Device Services Proxy Settings to use your Fiddler proxy</span></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">Click 'Save'</span></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">Open Microsoft Windows Services (services.msc); restart IIS and the AirWatch Messaging Service</span></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">All Set! Workspace ONE UEM traffic will now be visible in Fiddler</span></div></li></ol><div><span style="font-family: verdana;"><br /></span></div></div><div><span style="font-family: verdana;">At this point, you can begin using Fiddler to inspect traffic. I had a particular scenario where I needed to interact with the Google Play EMM API, so I will now cover how to renew the access token with Workspace ONE UEM.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Update Google EMM API access token<br /></span><ol><li><span style="font-family: verdana;">Login to Workspace ONE UEM console<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6oLZQ9Ed_ukR_bH5fxTGBvn3lx9m94zSFoNxXR1NCJ9PwFeKUz1jp-j3sJ_UGYOotokqWM845mufETpII5MoURAiI_lfSzn_cPz28hR176QMlYEA_FDhp3GVr3A0b_WxU7cRZweyKg4sw/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="1120" data-original-width="2048" height="219" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6oLZQ9Ed_ukR_bH5fxTGBvn3lx9m94zSFoNxXR1NCJ9PwFeKUz1jp-j3sJ_UGYOotokqWM845mufETpII5MoURAiI_lfSzn_cPz28hR176QMlYEA_FDhp3GVr3A0b_WxU7cRZweyKg4sw/w400-h219/Screen+Shot+2020-04-18+at+3.54.06+PM.png" width="400" /></a><br /><br /></span></li><li><span style="font-family: verdana;"><div class="separator" style="clear: both;">Navigate to Apps & Books -> Native -> Public and click 'Add Application'</div></span></li><li><div class="separator" style="clear: both;"><span style="font-family: verdana;">Click the dropdown and select 'Android', followed by 'Import from Play'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNyAu6Rj4wQHYnZFWQl4sBDUq_T2Cwx_4Yf_YdlMxNQWrW6C_P-QkfIRpkTizZgBQOCR_3KxuSnnFHN9xQD0uJB6iIwcYbntghHOU2ei9kS9AP1uogDO_uk1oV5k8xojhU_HW4wBynjaXJ/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="571" data-original-width="1185" height="193" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNyAu6Rj4wQHYnZFWQl4sBDUq_T2Cwx_4Yf_YdlMxNQWrW6C_P-QkfIRpkTizZgBQOCR_3KxuSnnFHN9xQD0uJB6iIwcYbntghHOU2ei9kS9AP1uogDO_uk1oV5k8xojhU_HW4wBynjaXJ/w400-h193/Screen+Shot+2021-07-23+at+9.18.56+AM.png" width="400" /></a><br /><br /></span></div></li><li><div class="separator" style="clear: both;"><span style="font-family: verdana;">In the next screen that appears, click cancel.<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEini9sF1ai7-CAvwL7_P1zSkcwHQvwHV2J6XTDs1mqd-Stab0AneoCxSY_1B0bXZQ6KJ8e8NsvGWqwP3jS1Im_4v4e2O88oxYSK-Eisg7V_rEbHOTVZ6KlThXEYZoykt_u6QBjWXPqGfUW9/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="498" data-original-width="815" height="196" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEini9sF1ai7-CAvwL7_P1zSkcwHQvwHV2J6XTDs1mqd-Stab0AneoCxSY_1B0bXZQ6KJ8e8NsvGWqwP3jS1Im_4v4e2O88oxYSK-Eisg7V_rEbHOTVZ6KlThXEYZoykt_u6QBjWXPqGfUW9/" width="320" /></a><br /><br /></span></div></li><li><div class="separator" style="clear: both;"><span style="font-family: verdana;">If you had Fiddler open, take a look at some of the events. What we see here is Workspace ONE UEM reach out to Google to get groupLicenses about the EMM account. Google returns a 401 unauthorized response. Workspace ONE UEM fetches a new OAuth token. Then attempts to get the groupLicenses once again.<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDXxJ2NZ4_uCaplC9z4uqIU549XPdkrkyN7bcFHWDPVvWWKRndyWlPT3koE8Ku9XHX-f1IL2TdI7QAqYcjxP9q4N0epmzeKSqQWyGVF1Kes1SS6pBTKwXnvWbZDrgJHzP7EYM83G4Uzy98/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="174" data-original-width="768" height="146" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDXxJ2NZ4_uCaplC9z4uqIU549XPdkrkyN7bcFHWDPVvWWKRndyWlPT3koE8Ku9XHX-f1IL2TdI7QAqYcjxP9q4N0epmzeKSqQWyGVF1Kes1SS6pBTKwXnvWbZDrgJHzP7EYM83G4Uzy98/w640-h146/Screen+Shot+2021-07-23+at+9.20.24+AM.png" width="640" /></a><br /><br /></span></div></li><li><div class="separator" style="clear: both;"><span style="font-family: verdana;"> Click on the event with the OAuth token. Then on the lower-right side of FIddler, you can view the response by clicking on 'TextView'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQuWmtYga1S2M4J5VAwsF6FQIgKL35vMxkHnrq1h0Pa4NtxglaFZpbS8X_e4ADLKX43K3_WB45ZFX1Wosm6twkL0UW0ZCpUsXp0U7T6avzIXytg97u5MwxjvYevwFlXw3pcJiBaEdEXBDt/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="757" data-original-width="1653" height="294" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQuWmtYga1S2M4J5VAwsF6FQIgKL35vMxkHnrq1h0Pa4NtxglaFZpbS8X_e4ADLKX43K3_WB45ZFX1Wosm6twkL0UW0ZCpUsXp0U7T6avzIXytg97u5MwxjvYevwFlXw3pcJiBaEdEXBDt/w640-h294/Screen+Shot+2021-07-23+at+9.21.07+AM.png" width="640" /></a><br /><br /></span></div></li><li><div class="separator" style="clear: both;"><span style="font-family: verdana;"> There it is, the updated OAuth access token. This a short-lived access token, that will allow you to interact with the EMM API's. The number 3599 indicates the token will expire in 59 minutes and 59 seconds.<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfqw8cpb3FCSI18sw6A1c98Si26xG6DNBWkzU7UOb2kPj0ynRsJgUQWAqTtIOE22t6F13MK3iDSVcH4z3ZYaSRpLaWjiy2tPqGq1A9nVLbq0RDyiidLWD67bja81Rm5WXV4cGpSgPLaWKl/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="215" data-original-width="833" height="104" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfqw8cpb3FCSI18sw6A1c98Si26xG6DNBWkzU7UOb2kPj0ynRsJgUQWAqTtIOE22t6F13MK3iDSVcH4z3ZYaSRpLaWjiy2tPqGq1A9nVLbq0RDyiidLWD67bja81Rm5WXV4cGpSgPLaWKl/w400-h104/Screen+Shot+2021-07-23+at+9.21.18+AM.png" width="400" /></a></span></div></li></ol><div><span style="font-family: verdana;"><br /></span></div></div><div><span style="font-family: verdana;">Don't forget to reset your proxy settings in the Workspace ONE UEM console and Windows Internet Options before closing Fiddler. If the settings are not reverted, and Fiddler is closed; the console will be unable to proxy traffic to Fiddler. This will result in odd behavior such as the management console failing to load.</span></div><div><span style="font-family: verdana;"><br /></span></div>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Kōkeʻe State Park, Hanapepe, HI 96716, USA22.1395756 -159.639393-6.1706582361788449 165.204357 50.449809436178846 -124.48314300000001tag:blogger.com,1999:blog-3792012736265800115.post-82750363207706268452021-02-12T13:31:00.002-05:002021-03-04T12:28:37.862-05:00Remote Debugging Chrome & SameSite cookies with Chrome DevTools<p><span style="font-family: verdana;">When developing and delivering use-cases for Android or iOS devices, remotely debugging and inspecting how content is rendered in Google Chrome can be challenging. In the last few years, Chrome introduced a very useful feature that allows remote debugging. This functionality became infinitely useful when working on a use case that leverages cookies in a third-party context. In this blog post, we'll cover why cookies can be a headache (for all platforms), and how Chrome DevTools can be used to isolate issues on mobile devices.</span></p><p><b><span style="font-family: verdana;">Requirements:</span></b></p><p></p><ul style="text-align: left;"><li><span style="font-family: verdana;">Android OS with Developer Options enabled</span></li><ul><li><span style="font-family: verdana;">USB Debugging enabled</span></li></ul><li><span style="font-family: verdana;">USB-C Cable</span></li><ul><li><span style="font-family: verdana;">To connect Android device to macOS / Windows device</span></li></ul><li><span style="font-family: verdana;">Google Chrome (mobile)</span></li><li><span style="font-family: verdana;">Google Chrome (macOS / Windows device)<br /><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHEc4kZowE-zIs77sUVk_00pWjC2eXcHt-bS7tVP92Or3oaHn8YToWrlr0GNTPBYY2fv5OUsZj-PqL5tMkniLO5DLSOUXxyc1MEM_SFzS2m8E83_2p9jTMvnhxRO4rFrhgwu1NWt_ZI-pW/" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="1024" data-original-width="3072" height="452" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHEc4kZowE-zIs77sUVk_00pWjC2eXcHt-bS7tVP92Or3oaHn8YToWrlr0GNTPBYY2fv5OUsZj-PqL5tMkniLO5DLSOUXxyc1MEM_SFzS2m8E83_2p9jTMvnhxRO4rFrhgwu1NWt_ZI-pW/w1353-h452/IMG_t3tvdj.jpg" width="1353" /></a></div><br /><br /></span></li></ul><div><span style="font-family: verdana;"><br /></span></div><div><b><span style="font-family: verdana;">Context:</span></b></div><div><span style="font-family: verdana;">A use case I am involved in hosts content internally on a private cloud using <a href="https://tanzu.vmware.com/tanzu" target="_blank">VMware Tanzu</a> (formerly Pivotal Cloud Foundry). This private cloud has its own unique domain. So while the user might be authenticating and viewing content on www.myLearning.WS1inHawaii.com, the video content displayed in an iFrame would be streaming from a different domain, like www.cdn.myHawaiiCloud.net. </span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Sounds neat, right? We save on public cloud data egress costs by hosting the video content on our private cloud. Then to provide the responsive web-site for users, we host it on a provider that is more performant across all geographies - like CloudFlare or Amazon Web Services. </span></div><div><span style="font-family: verdana;"><br /></span></div><div><b><span style="font-family: verdana;">The Problem</span></b></div><div><span style="font-family: verdana;">Each cookie issued by a service has a key/value pair that identifies how the cookie can be used. There are first party cookies, and third party cookies. In 2020, Google and Apple (and all browsers based on <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite" target="_blank">Chromium and Webkit</a>) introduced a secure by default model for cookies used in a 3rd party context. This secure by default model protects 3rd party cookies from external access <b>unless </b>otherwise specified in the 'SameSite' key/value pair.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">What this meant for the business is content in an iFrame would suddenly not render. On Chrome version 80 and above, all cookies without SameSite attributes will be treated as if they have 'SameSite=lax' specified. With this secure by default model, if the SameSite attribute value is set to 'lax' and is from a 3rd party, it will be blocked. When the 3rd party cookie is blocked, it will cause content from that 3rd party to not render. </span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">In our case, the 3rd party service internally developed did not <a href="https://docs.spring.io/spring-session/docs/current/reference/html5/guides/java-custom-cookie.html" target="_blank">serialize</a> cookies with the SameSite value set. This impacted iOS, macOS, Android and Windows devices, but only devices that had newer browsers. </span></div><div><br /></div><div><span style="font-family: verdana;">It is important to note that we needed a permanent, secure, solution that works on all platforms. Google has settings <b><a href="https://www.chromium.org/administrators/policy-list-3/cookie-legacy-samesite-policies" target="_blank">temporarily</a></b> available to exempt cookies from this new secure by default model. These settings are scheduled to be deprecated in late 2021 / 2022. Enabling these would be considered less secure, as it introduces a <a href="https://www.netsparker.com/blog/web-security/same-site-cookie-attribute-prevent-cross-site-request-forgery/" target="_blank">cross site request forgery</a> attack vector. In addition, these settings are not available on all platforms (iOS is currently <a href="https://cloud.google.com/docs/chrome-enterprise/policies/?policy=LegacySameSiteCookieBehaviorEnabled" target="_blank">excluded</a>). In our use case, the most secure solution will come by introducing a CNAME DNS record that points to our A record for the CDN hosted on Tanzu. The next most secure solution would be to serialize the cookie with the SameSite values specified as:<br /><br />'SameSite=None; Secure'</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">Finally the least secure option would be to use <a href="https://www.vmware.com/products/workspace-one.html" target="_blank">Workspace ONE</a> to introduce a client side fix with Chrome, which would allow cookies to be sent with all cross-site requests. Since this service was developed on a wrapper over <a href="https://spring.io/projects/spring-boot" target="_blank">Spring Boot</a> (a popular Java framework), the codebase could be updated to <a href="https://docs.spring.io/spring-session/docs/current/reference/html5/guides/java-custom-cookie.html" target="_blank">serialize</a> the cookies with the SameSite attribute set. This ultimately solved the issue on all platforms and browsers. <br /></span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">So how do you even know if something like this is impacting you, especially on a mobile device? </span><span style="font-family: verdana;">Remote Debugging with Chrome, that's</span><span style="font-family: verdana;"> how.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;"><br /></span></div><div><b><span style="font-family: verdana;">Remote Debugging Chrome Mobile on Android with Chrome DevTools</span></b></div><div><ol style="text-align: left;"><li><span style="font-family: verdana;">On the Android device, enable Developer options</span></li><li><span style="font-family: verdana;">Enable USB Debugging in Developer options</span></li><li><span style="font-family: verdana;">Connect the Android device to your macOS / Windows host</span></li><li><span style="font-family: verdana;">Open Chrome on the Android device</span></li><li><span style="font-family: verdana;">Open Chrome on the macOS / Windows host</span></li><li><span style="font-family: verdana;">On the macOS / Windows host, navigate to the URL:<br /><b>chrome://inspect/#devices</b></span></li><li><span style="font-family: verdana;">On the macOS / Windows host, you should see something like this:<br /></span><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUok75iS-sC-N6vJ3RsF750jMQqy7OqhoY2lPQJKKo13jZ1uHn61JSaOaKXJRHMvlsPhABOF0FvcEXmZnaQS5OR1n2KgWyRSu7IACA1iO-XnBBSq1Z81CqrW2HtZbYaDwu4eVBLzpTJCuV/" style="margin-left: auto; margin-right: auto;"><span style="font-family: verdana;"><img alt="" data-original-height="707" data-original-width="1129" height="413" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhUok75iS-sC-N6vJ3RsF750jMQqy7OqhoY2lPQJKKo13jZ1uHn61JSaOaKXJRHMvlsPhABOF0FvcEXmZnaQS5OR1n2KgWyRSu7IACA1iO-XnBBSq1Z81CqrW2HtZbYaDwu4eVBLzpTJCuV/w661-h413/01.png" width="661" /></span></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="font-family: verdana;">The SM-T830 device has developer options enabled, and Chrome open. On the mobile device, every Chrome tab, including Chrome custom tabs, will be displayed here.</span></td></tr></tbody></table><div class="separator" style="clear: both; text-align: center;"><span style="font-family: verdana;"><br /><br /></span></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">Click inspect on the mobile site browser tab that you wish to inspect</span></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">On the mobile device, navigate to the website that fails to render content<br /></span><ul><li><span style="font-family: verdana;">If the web browser is newer than Chrome 80, open the Google Play store and uninstall the Chrome browser. While you cannot uninstall the browser, you can downgrade the browser to the version shipped with the device. The screenshot you see below will only display on Chrome browser versions 79 or lower. </span></li></ul></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">Click the 'Console' tab in Chrome DevTools. If you see references to a cross-site resource with SameSite cookies attributes properly set; the cookies serialized by the service are not sent with the values;<br />'SameSite=none; Secure' <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUbs-pYfy1u1JjfyDwZ2GFjZjdFHhxrT2AhMAnCxjubEbF43PstlO4t-3gfhP-8MajMuE48UxxC7G_fe-x7BZMqh4sUXWrwyWNR1T_N528bdB7W2cp3FWQmb8cWpXcSlO2BUZBBCNAQGr1/" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img data-original-height="983" data-original-width="1660" height="617" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUbs-pYfy1u1JjfyDwZ2GFjZjdFHhxrT2AhMAnCxjubEbF43PstlO4t-3gfhP-8MajMuE48UxxC7G_fe-x7BZMqh4sUXWrwyWNR1T_N528bdB7W2cp3FWQmb8cWpXcSlO2BUZBBCNAQGr1/w1046-h617/02.png" width="1046" /></a><br /><br /></span></div></li><li><div class="separator" style="clear: both; text-align: left;"><span style="font-family: verdana;">To see the cookie key/value data, click 'Network', followed by 'Cookies'. Make sure 'show filtered out request cookies' is checked, in addition to 'Has blocked cookies'<br /><br /></span><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><img alt="" data-original-height="968" data-original-width="1654" height="608" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLu5tNukd9JAQ2a54RKXlcfITanCbBItZThromnDRdhypWqZqHqexDC3ih2L5Vb9kkZaf_oPE8zQZcyHmLBB4b301Wx-OSsRpf3wyJY-rug8KGSlxsAZtoXfmhC5IzpKY2PnUL7wQU5-zB/w1040-h608/03.png" style="margin-left: auto; margin-right: auto;" width="1040" /></td></tr><tr><td class="tr-caption" style="text-align: center;">If you hover your mouse over the cookie, it will warn you about the SameSite attributes </td></tr></tbody></table><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLu5tNukd9JAQ2a54RKXlcfITanCbBItZThromnDRdhypWqZqHqexDC3ih2L5Vb9kkZaf_oPE8zQZcyHmLBB4b301Wx-OSsRpf3wyJY-rug8KGSlxsAZtoXfmhC5IzpKY2PnUL7wQU5-zB/" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: verdana;"></span></a></div><span style="font-family: verdana;"><br /></span></div></li></ol></div><div><span style="font-family: verdana;">If you open a new browser tab on the mobile device, and you wish to inspect it; you will need to close 'DevTools' and click 'Inspect' on the new tab you opened.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">To highlight how Remote Debugging works, I created this short video. In this video you see how to inspect browser tabs on remote devices, and use DevTools much like you would on a non-mobile device.</span></div><div><span style="font-family: verdana;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><span style="font-family: verdana;"><iframe allowfullscreen="" class="BLOG_video_class" height="681" src="https://www.youtube.com/embed/7nNz7FfkUv0" width="819" youtube-src-id="7nNz7FfkUv0"></iframe></span></div><span style="font-family: verdana;"><br /></span><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">The goal of this blog post is to share the value of using Chrome DevTools to inspect how content is rendered on a mobile device. Prior to DevTools supporting remote debugging, it was much more difficult to obtain this kind of data. When DevTools is combined with <a href="https://www.telerik.com/fiddler" target="_blank">Fiddler</a> and a tool to troubleshoot AuthN/AuthZ (e.g. </span><a href="https://rcfed.com/" style="font-family: verdana;" target="_blank">rcFederation</a><span style="font-family: verdana;">), you can tackle nearly any issue.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">If you are interested in learning more about Remote Debugging with Chrome DevTools, or </span><span style="font-family: verdana;">SameSite cookies -</span><span style="font-family: verdana;"> check out some of the links below.</span></div><div><span style="font-family: verdana;"><br /></span></div><div><span style="font-family: verdana;">https://www.youtube.com/watch?v=GPz7onXjP_4</span></div><p><span style="font-family: verdana;">https://developers.google.com/web/tools/chrome-devtools/remote-debugging</span></p><p><span style="font-family: verdana;">https://developers.google.com/search/blog/2020/01/get-ready-for-new-samesitenone-secure</span></p><p><span style="font-family: verdana;">https://www.chromestatus.com/feature/5633521622188032</span></p><p><span style="font-family: verdana;">https://www.chromestatus.com/feature/5088147346030592</span></p><p><span style="font-family: verdana;">https://web.dev/samesite-cookies-explained/</span></p><p><span style="font-family: verdana;"><br /></span></p>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0tag:blogger.com,1999:blog-3792012736265800115.post-41043261954188452092020-07-11T13:01:00.000-04:002020-07-13T11:55:11.640-04:00Clean up duplicate identities and users from Workspace ONE using REST API's and PowerShell <div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Workspace ONE gives us a centralized management plane for our users digital workspace. But with the proliferation of identity and access management solutions, it isn't uncommon to find users with multiple identities in our management plane. Especially when you lift and shift from one identity solution to the next. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both;">
<span style="font-family: "verdana" , sans-serif;">I have a friend and colleague who is working with a beverage company who have a fairly tedious task ahead of them. They have to clean up duplicate identities, and do it quickly. I thought it would be great to share a solution I put together, and discuss how you can go about cleaning up identities in your environment as well.</span></div>
<div class="separator" style="clear: both;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both;">
<span style="font-family: "verdana" , sans-serif;">But before we get to the good stuff; some mood lifting visual stimuli...</span></div>
<div class="separator" style="clear: both;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><img border="0" data-original-height="1200" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE61_TfjOTP4m7cJ6lJSzUXIh_Lu2IY42EkxOMDRXrX3MW_WxCq7r7fUnwY_nGNV6Df-AKYJDph54uxAQw0Wx8-kmSWItkmvYj6gkrG35SR_WLfI_9tAkYkR0yYnalA9okQe9TFxi3sqrZ/s1600/MVIMG_20190714_184240.jpg" style="margin-left: auto; margin-right: auto;" /></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Entrance to Andaz Maui at Wailea<br />
Fun fact: Novell eDirectory still exists. Owned and maintained by NetIQ. Any readers still using eDirectory, send me a email so I can buy you a beer.</td></tr>
</tbody></table>
<div class="separator" style="clear: both;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE61_TfjOTP4m7cJ6lJSzUXIh_Lu2IY42EkxOMDRXrX3MW_WxCq7r7fUnwY_nGNV6Df-AKYJDph54uxAQw0Wx8-kmSWItkmvYj6gkrG35SR_WLfI_9tAkYkR0yYnalA9okQe9TFxi3sqrZ/s1600/MVIMG_20190714_184240.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "verdana" , sans-serif;"></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">A lot of organizations start with Workspace ONE by importing identities using LDAP integration with Workspace ONE. This is pretty simple as it uses a BIND account to talk to a single directory over port 636 or 3269 (securely), or unsecured over port 389 or 3268. But eventually organizations find themselves having to integrate with multiple directories, and this is where the duplicate or stale identity record problem becomes an issue. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">This becomes more common when you begin to use SCIM to provision users in VMware Access (formerly VMware Identity Manager), and then integrate users from VMware Access in to Workspace ONE. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">To give a clearer example of this; Instead of users starting off in Active Directory, and then imported in to Workspace ONE; users could start off in Okta's Universal Directory. From Okta the user is provisioned in Access using SCIM, and then from Access the user is imported in to Workspace ONE. But if the user was already created prior to the Okta integration, you find your Workspace ONE environment with duplicate identities.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">SCIM is an increasingly popular standard. For context on the acronym; it stands for <a href="https://en.wikipedia.org/wiki/System_for_Cross-domain_Identity_Management">System for Cross-Domain Identity Management</a>. You can read all about SCIM in <a href="https://tools.ietf.org/html/rfc7642">RFC7642</a>, as well as RFC7643 and RFC7644. I guarantee you that an in depth discussion on SCIM will make you a star at the Thanksgiving dinner table.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><img src="https://docs.vmware.com/en/VMware-Workspace-ONE/services/workspaceone_okta_scim_provisioning/images/GUID-E6109114-C2AD-4537-9920-663641C21610-low.png" style="margin-left: auto; margin-right: auto;" /></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Source: VMware</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Every account in Workspace ONE has a unique identity. This unique identity is a numeric value. To remove these identities; we will store all the numeric values in a flat csv file. PowerShell will pull the contents of the CSV file into an object, and then iterate through each item in the collection stored in the object. When iterating through each item, a PowerShell invoke-restmethod command will be called to delete the identity from Workspace ONE. You don't <i>need</i> to use a csv file. You could store all the unique identifiers in a object in PowerShell, and then reference that object as well. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">In <a href="https://www.ws1inhawaii.com/2020/03/how-to-remove-sensitive-data-from-code.html">previous</a> blog posts, I have shared how I like to use ini/json files to store environment secrets like API keys or environment URLS. I will continue to use this method in this example, and <a href="https://gist.github.com/HawaiiRyan/b610f6d5427afa9609cee145affed912">link</a> to the config.ini example that you can use. For the sake over-communicating, I will share a screenshot of what the config.ini file looks like in this example</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0TOUB6Fj9OZzYkeXtZMa0bNS5K0RxPgUZLUDWaeGASn49LbZmY76kuqSubrkN4ffBTo5T5xVBcdcNQV76EAFGt1uCUBAyfn7dA1Wd4y1_RABJFARmdg4eRGm9xtpW79mpatPUOtHPKuX9/s1600/Screen+Shot+2020-07-09+at+7.31.46+PM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="187" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0TOUB6Fj9OZzYkeXtZMa0bNS5K0RxPgUZLUDWaeGASn49LbZmY76kuqSubrkN4ffBTo5T5xVBcdcNQV76EAFGt1uCUBAyfn7dA1Wd4y1_RABJFARmdg4eRGm9xtpW79mpatPUOtHPKuX9/s320/Screen+Shot+2020-07-09+at+7.31.46+PM.png" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Don't forget to update the API key.</td></tr>
</tbody></table>
<br />
<div>
<span style="font-family: "verdana" , sans-serif;">For demonstration purposes, I have (2) users; HawaiiAir and HawaiiBank created. If you hover over the users in the UI of the console, you can see the unique ID for the user. As witnessed in the screenshot below, HawaiiAir has a unique ID of 29.</span></div>
<div>
<br /></div>
<div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTVGcWvIOOBo8rS-pHTlvg__Qg08ozbLOMhhCIFjCSAooJ7vK4t6rsmpbvxt7UGjXXosvnxpyAxsgvQCquvtmUDY1c-Q1ULyE9IAHHapGzqcsz0T4I2G9izmc7tyYjb0DNGHGvdEYLnSBi/s1600/Screen+Shot+2020-07-10+at+12.32.48+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTVGcWvIOOBo8rS-pHTlvg__Qg08ozbLOMhhCIFjCSAooJ7vK4t6rsmpbvxt7UGjXXosvnxpyAxsgvQCquvtmUDY1c-Q1ULyE9IAHHapGzqcsz0T4I2G9izmc7tyYjb0DNGHGvdEYLnSBi/s1600/Screen+Shot+2020-07-10+at+12.32.48+PM.png" /></span></a></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">We gather the list of users we want to delete and have them stored in a csv file. To get these unique identifiers required, you could use Workspace ONE API's to send an HTTP GET Request to the API endpoint at;<br />
<br />
/users/search<br />
<br />
This API Endpoint lets you filter in your search and filter your results with the following parameters;</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgESCHhDfGzcd0-z-vyyWAd97bGtaqwjGS2FPU5T5GZihxQvcli8Nn4MTqzuGdyAv7fX8OA7PEUpDkV0qAhv06WP9bIYBqqS-9UNzB5BXPe1PujWcYlqgY-ZRWjq_SoS-6qnRLnIjWgP7dj/s1600/Screen+Shot+2020-07-11+at+11.50.47+AM.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgESCHhDfGzcd0-z-vyyWAd97bGtaqwjGS2FPU5T5GZihxQvcli8Nn4MTqzuGdyAv7fX8OA7PEUpDkV0qAhv06WP9bIYBqqS-9UNzB5BXPe1PujWcYlqgY-ZRWjq_SoS-6qnRLnIjWgP7dj/s1600/Screen+Shot+2020-07-11+at+11.50.47+AM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">If you needed more options to filter your result set on, when your HTTP Response is returned from the API above, you can pipe the object in PowerShell to where-object filter what you've piped in to it. This will trim the results down further. Quick example of how to filter for users containing the phrase Molokai in their email address;</span></div>
<div style="background-color: #1e1e1e; color: #d4d4d4; font-family: Menlo, Monaco, "Courier New", monospace; font-size: 12px; line-height: 18px; white-space: pre;">
<span style="color: #9cdcfe;">$UserDelete</span><span style="color: #dcdcaa;">.Users</span> | <span style="color: #dcdcaa;">Where-Object</span> { <span style="color: #9cdcfe;">$_</span><span style="color: #dcdcaa;">.Email</span> -like <span style="color: #ce9178;">"*molokai*"</span>}</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">A complete list of attributes returned from the API endpoint to search for users is included below for your reference. You may find CustomAttribute value's to be particularly useful to filter on, as you may have attributes such as job code, division, or identity provider source mapped to a CustomAttribute.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzbLczLVG25B8dvMZ3B9dhVP5JYS6mOZcORtoVJr3U6EAEtbZBfZ7r-0xkz2WIhp-dQPPvBQwEAt0vZeOvHczLV_eR4-tV4J0-QZ-UeSvJSXZpjr7cf0L18GG-aq-_ijuFS1MK_1g-Fl-6/s1600/Screen+Shot+2020-07-11+at+12.03.44+PM.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzbLczLVG25B8dvMZ3B9dhVP5JYS6mOZcORtoVJr3U6EAEtbZBfZ7r-0xkz2WIhp-dQPPvBQwEAt0vZeOvHczLV_eR4-tV4J0-QZ-UeSvJSXZpjr7cf0L18GG-aq-_ijuFS1MK_1g-Fl-6/s1600/Screen+Shot+2020-07-11+at+12.03.44+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Once you have filtered your users, you need to export them in a CSV file for this example. You can pipe your filtered results in to the Export-Csv cmdlet to accomplish this.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div style="color: #d4d4d4; font-family: Menlo, Monaco, "Courier New", monospace; font-size: 12px; line-height: 18px; white-space: pre;">
<span style="background-color: black;"><span style="color: #9cdcfe;">$UserDelete</span><span style="color: #dcdcaa;">.Users</span> | <span style="color: #dcdcaa;">Where-Object</span> { <span style="color: #9cdcfe;">$_</span><span style="color: #dcdcaa;">.Email</span> -like <span style="color: #ce9178;">"*molokai*"</span>} | Export-Csv -Path c:\HawaiiFinancialRetirement\users.csv</span></div>
<div class="separator" style="clear: both;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">You've got your list of users in a CSV file. You are ready to run the code! </span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1v8Vf829Xq6FebxbwlhcnYlbmImCV9WrgP9f8OLl34SQJBh-D5vBfdo8G1xTQuJ5TXbf9CZCUjstEV2DqBc1kHfShdEZSEEk-oV9RYY9GJERVIpIM3-u2ybJ4UP4ESsvoUd4PSeDriz7y/s1600/Screen+Shot+2020-07-10+at+12.24.04+PM.png" imageanchor="1" style="font-family: verdana, sans-serif; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1v8Vf829Xq6FebxbwlhcnYlbmImCV9WrgP9f8OLl34SQJBh-D5vBfdo8G1xTQuJ5TXbf9CZCUjstEV2DqBc1kHfShdEZSEEk-oV9RYY9GJERVIpIM3-u2ybJ4UP4ESsvoUd4PSeDriz7y/s400/Screen+Shot+2020-07-10+at+12.24.04+PM.png" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">List of users we will delete. User ID 29 and 30.</td></tr>
</tbody></table>
<br />
<span style="font-family: "verdana" , sans-serif;">Go ahead and run the script in Visual Studio Code, PowerShell ISE, or a PowerShell window. I have added a bunch of comments to the code to try and help you understand what is being done at each step.</span><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1Mtd_Ugdfb2z2913fOYeM8LYHPRFzcnlnwoP2j6Y3GVmJSutX8wub-CxDmmVBivw6g7a1rzdTfY8dJ-uWlPV2kuWteU6-yKcR0_n9_wDaiSYjovoP-H15VrbRY61D7svfP6V1kMkM6oAP/s1600/Screen+Shot+2020-07-11+at+12.58.24+PM.png" imageanchor="1"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1Mtd_Ugdfb2z2913fOYeM8LYHPRFzcnlnwoP2j6Y3GVmJSutX8wub-CxDmmVBivw6g7a1rzdTfY8dJ-uWlPV2kuWteU6-yKcR0_n9_wDaiSYjovoP-H15VrbRY61D7svfP6V1kMkM6oAP/s1600/Screen+Shot+2020-07-11+at+12.58.24+PM.png" /></a><br />
<br />
<span style="font-family: "verdana" , sans-serif;">After executing lines 1-26, if you want to spot-check the users to be deleted, type $user and a list of user identifiers will be returned. You can only do this if you have added a breakpoint or are debugging the script and able to pause the scripts execution in the IDE. I went ahead and put a breakpoint at line 38 before the API is called so that I can verify the users to be deleted. This also lets me spot-check the body that will be included in the HTTP Request.</span><br />
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi52gCp_8o6ZpJYfsOnVBO6I8jneD_3tUWJt_jdSUx8Pfn6v0S0q7Xb23FhlP02Zk0w_qhRp2qDpWfX8aZSYJdhRB6YxoJaYjt69fxyhczPV59wJC05KibJ0WbAYKrI4mSYqG3Pa1BRnZ2E/s1600/Screen+Shot+2020-07-10+at+12.38.45+PM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi52gCp_8o6ZpJYfsOnVBO6I8jneD_3tUWJt_jdSUx8Pfn6v0S0q7Xb23FhlP02Zk0w_qhRp2qDpWfX8aZSYJdhRB6YxoJaYjt69fxyhczPV59wJC05KibJ0WbAYKrI4mSYqG3Pa1BRnZ2E/s1600/Screen+Shot+2020-07-10+at+12.38.45+PM.png" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">HawaiiAir (29) and HawaiiBank (30)</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">After this, the fun starts. The script will iterate through each unique identifier in the $user object, with line 44 running the PowerShell command invoke-restmethod. Invoke-restmethod uses the HTTP header setup in lines 29-42, the body in lines 29-37, and sends our HTTP Request to the API.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">One of the tricky parts about working with this API Endpoint is getting the syntax formatting correct for the HTTP message body. The API Explorer documentation shows you the correct formatting, in case you want to write this in another language like Javascript or Python.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPwb0l7om105f3YwBSIMqSBRGag_vZVaL6CPjDh6Ou1IURDu9pwCGIjZo6nd21bpob6yW4SovubgYOykVERHOG-lKO6gIbHyD5EFtHL8vbcuhflEAbJmsQfIK39Xu5z9VOerfdIechDE_F/s1600/Screen+Shot+2020-07-11+at+12.28.09+PM.png" imageanchor="1"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPwb0l7om105f3YwBSIMqSBRGag_vZVaL6CPjDh6Ou1IURDu9pwCGIjZo6nd21bpob6yW4SovubgYOykVERHOG-lKO6gIbHyD5EFtHL8vbcuhflEAbJmsQfIK39Xu5z9VOerfdIechDE_F/s400/Screen+Shot+2020-07-11+at+12.28.09+PM.png" width="400" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">After the code iterates through each item in $user, you can return back to your Workspace ONE console and see the identities have been deleted.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKVqdvguzhhZWlLt72v4hFUX19Or_mTyazDth5r6SPgaTxATzbqQkDRI2f7cTnTzXdEGUw0arzDTGuZPzVL1Tk1dTARPreF9mpuimi12wEqR7N7KsmxBCt-QmWJCNfI4BloJmh56Xxv9KH/s1600/Screen+Shot+2020-07-10+at+6.09.02+PM.png" imageanchor="1" style="margin-left: auto; margin-right: auto; text-align: left;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKVqdvguzhhZWlLt72v4hFUX19Or_mTyazDth5r6SPgaTxATzbqQkDRI2f7cTnTzXdEGUw0arzDTGuZPzVL1Tk1dTARPreF9mpuimi12wEqR7N7KsmxBCt-QmWJCNfI4BloJmh56Xxv9KH/s1600/Screen+Shot+2020-07-10+at+6.09.02+PM.png" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Saving you hours of monotonous work.</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<script src="https://gist.github.com/HawaiiRyan/92d9092e25c2ed6801e957781896c5eb.js"></script></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Any questions, feel free to email me at rpringnitz@gmail.com</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Mahalo!</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span></div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0tag:blogger.com,1999:blog-3792012736265800115.post-16251877527721419122020-06-28T12:05:00.000-04:002021-07-15T17:04:55.174-04:00How to use Fiddler Everywhere to inspect Android network traffic to troubleshoot SAML authentication issues<span style="font-family: "verdana" , sans-serif;">Recently Telerik would release Fiddler Everywhere, a <b>free</b> web debugging proxy, for macOS. Previously, Fiddler was native to Windows, and macOS users would have to resort to using Charles, or using Fiddler in Wine on their macOS. While Charles is great, it also wasn't free. With Fiddler Everywhere being a free offering, it has quickly cemented itself as a must-have tool for developers. </span><br />
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">Thanks Telerik, my Hawaii vacation / retirement fund just grew by $50.</span><br />
<div>
<br /></div>
<div>
<span style="font-family: "verdana" , sans-serif;">Today, we're going to cover how to use Fiddler Everywhere to capture network traffic from an Android device. This is useful if you need to review SAML responses when troubleshooting authentication. But before we proceed to the fun stuff....</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbuQlK0-43DW8_av8ZKthyphenhyphenHaAyT-a7AMy6o9wlkS3G6NbXgyKXd1eAP41U-TNcfD7TpPAQpjkkmhQoxJ07dqbImX2Qce_8M_XTLjqjsAp2rBwSOej2M86xl72dTLqSg0sfwLMT4Vq1fyVZ/s1600/IMG_20190713_074405.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1200" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbuQlK0-43DW8_av8ZKthyphenhyphenHaAyT-a7AMy6o9wlkS3G6NbXgyKXd1eAP41U-TNcfD7TpPAQpjkkmhQoxJ07dqbImX2Qce_8M_XTLjqjsAp2rBwSOej2M86xl72dTLqSg0sfwLMT4Vq1fyVZ/s1600/IMG_20190713_074405.jpg" /></span></a></td></tr>
<tr><td class="tr-caption"><span style="font-family: "verdana" , sans-serif;">Wailea, <span style="font-size: 12.8px;">Ulua Beach, Maui</span></span></td></tr>
</tbody></table>
</div>
<div>
<span style="font-family: "verdana" , sans-serif;"><b>Requirements:</b></span></div>
<div>
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Telerik Fiddler Everywhere<br /><a href="https://www.telerik.com/fiddler-everywhere">https://www.telerik.com/fiddler-everywhere</a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Computer connected to network</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Android device connected to the same network as the computer</span></li>
</ol>
<ul><ul>
<li><span style="font-family: "verdana" , sans-serif;">Android device must have no Workspace ONE profiles installed that manage:</span></li>
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Restrictions (limiting device network connectivity modifications)</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Google Chrome application configuration (forcing device traffic to a proxy specified in the application configuration)</span></li>
</ul>
</ul>
</ul>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
</div>
<div>
<span style="font-family: "verdana" , sans-serif;"><b>Steps to capture traffic:</b></span></div>
<div>
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Open 'System Preferences' on your macOS. If using a Windows operating system, navigate to 'Control Panel'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjd4IULJDd4ddS1CJTE11d9IB_kclaW13t59kNDvaIdZEWAzsCWk1XWWeq8IIWfQ6OQLPrmxGj-o5SlP41yWZTYZsicMh4nSOGis_uljdxpW_7If1_5xyhOhCaTZ2IcNDtRSUVSIwHJJSmk/s1600/Screen+Shot+2020-06-28+at+10.18.12+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1408" data-original-width="1426" height="628" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjd4IULJDd4ddS1CJTE11d9IB_kclaW13t59kNDvaIdZEWAzsCWk1XWWeq8IIWfQ6OQLPrmxGj-o5SlP41yWZTYZsicMh4nSOGis_uljdxpW_7If1_5xyhOhCaTZ2IcNDtRSUVSIwHJJSmk/s640/Screen+Shot+2020-06-28+at+10.18.12+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Open 'Network' on your macO. If using a Windows operating system, navigate to 'Network and Sharing Center'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAi9gL_nkqdebRAfCrGjJztFkaCLk86d2jqAgxViDcegK4fialP0wX_ANB8cKZagCjhIleXRN3fyF7xF7xC_ze-kKZRLmTuRVwcMqT4v-mC9OPF3_PPqzuN9rSVOX0SkLRpBO7FSafEOZ2/s1600/Screen+Shot+2020-06-28+at+10.18.30+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1225" data-original-width="1600" height="488" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAi9gL_nkqdebRAfCrGjJztFkaCLk86d2jqAgxViDcegK4fialP0wX_ANB8cKZagCjhIleXRN3fyF7xF7xC_ze-kKZRLmTuRVwcMqT4v-mC9OPF3_PPqzuN9rSVOX0SkLRpBO7FSafEOZ2/s640/Screen+Shot+2020-06-28+at+10.18.30+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Locate the <a href="https://tools.ietf.org/html/rfc1918" target="_blank">RFC1918</a> IP Address of your computer, mine is 192.168.0.111. If using a Windows operating system; click on the connection, and in the new window that appears, click on 'Details'.</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Write this IP Address down, it will be used later</span></li>
<li><span style="font-family: "verdana" , sans-serif;"><a href="https://www.telerik.com/fiddler-everywhere" target="_blank">Download</a> and install Fiddler Everywhere, or Fiddler if using a Windows operating system. </span></li>
<li><span style="font-family: "verdana" , sans-serif;">Open Fiddler Everywhere<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrmy5Lb26CaQSqjWi4AwvDOAzyF2zqRCIvdKwpS5l7_KilzF1PrKxhyMIDr1f_jHcGQVt0tKbkygjVF_zOnzVKSdjleJRhiBCMwhxxkB5je1eX7I8y1Jn7PY_HQKlz4FLQIWDOJ6vb5zM2/s1600/Screen+Shot+2020-06-28+at+10.34.54+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="980" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrmy5Lb26CaQSqjWi4AwvDOAzyF2zqRCIvdKwpS5l7_KilzF1PrKxhyMIDr1f_jHcGQVt0tKbkygjVF_zOnzVKSdjleJRhiBCMwhxxkB5je1eX7I8y1Jn7PY_HQKlz4FLQIWDOJ6vb5zM2/s1600/Screen+Shot+2020-06-28+at+10.34.54+AM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Ensure that Fiddler is capturing traffic<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie4YeoZVqzdyTTcUnFJbFzSaHcgtoZa5YqChT0I86gsMtVFFXXI7zS46yi15YZfks6W9oGBHSQW1GRirO-hb8N0Ez9pHUiR7YOFkin2qvNhTKYswAb7vVUlboUbkTZ4_iQQwRReB7ufdLX/s1600/Screen+Shot+2020-06-28+at+10.35.35+AM.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="274" data-original-width="1156" height="148" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie4YeoZVqzdyTTcUnFJbFzSaHcgtoZa5YqChT0I86gsMtVFFXXI7zS46yi15YZfks6W9oGBHSQW1GRirO-hb8N0Ez9pHUiR7YOFkin2qvNhTKYswAb7vVUlboUbkTZ4_iQQwRReB7ufdLX/s640/Screen+Shot+2020-06-28+at+10.35.35+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click the gear icon in the upper right corner to open 'Settings'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpZc9lG7es_VkabZ2etKKCQv_tvDQEf16RxHCE7SQTpGium89wFLge6HJew4jWHBr6J-2eAmnq_Dk38cwaGgLJxihLnkMuCQV3dlOV2OV0MavVYN1XFRghjWx9VUitn7aiPxHkbqxGJdfu/s1600/Screen+Shot+2020-06-28+at+10.36.46+AM.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="256" data-original-width="758" height="216" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpZc9lG7es_VkabZ2etKKCQv_tvDQEf16RxHCE7SQTpGium89wFLge6HJew4jWHBr6J-2eAmnq_Dk38cwaGgLJxihLnkMuCQV3dlOV2OV0MavVYN1XFRghjWx9VUitn7aiPxHkbqxGJdfu/s640/Screen+Shot+2020-06-28+at+10.36.46+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the 'HTTPS' tab, Ensure the 'Capture HTTPS traffic' checkbox is selected<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhq1P6PjH1SxZGiFcVQjZpeInwgXX-ker3HqwvZFsxM4B1PCNU0iI8Et7fNTx51_5NzWYz0-y3mDRIUkwHjESoq5uKH2XTPLoDO7vC0lqW9-bbPxKboqPoBuoYDm4nSDtcjhr-qCVXir4cP/s1600/Screen+Shot+2020-06-28+at+10.38.02+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1208" data-original-width="1600" height="482" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhq1P6PjH1SxZGiFcVQjZpeInwgXX-ker3HqwvZFsxM4B1PCNU0iI8Et7fNTx51_5NzWYz0-y3mDRIUkwHjESoq5uKH2XTPLoDO7vC0lqW9-bbPxKboqPoBuoYDm4nSDtcjhr-qCVXir4cP/s640/Screen+Shot+2020-06-28+at+10.38.02+AM.png" width="640" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the 'Connections' tab, specify a unused port to listen for traffic on. Ensure both 'Act as system proxy on startup' and 'Allow remote computers to connect' checkboxes are selected<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-g_jpD4f8atk_2-skUxOTdYFpZia-TITTz5xw0-mIkvF7_FyKmrAFLVWzW8OJt3xb4nntqfQHf5ruE_IQhC0PR_p5Pinae-Z5WLfUzRhzobLLzKVKqM1ceFeqj9sm-N7j54Vtt8bLaIoX/s1600/Screen+Shot+2020-06-28+at+10.38.09+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1155" data-original-width="1600" height="462" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-g_jpD4f8atk_2-skUxOTdYFpZia-TITTz5xw0-mIkvF7_FyKmrAFLVWzW8OJt3xb4nntqfQHf5ruE_IQhC0PR_p5Pinae-Z5WLfUzRhzobLLzKVKqM1ceFeqj9sm-N7j54Vtt8bLaIoX/s640/Screen+Shot+2020-06-28+at+10.38.09+AM.png" width="640" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Save' and close 'Settings'<br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Test that Fiddler Everywhere is running by navigating your localhost:port that you specified in 'Connections'. For my test, this will be;<br /><a href="http://192.168.0.111:8866/">http://192.168.0.111:8866/</a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">If Fiddler Everywhere is running, you will see the following web page. If it is not running, reset your Fiddler settings, ensure there are no firewalls prohibiting traffic, and reconfigure Fiddler Everywhere settings<br /></span><div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFJVdg3iuB1Y51sH-w46jrD0tNj2KnlRozmb5QmhVshVJKR7O-BI1JPuGJHB_MF2x7UN9CA_6GJGRGKCNairhxxjzZVmg4rKwAR420PgheKQ_5qOvmEIlxwRJ5mHoekKWEDFJtX086CEyX/s1600/Screen+Shot+2020-06-28+at+10.44.45+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="614" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFJVdg3iuB1Y51sH-w46jrD0tNj2KnlRozmb5QmhVshVJKR7O-BI1JPuGJHB_MF2x7UN9CA_6GJGRGKCNairhxxjzZVmg4rKwAR420PgheKQ_5qOvmEIlxwRJ5mHoekKWEDFJtX086CEyX/s1600/Screen+Shot+2020-06-28+at+10.44.45+AM.png" /></a><br /></span></div>
</li>
<li><span style="font-family: "verdana" , sans-serif;">Grab your Android tablet.</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Open VMware Workspace ONE Hub<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwxG2_cIBWts_BsdfvW4JnBb53GnB94uYv9z2PxASixxnF0ENSlXgZ6v_OSlhoPfWJ2vvgqpfttQCbF7N4jO2OEtlTO0bG1WVo0qz-i8nDO8j3yvNPyrePqmfIeJkhrj1YbBBPPArlD7lP/s1600/Screenshot_20200628-111735.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="900" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwxG2_cIBWts_BsdfvW4JnBb53GnB94uYv9z2PxASixxnF0ENSlXgZ6v_OSlhoPfWJ2vvgqpfttQCbF7N4jO2OEtlTO0bG1WVo0qz-i8nDO8j3yvNPyrePqmfIeJkhrj1YbBBPPArlD7lP/s640/Screenshot_20200628-111735.png" width="360" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap 'This Device', and then 'Profiles'. Remove 'Restrictions' profiles, in addition to profiles managing Google Chrome's Application Configuration<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia8JWU205L91W0t3UfRKsYL4oaAUhaln0plvs-Djttw0oGzAkk1n36Fp9IKbGoqpm9fey0lLUVmByMnTq3EWiDRw3ajJV6XQTnT-M4I-LscIpvCmk_lrBCCcZ-s_wyti8tXGKO57UKbJlg/s1600/Screenshot_20200628-111744.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="900" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia8JWU205L91W0t3UfRKsYL4oaAUhaln0plvs-Djttw0oGzAkk1n36Fp9IKbGoqpm9fey0lLUVmByMnTq3EWiDRw3ajJV6XQTnT-M4I-LscIpvCmk_lrBCCcZ-s_wyti8tXGKO57UKbJlg/s1600/Screenshot_20200628-111744.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap 'Settings', followed by 'Connections'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEvJQSSMoYU19-Zx0O0CINs0CFb2VIntKY3JuUpPUu-37Krk0x4U50qgFGR-h9HnFfSc5SbqhFLAvDIIz3v5pfWbQvP76RbHgbFY20Yzn7a1nk_eSJl960ZnyBFJgrr0PJrwkB_5wikX5D/s1600/device-2020-06-28-105437.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhEvJQSSMoYU19-Zx0O0CINs0CFb2VIntKY3JuUpPUu-37Krk0x4U50qgFGR-h9HnFfSc5SbqhFLAvDIIz3v5pfWbQvP76RbHgbFY20Yzn7a1nk_eSJl960ZnyBFJgrr0PJrwkB_5wikX5D/s1600/device-2020-06-28-105437.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap the Wi-Fi network you are connected to<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPMpHkrUepYNfWEi0Ctb8HckkfDmhf-qLW8ePfXHiOLwB384ykeXlBqwNGQSZhWt4Q_Z3320Sn5bTH6YjeCtsEeR7mVs8EY0MUoEc3SXNw-WXthS1nOsLgQagJ4_afzfPijtKuKolXA4Je/s1600/device-2020-06-28-105448.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPMpHkrUepYNfWEi0Ctb8HckkfDmhf-qLW8ePfXHiOLwB384ykeXlBqwNGQSZhWt4Q_Z3320Sn5bTH6YjeCtsEeR7mVs8EY0MUoEc3SXNw-WXthS1nOsLgQagJ4_afzfPijtKuKolXA4Je/s1600/device-2020-06-28-105448.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap the Wi-Fi Network you are connected to in the new window that appears<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidMsquX9vbkr2_tf-iHh8BbAvpnlL1ZFWNNpPHjSXZklhMUWRKchDWj99Ynu4lGfgrRymfJRBkWHZenG3sI310_Bg4QKVncHlaGbK3PulQW8Cnxdcwb-qu_ZRDVO6KXNy_M0yV9-V5PKiV/s1600/device-2020-06-28-105458.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidMsquX9vbkr2_tf-iHh8BbAvpnlL1ZFWNNpPHjSXZklhMUWRKchDWj99Ynu4lGfgrRymfJRBkWHZenG3sI310_Bg4QKVncHlaGbK3PulQW8Cnxdcwb-qu_ZRDVO6KXNy_M0yV9-V5PKiV/s1600/device-2020-06-28-105458.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap 'Advanced' in the next window that appears<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjGp5-88LDIkkgdoHaRYriicoZmMN191jJqLKHFG-5E5N1MBCEvGyRWFUGkXzGR8kdp6xcPaJLAFf0a3Gj26QB7nIlyD_HXaqGSg4c3aL-FNtThAHxarvH_UxZUXbc3MIpyIUcpDClO88i/s1600/device-2020-06-28-105507.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjGp5-88LDIkkgdoHaRYriicoZmMN191jJqLKHFG-5E5N1MBCEvGyRWFUGkXzGR8kdp6xcPaJLAFf0a3Gj26QB7nIlyD_HXaqGSg4c3aL-FNtThAHxarvH_UxZUXbc3MIpyIUcpDClO88i/s1600/device-2020-06-28-105507.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the 'Proxy' drop-down, change it from 'None' to 'Manual'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvSzBTh_LD51FU8MFVOtJDXHqRUv5XAB7-ocCtUhiHTP-qtF0wVIYXSCTZQnVVckDOKwhlWGQJU6ZJkL2Peq7HBAhbWgnI-rSTHb7N85sNcW-oHPATwNh5hnGesJUJbyaxvtJFACRtG-JT/s1600/device-2020-06-28-105414.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvSzBTh_LD51FU8MFVOtJDXHqRUv5XAB7-ocCtUhiHTP-qtF0wVIYXSCTZQnVVckDOKwhlWGQJU6ZJkL2Peq7HBAhbWgnI-rSTHb7N85sNcW-oHPATwNh5hnGesJUJbyaxvtJFACRtG-JT/s1600/device-2020-06-28-105414.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Enter the IP Address of your computer in the 'Proxy host name' form field</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Enter the port number Fiddler Everywhere is listening on in the 'Proxy port' form field;<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixL-akRTFtf-K8dadxbU_iyiOO6XFGyMuGaz5kqnxySra-wIxKi9YMFIT0NAxamcXOOBmJpjBId3AH7dTE0fTWU4X4AE3fOnhO8J_dw3yn_XkOjbFRTGfiiuQ5crhBbkFbd5qNgyGRbalk/s1600/device-2020-06-28-105543.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixL-akRTFtf-K8dadxbU_iyiOO6XFGyMuGaz5kqnxySra-wIxKi9YMFIT0NAxamcXOOBmJpjBId3AH7dTE0fTWU4X4AE3fOnhO8J_dw3yn_XkOjbFRTGfiiuQ5crhBbkFbd5qNgyGRbalk/s1600/device-2020-06-28-105543.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap 'Save'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Open Google Chrome on the Android device</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Type in the HTTP Address that Fiddler Everywhere is listening on. In my example, this is http://192.168.0.111:8866<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSjumsfrwIrgjyBmS6naQxmUsJt82S1EYlvPtsU8O2zjqM1EMXVseSVJ8Ze2fuuEkIiGWr5-dvrp8gDdrHlJGLws2vxBq3k6FGL1037gmAVU7uEkv7XpnuI59y5LFudMq4EAYxh2F_RgMS/s1600/device-2020-06-28-105833.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSjumsfrwIrgjyBmS6naQxmUsJt82S1EYlvPtsU8O2zjqM1EMXVseSVJ8Ze2fuuEkIiGWr5-dvrp8gDdrHlJGLws2vxBq3k6FGL1037gmAVU7uEkv7XpnuI59y5LFudMq4EAYxh2F_RgMS/s1600/device-2020-06-28-105833.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">If the URL is not accessible, verify your Android device is not connected to a VPN</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap the link to download the 'FiddlerRoot certificate'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Continue'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBE0C_MMtG_NCy47I5y2_tTPN8Zp68uonJA2CCpDOhwrblqP217jdYr51urFfQCjPNCddCMLyiveRNfDWrs_ZQbdz88f-mXv2mswTWkSxj3tGiaMAQ7FyLzrLL9IIkw17zv9gZbp8Jjz7b/s1600/device-2020-06-28-105932.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgBE0C_MMtG_NCy47I5y2_tTPN8Zp68uonJA2CCpDOhwrblqP217jdYr51urFfQCjPNCddCMLyiveRNfDWrs_ZQbdz88f-mXv2mswTWkSxj3tGiaMAQ7FyLzrLL9IIkw17zv9gZbp8Jjz7b/s1600/device-2020-06-28-105932.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Enter your device PIN (or other form of authentication previously setup)</span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the new window that appears, name the certificate. In this example I will name it 'Fiddler-Test'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoA1aFuTSYO682WMNyDfBO9XKA8d-izP_tr_QyGGG3mFk6J4y5nFs7Kyj7mgCo-6n1hZXIceOWbM0isVaWVOBWsBPaSr0PLWLZEeNSLBNCG4TP47B1AusDWDB4oly2cfQePHrCTtD7oPN_/s1600/device-2020-06-28-110219.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoA1aFuTSYO682WMNyDfBO9XKA8d-izP_tr_QyGGG3mFk6J4y5nFs7Kyj7mgCo-6n1hZXIceOWbM0isVaWVOBWsBPaSr0PLWLZEeNSLBNCG4TP47B1AusDWDB4oly2cfQePHrCTtD7oPN_/s1600/device-2020-06-28-110219.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Tap 'Ok'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Prior to this, Fiddler would have been capturing HTTP traffic already<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgua9UrTqzQy2kclGb5dFwMNXjhkfCluummmb8p-DBgvseaNAM4HTdAA-qbUkf7poqI3ZB4soTQmxuwduy2L9FkgLutpBcV8XYgCvw5rohWKT0huZY2kVPF6dQ8X7lQD-IbS0my-qwfTiGn/s1600/Screen+Shot+2020-06-28+at+11.03.42+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="326" data-original-width="1498" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgua9UrTqzQy2kclGb5dFwMNXjhkfCluummmb8p-DBgvseaNAM4HTdAA-qbUkf7poqI3ZB4soTQmxuwduy2L9FkgLutpBcV8XYgCvw5rohWKT0huZY2kVPF6dQ8X7lQD-IbS0my-qwfTiGn/s1600/Screen+Shot+2020-06-28+at+11.03.42+AM.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Now that the Fiddler root certificate is installed on the device, HTTPS traffic is also being captured</span></li>
<li><span style="font-family: "verdana" , sans-serif;">To verify HTTPS traffic is captured, we can test this by navigating to a web site. I will navigate to <a href="https://news.ycombinator.com/">https://news.ycombinator.com/</a><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEil80JzhUG1V347ReKjjPtKEFg23B9db0VmwA0c0sc5JVs0PMiRtUY3AldnftWLUf50BAlhcTfO35J1LnzeoR10iAxyTUNxRgEZM3T_EBX_rms_16vkB52YLEcGO9UTmTzxA7abhBJcCqTz/s1600/device-2020-06-28-110544.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1000" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEil80JzhUG1V347ReKjjPtKEFg23B9db0VmwA0c0sc5JVs0PMiRtUY3AldnftWLUf50BAlhcTfO35J1LnzeoR10iAxyTUNxRgEZM3T_EBX_rms_16vkB52YLEcGO9UTmTzxA7abhBJcCqTz/s1600/device-2020-06-28-110544.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Open Fiddler Everywhere, and you will now be able to see all the HTTP Requests and HTTP Responses, including HTTPS traffic;<br /><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK_Osojpsxm_8R_ewDrtb9yg-klc4S-H2WPytauGeFKFksZ89WFWAs64AXhZvGpA9CQ4Q_11B4Bd4iq4NuIeC4aNNhziHqb2KJpy4_K2JEUxgFMq8Y8GdHcSYw4H8MioJdVXwKawAtC2e9/s1600/Screen+Shot+2020-06-28+at+11.05.35+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="826" data-original-width="1484" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhK_Osojpsxm_8R_ewDrtb9yg-klc4S-H2WPytauGeFKFksZ89WFWAs64AXhZvGpA9CQ4Q_11B4Bd4iq4NuIeC4aNNhziHqb2KJpy4_K2JEUxgFMq8Y8GdHcSYw4H8MioJdVXwKawAtC2e9/s1600/Screen+Shot+2020-06-28+at+11.05.35+AM.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click on a entry and review the HTTP Headers, Text, Cookies, JSON, and XML<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYUiZX-gCWQTIxj01zpoxY7-mw7AkbOcqtx59F2KTJipMkszgAhCDdUz6fhunNiMbmYw3tdbCGSIcDUg0yubT9-G7kv7zs-dd7qC3XDRB3ng2fAHzl5Os7eMt_9tpZbOPeQN0OP9v3wkSA/s1600/Screen+Shot+2020-06-28+at+11.06.41+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1343" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYUiZX-gCWQTIxj01zpoxY7-mw7AkbOcqtx59F2KTJipMkszgAhCDdUz6fhunNiMbmYw3tdbCGSIcDUg0yubT9-G7kv7zs-dd7qC3XDRB3ng2fAHzl5Os7eMt_9tpZbOPeQN0OP9v3wkSA/s1600/Screen+Shot+2020-06-28+at+11.06.41+AM.png" /></a><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Now you can proceed to test your service requiring authentication</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Review the HTTPS Request/Responses when authenticating</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Look for the SAMLRequest. To decode the SAML Request, OneLogin has a free tool to decrypt it. This tool is available at <a href="https://www.samltool.com/decrypt.php">https://www.samltool.com/decrypt.php</a><br /><br /> </span></li>
</ol>
<div>
<br /></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><a href="https://optimalidm.com/resources/blog/troubleshooting-federation-with-fiddler/">OptimalIDM</a> does a great job summarizing a SAML flow;</span><br />
<ul><span style="font-family: "verdana" , sans-serif;">
<li><span style="color: #404040; font-family: "verdana" , sans-serif; font-size: 15px;">The user requests an access to a relying party</span></li>
<li><span style="color: #404040; font-family: "verdana" , sans-serif; font-size: 15px;">The user is redirected to the Identity Provider (IdP) with a SAML 2.0 authentication request</span></li>
<li><span style="color: #404040; font-family: "verdana" , sans-serif; font-size: 15px;">The user then authenticates at the IdP</span></li>
<li><span style="color: #404040; font-family: "verdana" , sans-serif; font-size: 15px;">A SAML 2.0 authentication response is then posted to the relying party</span></li>
</span></ul>
<span style="font-family: "verdana" , sans-serif;">
</span>
<br />
<div>
<span style="font-family: "verdana" , sans-serif;"><span style="color: #404040;"><span style="font-size: 15px;">Source: </span></span><a href="https://optimalidm.com/resources/blog/troubleshooting-federation-with-fiddler/">https://optimalidm.com/resources/blog/troubleshooting-federation-with-fiddler/</a></span></div>
<span style="font-family: "verdana" , sans-serif;">
</span>
<br />
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<span style="font-family: "verdana" , sans-serif;">
</span></div>
</div>
<div>
<span style="font-family: "verdana" , sans-serif;">For more helpful tools to troubleshoot SAML, decode SAML messages, and more; OneLogin has compiled a set of tools that are a huge help.</span></div>
<div>
<a href="https://www.samltool.com/saml_tools.php"><span style="font-family: "verdana" , sans-serif;">https://www.samltool.com/saml_tools.php</span></a></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVYYUjyWvsCLj5VscfqaDTCOSBc_Xnty6cDt51Ehu9agau2SxJQw3mRZ3ztefr1DnqqeyCN2TIO89JgrRV3RynThoWyRPZInzYZc5D8edSYujMLpHK7vZUquKRKB22e62QLmF4IKme5Fpf/s1600/Screen+Shot+2020-06-28+at+11.11.16+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="952" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVYYUjyWvsCLj5VscfqaDTCOSBc_Xnty6cDt51Ehu9agau2SxJQw3mRZ3ztefr1DnqqeyCN2TIO89JgrRV3RynThoWyRPZInzYZc5D8edSYujMLpHK7vZUquKRKB22e62QLmF4IKme5Fpf/s1600/Screen+Shot+2020-06-28+at+11.11.16+AM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><b>For more information on Fiddler Everywhere, you can also check out these resources;</b><br />How to Debug iOS & Android Mobile Apps with #Fiddler - YouTube, Progress Telerik, <a href="https://twitter.com/RobLauer">Rob Lauer</a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/UrT_V1Jq3EE/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/UrT_V1Jq3EE?feature=player_embedded" width="320"></iframe></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Progress Fiddle Everywhere Documentation - <a href="https://docs.telerik.com/fiddler-everywhere/introduction">https://docs.telerik.com/fiddler-everywhere/introduction</a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span></div>
<div>
<br /></div>
</div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0tag:blogger.com,1999:blog-3792012736265800115.post-29343070915997826882020-06-24T22:35:00.000-04:002020-06-25T14:32:53.909-04:00Workspace ONE Intelligence and Zimperium Mobile Threat Detection Integration<span style="font-family: "verdana" , sans-serif;">Blogging has been a real treat. I especially enjoy seeing what posts receive more pageviews, and what content really resonates with people. </span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">The trend, is your friend; posts covering Zimperium and Workspace ONE integration receive anywhere from 570% to over 900% more views than the rest. With that, let's give the people what they want.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">This week Zimperium would announce support full support for Workspace ONE Intelligence. Workspace ONE Intelligence is an extension of the Workspace ONE UEM platform that provides new features and capabilities. Some of these capabilities include;</span></span><br />
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Trust Network</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Automation</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Dashboards / Reports / Widgets</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Consumer Apps SDK</span></li>
</ol>
<div>
<span style="font-family: "verdana" , sans-serif;">With this latest release of zConsole from Zimperium, we can now stream threat events to Workspace ONE Intelligence. Currently, Intelligence is able to use threat events from Zimperium to create dashboards/reports/widgets, and automated workflows.</span><br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img src="https://www.zimperium.com/wp-content/uploads/2019/10/Trust-Network.png" style="margin-left: auto; margin-right: auto;" /></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">Source: VMware</span></td></tr>
</tbody></table>
</div>
<div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">In this blog post, we'll cover how to integrate Workspace ONE Intelligence and Zimperium Mobile Threat Detection. </span></span><span style="font-family: "verdana" , sans-serif;">But, before we get to the technical stuff, let's get to the good stuff.....</span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span>
</span><br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWK-m_ScjpkPGw4ODpyKWckOxxN4lr9EaI6QKHT0hcp9dhSsgbNugXPzzxXmw9I9yZHdOcdEY-b-vLv36EY6KxFpCNuybhVUd4InEhV2GeqYmJOc2OxWAzIxz_M8pUVqn54kYQ7RNhoXsf/s1600/IMG_1043.jpeg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1600" data-original-width="1200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWK-m_ScjpkPGw4ODpyKWckOxxN4lr9EaI6QKHT0hcp9dhSsgbNugXPzzxXmw9I9yZHdOcdEY-b-vLv36EY6KxFpCNuybhVUd4InEhV2GeqYmJOc2OxWAzIxz_M8pUVqn54kYQ7RNhoXsf/s1600/IMG_1043.jpeg" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">Kalalau Lookout, Kauai</span></td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><b>Workspace ONE Intelligence Setup</b></span></div>
<div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Login to your Workspace ONE UEM console<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9uvANKReL__wq0L6w_XJpYX15FsjUdmgeGYk-GFW1yA0UfZlNU6wReoM4JVG6_4VQSM517jcyPuvymFWeLXogi_HhngqTSbz1hG25Yzps2-TvEpSD58UsOc0TV8BvoHAygWNgdjYd6TUb/s1600/Screen+Shot+2020-04-18+at+3.54.06+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="875" data-original-width="1600" height="348" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9uvANKReL__wq0L6w_XJpYX15FsjUdmgeGYk-GFW1yA0UfZlNU6wReoM4JVG6_4VQSM517jcyPuvymFWeLXogi_HhngqTSbz1hG25Yzps2-TvEpSD58UsOc0TV8BvoHAygWNgdjYd6TUb/s640/Screen+Shot+2020-04-18+at+3.54.06+PM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the upper right hand corner, click the 9 dots, and then click 'Workspace ONE Intelligence'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRDsWthTvQ95TYnRR7B18K7ip3jIGuvqLVFitN-APPVn58QksXSkxnm931uLi__uB5__c1WNlH8lFqjbHxmupD_8g1KMs7uxuJShbMnLqlXOvkyNIUt5R2cQibwHNZ7d2eqIgj_wZ3ar_7/s1600/Screen+Shot+2020-06-23+at+8.20.43+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="391" data-original-width="499" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRDsWthTvQ95TYnRR7B18K7ip3jIGuvqLVFitN-APPVn58QksXSkxnm931uLi__uB5__c1WNlH8lFqjbHxmupD_8g1KMs7uxuJShbMnLqlXOvkyNIUt5R2cQibwHNZ7d2eqIgj_wZ3ar_7/s320/Screen+Shot+2020-06-23+at+8.20.43+AM.png" width="320" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Launch'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitpLbI-xFt9DRZDaHlN2aJehj1alTN-nT4IqlY7amaL3H2EoNGRhyW6nDdUHAVUIW-h48E7dQC3ERx0hpxq1lRDLd7aFgDZkkvlR6Ulc97K_4JO6I1Jqw-_ROhKnXFNAnAHH0WA0BwFiWZ/s1600/Screen+Shot+2020-06-23+at+8.21.02+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="745" data-original-width="1481" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitpLbI-xFt9DRZDaHlN2aJehj1alTN-nT4IqlY7amaL3H2EoNGRhyW6nDdUHAVUIW-h48E7dQC3ERx0hpxq1lRDLd7aFgDZkkvlR6Ulc97K_4JO6I1Jqw-_ROhKnXFNAnAHH0WA0BwFiWZ/s640/Screen+Shot+2020-06-23+at+8.21.02+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the new window that opens, click 'Integrations'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEcQuXFHWGr0Elf7AwDH4Jeih0qlRXcHEfpUgfwerLCv2ou79Xt9p-X64Q71EzLc1_nz5VpiHwFALGkZcbdECVFm81JkeUPPGSVdbUfdrRE5F250Dz14XBOVZLn1ll1m-tTmKV5mXnNBX/s1600/Screen+Shot+2020-06-23+at+8.25.25+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1220" data-original-width="1290" height="604" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiEcQuXFHWGr0Elf7AwDH4Jeih0qlRXcHEfpUgfwerLCv2ou79Xt9p-X64Q71EzLc1_nz5VpiHwFALGkZcbdECVFm81JkeUPPGSVdbUfdrRE5F250Dz14XBOVZLn1ll1m-tTmKV5mXnNBX/s640/Screen+Shot+2020-06-23+at+8.25.25+AM.png" width="640" /></a><br /><br />(close-up)<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWpk4IYZuiUdFi1XNcADYs4P8RNsTBWcnOvF9akxk9yFiGTzYLNdx1aEKnvR3fZvCNOhwwEs8T4-nVS7ri1R2vB2aroWF1BbYMFsewsyg6DCNhhrkAt1a5RQmKJQnNpVFoXcbQa5j6zeV_/s1600/Screen+Shot+2020-06-23+at+8.46.20+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="145" data-original-width="943" height="98" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWpk4IYZuiUdFi1XNcADYs4P8RNsTBWcnOvF9akxk9yFiGTzYLNdx1aEKnvR3fZvCNOhwwEs8T4-nVS7ri1R2vB2aroWF1BbYMFsewsyg6DCNhhrkAt1a5RQmKJQnNpVFoXcbQa5j6zeV_/s640/Screen+Shot+2020-06-23+at+8.46.20+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the new page that appears, locate Zimperium, and click 'Set up'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDsa3fXrRFSKgjbnzTB_odeH7xlPMK0TBzEqSC4nJdFFXrNw24D2AFDCj0er7JQAwrMS8N8SwfqlucKZg9QYFb5hICh_SueostpB1mXUstMn1y0WOdx0WlzCdbqcF5wYo-tN23tvew2g_P/s1600/Screen+Shot+2020-06-23+at+8.48.24+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1227" data-original-width="1297" height="604" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDsa3fXrRFSKgjbnzTB_odeH7xlPMK0TBzEqSC4nJdFFXrNw24D2AFDCj0er7JQAwrMS8N8SwfqlucKZg9QYFb5hICh_SueostpB1mXUstMn1y0WOdx0WlzCdbqcF5wYo-tN23tvew2g_P/s640/Screen+Shot+2020-06-23+at+8.48.24+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Enter your administrator email address (this can be any email address, providing your team can be reached at the address). Click 'Done'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2QXzj6bN2BGRJxnA55PufRZDduTF36CTOTWRgHe5IDSCr9oYaRqa0kIGMKbbpjmnfvgyXKjWEDTFKgjM89ttiHjqvRmE71KdPy4xhE-rFbu0mbj8TPepfepGPhpy1vF41vD5pmmkmruK9/s1600/Screen+Shot+2020-06-23+at+8.48.30+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="610" data-original-width="936" height="416" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2QXzj6bN2BGRJxnA55PufRZDduTF36CTOTWRgHe5IDSCr9oYaRqa0kIGMKbbpjmnfvgyXKjWEDTFKgjM89ttiHjqvRmE71KdPy4xhE-rFbu0mbj8TPepfepGPhpy1vF41vD5pmmkmruK9/s640/Screen+Shot+2020-06-23+at+8.48.30+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">At the next page you are provided with the integration token, hostname, and port. Keep this information handy.<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJT7m0dtXM40MNSicCUtSOBd9Tb0ik7dWTNjZKzc6EJAW4qLSsi-lGPuF_z4wN4qZQS9B36D9npgEJheNOOUYPlWNaQL8H4OJRIbcz-wgiLvdnUAR1g4v34L8D5Ac8MWWrdXUHBR4F5KN7/s1600/Screen+Shot+2020-06-23+at+8.48.42+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="611" data-original-width="887" height="440" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJT7m0dtXM40MNSicCUtSOBd9Tb0ik7dWTNjZKzc6EJAW4qLSsi-lGPuF_z4wN4qZQS9B36D9npgEJheNOOUYPlWNaQL8H4OJRIbcz-wgiLvdnUAR1g4v34L8D5Ac8MWWrdXUHBR4F5KN7/s640/Screen+Shot+2020-06-23+at+8.48.42+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Done'</span></li>
</ol>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: large;"><b>Zimperium Mobile Threat Detection Integration</b></span></div>
<div>
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Login to the Zimperium zConsole and click 'Manage'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNE72F8fYBdCK0hLTdXHoULAWt6bzQbNssecwerb3VK6w8bj22GwmO91iEjmOBA5r1qpkFmI_RJHQoHsHoU2kL9KX2p4_kY-VmBIKhywYFGHKEK_TfgUnolUGS4_PUEJPesjnnH4wQz1Dd/s1600/Screen+Shot+2020-06-23+at+8.49.14+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="707" data-original-width="222" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNE72F8fYBdCK0hLTdXHoULAWt6bzQbNssecwerb3VK6w8bj22GwmO91iEjmOBA5r1qpkFmI_RJHQoHsHoU2kL9KX2p4_kY-VmBIKhywYFGHKEK_TfgUnolUGS4_PUEJPesjnnH4wQz1Dd/s320/Screen+Shot+2020-06-23+at+8.49.14+AM.png" width="100" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Integrations'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOKG2pN20tQuq0oemrMU7_tNp98G0NjZh63iHaL0Piemy1plqqfAWBZ3HNctMkydOKaefsC-kbMN1AJYkPqC0VvLA50lxKz25RYYSkocRK1QoAfZ3XWE4iPQ-QDadWnEnOoZt56jyipYue/s1600/Screen+Shot+2020-06-23+at+8.50.00+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="537" data-original-width="1147" height="298" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOKG2pN20tQuq0oemrMU7_tNp98G0NjZh63iHaL0Piemy1plqqfAWBZ3HNctMkydOKaefsC-kbMN1AJYkPqC0VvLA50lxKz25RYYSkocRK1QoAfZ3XWE4iPQ-QDadWnEnOoZt56jyipYue/s640/Screen+Shot+2020-06-23+at+8.50.00+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Threat Reporting', followed by 'Add Integration'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgomr0LMLRy6Mt27ECvSqYu2jy6z5KfaUho5ct-l6HFfLdUMgzte0TCyb-UMUpnaNepEI9XleCYknQ25NGTiQqyZSdvq3P02GTl_Y6_xIv5Ja2jhUq3raCgW05Z0KVn-1d6OJwxBvUBRVfs/s1600/Screen+Shot+2020-06-23+at+8.50.11+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="672" data-original-width="1292" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgomr0LMLRy6Mt27ECvSqYu2jy6z5KfaUho5ct-l6HFfLdUMgzte0TCyb-UMUpnaNepEI9XleCYknQ25NGTiQqyZSdvq3P02GTl_Y6_xIv5Ja2jhUq3raCgW05Z0KVn-1d6OJwxBvUBRVfs/s640/Screen+Shot+2020-06-23+at+8.50.11+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'VMware Workspace ONE Intelligence'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Paste in the values obtained from Workspace ONE Intelligence<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj66Kh375eACgNfBlX9P-Znt_ERbEvo1gUHe6Ad8vRbFuWvpEglSnAC5rL6pzGIu3cJr-wigjd0mAvzgxM6Mm4rJC2HzCInl7OQQONvuTuU3zU0-yEjgUze80h72RQgzeEriGvNKaNS7vMC/s1600/Screen+Shot+2020-06-23+at+8.50.33+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="673" data-original-width="1314" height="326" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj66Kh375eACgNfBlX9P-Znt_ERbEvo1gUHe6Ad8vRbFuWvpEglSnAC5rL6pzGIu3cJr-wigjd0mAvzgxM6Mm4rJC2HzCInl7OQQONvuTuU3zU0-yEjgUze80h72RQgzeEriGvNKaNS7vMC/s640/Screen+Shot+2020-06-23+at+8.50.33+AM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Next', and specify the appropriate event level to send over. I have selected 'Normal and Above'. Before proceeding, name the integration appropriately as well. Then click 'Finish'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjM2fwHx0JyRcIlKEK1FeXeunLSIO1FThs3u4s51SE59tCumu0z8a7M6OjftloREgYKI3EqnGDq3f4j78ELwTjgDjZvncg8AOiqOCNOzu689N8svGTlNBzqpgMCELK59qRVXTnopHTO0Bli/s1600/Screen+Shot+2020-06-23+at+8.51.01+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="586" data-original-width="1261" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjM2fwHx0JyRcIlKEK1FeXeunLSIO1FThs3u4s51SE59tCumu0z8a7M6OjftloREgYKI3EqnGDq3f4j78ELwTjgDjZvncg8AOiqOCNOzu689N8svGTlNBzqpgMCELK59qRVXTnopHTO0Bli/s1600/Screen+Shot+2020-06-23+at+8.51.01+AM.png" /></a><br /><br />* Note - at the time of this writing, June 24th 10:22 PM EDT, Detailed Forensics cannot be selected.</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Your new 'Threat Reporting' destination is created.</span><div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxuCngFSFXxUeUqBAsfoKdRdx5xaZZd_rs_gKxHq9VX_O-p2MZ9gkK0nNCEBmeSGwwpQDTHfK6Bo1iRg92fizjolEznAdC03cMsiPZqkhyphenhypheniZHbluS8xY5QCjqnK8S6iE2Wn8C1dOmMOypx/s1600/Screen+Shot+2020-06-23+at+8.51.18+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="562" data-original-width="1156" height="310" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxuCngFSFXxUeUqBAsfoKdRdx5xaZZd_rs_gKxHq9VX_O-p2MZ9gkK0nNCEBmeSGwwpQDTHfK6Bo1iRg92fizjolEznAdC03cMsiPZqkhyphenhypheniZHbluS8xY5QCjqnK8S6iE2Wn8C1dOmMOypx/s640/Screen+Shot+2020-06-23+at+8.51.18+AM.png" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></li>
</ol>
</div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">Outside of the scope of this post is how to create threats. To validate the integration works; I will create some threats and show the threats exported count increase.... </span><br />
<span style="font-family: "verdana" , sans-serif;">😉</span></div>
</div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Threat Event Log in zConsole, post-device tampering...</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuUwAHbNJisXo9TnZKiWWtIJiX3xZmWnnvbZft_-LuU_wu21qEug1HhmZ20mPPQkeKH4-eAY5fqpMCOdvmK68AAlPbUpg7q1AquwCTxbxiD_AYM8N_dYA8JYxx4H2UwbuKtQ3E2FeTDQHt/s1600/Screen+Shot+2020-06-24+at+12.23.03+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="595" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuUwAHbNJisXo9TnZKiWWtIJiX3xZmWnnvbZft_-LuU_wu21qEug1HhmZ20mPPQkeKH4-eAY5fqpMCOdvmK68AAlPbUpg7q1AquwCTxbxiD_AYM8N_dYA8JYxx4H2UwbuKtQ3E2FeTDQHt/s1600/Screen+Shot+2020-06-24+at+12.23.03+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Updated Workspace ONE Intelligence integration detailing 16 threats reported. The reason the number of threats reported to Amazon Kinesis is greater, is due to Kinesis being integrated since April 29th, 2020. </span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjS1te3Eset_pafPY8N9UbSD4ixFmMJl0PCFGgYJ8HyTDhWw7UGLZ4E27XXFUJsnOSQ3lIY-g-0eO9c50nJ7EMaZrUSmH70SGzIymtmKqoaA6gTBqc6Cyo3mNczcwZpKheWxbVWONOOdsxj/s1600/Screen+Shot+2020-06-24+at+12.23.28+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="842" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjS1te3Eset_pafPY8N9UbSD4ixFmMJl0PCFGgYJ8HyTDhWw7UGLZ4E27XXFUJsnOSQ3lIY-g-0eO9c50nJ7EMaZrUSmH70SGzIymtmKqoaA6gTBqc6Cyo3mNczcwZpKheWxbVWONOOdsxj/s1600/Screen+Shot+2020-06-24+at+12.23.28+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span></div>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Lahaina, HI, USA20.8783333 -156.682520.8189928 -156.763181 20.937673800000002 -156.601819tag:blogger.com,1999:blog-3792012736265800115.post-62188356280779137522020-05-20T13:28:00.002-04:002020-06-25T14:34:04.290-04:00Ingest Mobile Threat Events from Zimperium zConsole in Amazon Kinesis Data Streams & Kinesis Data Analytics<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><i>Prologue:</i> In uncertain times; we search for security, stability, and certainty. This could be economic security, financial security, information security, or even securing your next roll of toilet paper. I want to thank medical experts around the world who have tirelessly worked around the clock to combat the COVID-19 pandemic, and help bring that feeling of security back. Their selfless actions are an inspiration to us all, and I am forever thankful for their sacrifice.<br /><br />Thank you to the businesses who have stepped up and shown the best of themselves. Examples include; <a href="http://news.aa.com/news/news-details/2020/American-Airlines-and-Hyatt-Surprise-Health-Care-Workers-at-NYC-Health--Hospitals-Elmhurst-with-Complimentary-Vacations-COMM-VOL-05/default.aspx" target="_blank">American Airlines & Hyatt </a>offering complimentary vacations to medical experts, <a href="https://www.samsung.com/us/support/service/free-repairs-for-the-frontline/" target="_blank">Samsung</a> and <a href="https://www.globenewswire.com/news-release/2020/04/24/2021652/0/en/uBreakiFix-and-Google-Offer-Free-Pixel-Smartphone-Repairs-to-Those-Helping-and-Healing-on-the-Frontlines-of-the-COVID-Crisis-in-the-United-States.html" target="_blank">Google</a> offering free device repairs to medical experts, VMware partnering with <a href="https://www.vmware.com/company/news/updates/modern-apps-help-communities-covid-19.html" target="_blank">NHS</a> to develop a contact tracing application, while <a href="https://www.blog.google/inside-google/company-announcements/apple-and-google-partner-covid-19-contact-tracing-technology/" target="_blank">Google</a> and Apple would partner to develop <a href="https://blog.google/documents/55/Android_Contact_Tracing_API.pdf" target="_blank">API's</a> for contact tracing. Leaders outside the medical community have stepped up and shown the best of themselves as well. <a href="https://www.theverge.com/2020/4/7/21212766/jack-dorsey-coronavirus-covid-19-donate-relief-fund-square-twitter" target="_blank">Jack Dorsey</a> would donate more than 1/5th ($1 billion dollars) of his net worth to fight COVID-19. Marc Benioff would <a href="https://twitter.com/benioff/status/1245930314494390272" target="_blank">charter</a> wide-body cargo flights full of PPE to the Bay Area. Thank you for your charity, and your generosity. There is no better time than this to use the hashtag, #TechForGood</span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">On to the good stuff...</span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilSarlM19QU0F2LMSlQ4Cucm5WErh1gqk7gdmQX0-4IN5s3nGSqp6EbIzl9aim44XE3VKNXUINtgTALng1ZHRjoBxpC4Nv8NUXJ8NxoxUFhkbbB2K78xU_x4zfnBsAYxnhwyjt-spATDAd/s1600/IMG-20170718-090958-2.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1200" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEilSarlM19QU0F2LMSlQ4Cucm5WErh1gqk7gdmQX0-4IN5s3nGSqp6EbIzl9aim44XE3VKNXUINtgTALng1ZHRjoBxpC4Nv8NUXJ8NxoxUFhkbbB2K78xU_x4zfnBsAYxnhwyjt-spATDAd/s1600/IMG-20170718-090958-2.jpg" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">Hanalei Bay, Kauai</span></td></tr>
</tbody></table>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">One of the ways we can find certainty is in data. Data about the past and present tells us where we've been, where we are, and gives us an idea of where we need to go. Data can help us make the right decisions, deliver better outcomes, and reduce disk. To add to this; the value of data changes over time, and where we store data changes over time. For instance, we might stream (ingest) data at extremely high volumes for real-time analysis, visualizing on dashboards, or even contact tracing. This gives us actionable data to infer from right now, right this second. </span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Once the data is ingested with a distributed high-performance stream processing framework, the data can only be retained for so long before it has to be off-loaded. This is due to the technical limitations of stream processing, as the data often resides entirely in memory. <br /><br />Examples to expand on this; A CEO or CISO might find value in real-time dashboard updates from data ingested with a stream processing framework such as Kafka, Kinesis or NiFi before being processed and offloaded to Cassandra, HBase or even an OLTP relational database like PostgreSQL. A financial analyst working on a quarterly 10-Q/yearly 10-K might find value in a OLTP database. Finally a Demand Planner might find value deriving information from a data warehouse with OLAP queries. </span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Amazon Kinesis is comparable to <a href="https://en.wikipedia.org/wiki/Apache_Kafka" target="_blank">Apache Kafka</a> in many ways. Kafka is a pub/sub messaging broker developed by LinkedIn to handle an enormous volume of message on inexpensive hardware. For an idea of the scale that Kafka brings to organizations in 2019, Linkedin is pushing over <a href="https://engineering.linkedin.com/blog/2019/apache-kafka-trillion-messages" target="_blank">7 trillion messages</a> a day on Kafka. </span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">To stream mobile threat events to Kinesis, and scale to handle trillions of consumers; you don't have to write your Kinesis producer using <a href="https://docs.aws.amazon.com/streams/latest/dev/developing-producers-with-kpl.html" target="_blank">KPL</a>. instead you can leverage the integration Zimperium has built in to zConsole. So, let's take a look at how to integrate zConsole with Kinesis Data Streams, Kinesis Data Analytics, and eventually Kinesis Data Firehose.</span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">We will start by logging in to our Zimperium zConsole.</span></div>
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Manage'<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUih-poB1YfX43DeRvkgII5bZawJPZFyXzJvL9Eg9ehM4KR5wp4s5rl741pkNvd4SP2M3brf9qi7NlXC9tOEFygNCUfkA11KF9IEBpA3lQ21WR509a2OfGyx-bjqg08slv8hGlnReTxmw2/s1600/Screen+Shot+2020-05-19+at+8.32.06+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1304" data-original-width="350" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUih-poB1YfX43DeRvkgII5bZawJPZFyXzJvL9Eg9ehM4KR5wp4s5rl741pkNvd4SP2M3brf9qi7NlXC9tOEFygNCUfkA11KF9IEBpA3lQ21WR509a2OfGyx-bjqg08slv8hGlnReTxmw2/s320/Screen+Shot+2020-05-19+at+8.32.06+PM.png" width="85" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Integrations' followed by 'Threat Reporting', and then 'Add Integration'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1NmRhJoe_0Nv7jKHyGi03Xv9kyoy0c_jaZejml3q5MG8eQFMjJbG9xQYAg7OHCWNqTwNIoI9Yeo3CdlGhapXoXXA29lECO9QbfG_mU44eX360YxfX2RnUVeBKY6mlZqcLSOtUMpjYBzN7/s1600/Untitled.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="414" data-original-width="924" height="143" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1NmRhJoe_0Nv7jKHyGi03Xv9kyoy0c_jaZejml3q5MG8eQFMjJbG9xQYAg7OHCWNqTwNIoI9Yeo3CdlGhapXoXXA29lECO9QbfG_mU44eX360YxfX2RnUVeBKY6mlZqcLSOtUMpjYBzN7/s320/Untitled.png" width="320" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Amazon Kinesis'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVARZbzD75GjOwWcrVko7U-_yL4emeSUPCN-WXriE-PLDr4obHQel0WCh0ha1N_gSyc3KCCnA7YxZzv-1TwNdJfLQpzHWeMPXJVMnGbgVlOqAWK5UN_XHnvzOuG0SOwwn7G5hKfjZ70TlT/s1600/Screen+Shot+2020-05-19+at+8.47.50+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="736" data-original-width="1600" height="294" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVARZbzD75GjOwWcrVko7U-_yL4emeSUPCN-WXriE-PLDr4obHQel0WCh0ha1N_gSyc3KCCnA7YxZzv-1TwNdJfLQpzHWeMPXJVMnGbgVlOqAWK5UN_XHnvzOuG0SOwwn7G5hKfjZ70TlT/s640/Screen+Shot+2020-05-19+at+8.47.50+PM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;"> To fill out the following form fields, we need to login to our AWS console and setup our Kinesis Data Stream<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbE0MjX4eVBe-WAKPaXBeoGz27zrTq5WJIkvR3vb93EDaBEGhsM5u0bNmix1YvtD6XZHj02c5BdEyEWeA1fJDxfbpdqKW6iqgi5n8Os-ykVvKjcOmVCbr2TzYyYaSfhD5vE5-bRTX4OLqL/s1600/Screen+Shot+2020-05-19+at+8.51.45+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="739" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbE0MjX4eVBe-WAKPaXBeoGz27zrTq5WJIkvR3vb93EDaBEGhsM5u0bNmix1YvtD6XZHj02c5BdEyEWeA1fJDxfbpdqKW6iqgi5n8Os-ykVvKjcOmVCbr2TzYyYaSfhD5vE5-bRTX4OLqL/s1600/Screen+Shot+2020-05-19+at+8.51.45+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In a web browser, login to <a href="https://aws.amazon.com/">https://aws.amazon.com/</a> and click 'Sign in to the Console'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIsp68d41VfZj9i6tcfalqPmhu9ENfmdZeeZ-lPyQCVsrxrZ_M5OqVmz8TvvFgWmkLiq_vcPmWLwS8150K7lngez71rJHVYduprLX-I0rZxIZHLQOIJZLY34z_CmpE_8IzU3OvOBwL8Ips/s1600/untitled+01.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="135" data-original-width="1600" height="52" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIsp68d41VfZj9i6tcfalqPmhu9ENfmdZeeZ-lPyQCVsrxrZ_M5OqVmz8TvvFgWmkLiq_vcPmWLwS8150K7lngez71rJHVYduprLX-I0rZxIZHLQOIJZLY34z_CmpE_8IzU3OvOBwL8Ips/s640/untitled+01.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Under 'Analytics' is where Kinesis is located, or if you have worked with Kinesis recently; you can find Kinesis under 'Recently Visited Services'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcqYUgSuNBiEhyphenhyphenuAyhyRJDqo7rVUeDUtscVI8IAOgSX3z4kIYl7e4arJrmk5agGPCvsocPKYMurvAK5sKkGSdjnIQ8WimExEVyYW0cKqMIOnXaJaz4_3Q6T9npEfJlhsyU_IyNAHaGAAs7/s1600/Untitled+02.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1000" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcqYUgSuNBiEhyphenhyphenuAyhyRJDqo7rVUeDUtscVI8IAOgSX3z4kIYl7e4arJrmk5agGPCvsocPKYMurvAK5sKkGSdjnIQ8WimExEVyYW0cKqMIOnXaJaz4_3Q6T9npEfJlhsyU_IyNAHaGAAs7/s1600/Untitled+02.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Create data stream'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYGO9PVRB5wrc-Z-GNEXEbO__4SAj3KDTAX_aqchWxKs-AkSY-6LTXVFZT6tl2_9N9BZzZ5MV3IK9rMAgj0mJj_juWnlyO76IUhYw03nMMDQDtoafhcoPhrq3SgIwydMC8viQBlVzVE4xK/s1600/untitled+03.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1000" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYGO9PVRB5wrc-Z-GNEXEbO__4SAj3KDTAX_aqchWxKs-AkSY-6LTXVFZT6tl2_9N9BZzZ5MV3IK9rMAgj0mJj_juWnlyO76IUhYw03nMMDQDtoafhcoPhrq3SgIwydMC8viQBlVzVE4xK/s1600/untitled+03.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Enter a name for the data stream. In this example; we will use zIPS, as it will be ingesting streaming threat data from zIPS. Take note of the number of open shards. For lab/demonstration purposes; 1 shard should be fine. For production, depending on the number of KCL workers instantiated (consumers of data), and volume of data/records the data stream is ingesting per second; you will have to size appropriately. Use the 'Shard Estimator' for further guidance. Click 'Create data stream'<br /><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLsT_ZAeqMNPCkTvGIFBOX3PI-7aS1_cuS2EOrVyTlJFR2EAepmO9O0_4xZca1wo_iJTtjF_HCoPnXM2gFplfFvxoO7KkSIXTXgg1NK-CNEjleEohAUyQYbl-wbWJz6_9G9NHlOvcGo8ln/s1600/IMG_0365.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLsT_ZAeqMNPCkTvGIFBOX3PI-7aS1_cuS2EOrVyTlJFR2EAepmO9O0_4xZca1wo_iJTtjF_HCoPnXM2gFplfFvxoO7KkSIXTXgg1NK-CNEjleEohAUyQYbl-wbWJz6_9G9NHlOvcGo8ln/s1600/IMG_0365.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Copy the Amazon Resource Name (arn) value and paste it in a text editor for later use<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsxg7Ra7EnHU-tILiGfZtnYCY4NogNXfMRZN6u6YV524TbddNKXtt5xUe59aumGLg1iwc7V39-_BVBg23Fm5D-HbmHBSS7cP6YAUoLyNrdCA3WOY7aLz8JcGdmMHRvzFjqM69stb1Sq3WM/s1600/IMG_0366.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjsxg7Ra7EnHU-tILiGfZtnYCY4NogNXfMRZN6u6YV524TbddNKXtt5xUe59aumGLg1iwc7V39-_BVBg23Fm5D-HbmHBSS7cP6YAUoLyNrdCA3WOY7aLz8JcGdmMHRvzFjqM69stb1Sq3WM/s1600/IMG_0366.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">To create a user, in the upper left hand corner of the AWS console; click on 'Services' and click 'IAM"<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitNWZyMVCr11lg3-aBaWynflxP78QyEc_ySQDf47cKU8mYk3SPlWjxqSzG7kLjs-9J-s5V5wP1mPcBssrX0w40aY_RONaOubStKLq-JVcM1slx_iD-iE2OEhotbDOv6w4uUnCXV5PhOqXj/s1600/untitled+05.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1195" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEitNWZyMVCr11lg3-aBaWynflxP78QyEc_ySQDf47cKU8mYk3SPlWjxqSzG7kLjs-9J-s5V5wP1mPcBssrX0w40aY_RONaOubStKLq-JVcM1slx_iD-iE2OEhotbDOv6w4uUnCXV5PhOqXj/s1600/untitled+05.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;"> Click 'Users'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWoqfgNCrK7WBKTX4dMnKGejAI42RgqtinWTfK6GLvqLYIJ5BcHdkxcsOwXmFlu0P9DHDJ2Gua4FHC9NViSTscn2bdVSDisLHWV12kEsYEuQPrw3mdWcIwI4stAYYhe8gINuAoddnt9omM/s1600/Screen+Shot+2020-05-19+at+9.55.58+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1446" data-original-width="540" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWoqfgNCrK7WBKTX4dMnKGejAI42RgqtinWTfK6GLvqLYIJ5BcHdkxcsOwXmFlu0P9DHDJ2Gua4FHC9NViSTscn2bdVSDisLHWV12kEsYEuQPrw3mdWcIwI4stAYYhe8gINuAoddnt9omM/s640/Screen+Shot+2020-05-19+at+9.55.58+PM.png" width="236" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Add user to group', followed by 'Create group'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQ1oRbKVSoS3rgSisRT6CWsgUbTyl0oDhiphvotc4K5tGcjl_-t4sjpEU_hRTz0K9GNtnixtNpl9vgQMuXT4CqFSRPHQ8TjvLFbztZU0y12ccSCGMArXBRJu6sh7PoeO2_YvFdTtxHlCM5/s1600/IMG_0372.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQ1oRbKVSoS3rgSisRT6CWsgUbTyl0oDhiphvotc4K5tGcjl_-t4sjpEU_hRTz0K9GNtnixtNpl9vgQMuXT4CqFSRPHQ8TjvLFbztZU0y12ccSCGMArXBRJu6sh7PoeO2_YvFdTtxHlCM5/s1600/IMG_0372.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Name the group, specify the following policies, and click 'Create Group'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Z80za9QlyOIvQJYFB1tdg8CxuC-hmkfXkp-ENL4b9GMowylcrDCfnrDPm4c8oyJyXaD9ywCGCZssXQ3Tz-dSIvFo-913oUddjE1_uV4OONsk1Bu-sK1f8-3NWokOWftsTk1m668Tj7YC/s1600/IMG_0373.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2Z80za9QlyOIvQJYFB1tdg8CxuC-hmkfXkp-ENL4b9GMowylcrDCfnrDPm4c8oyJyXaD9ywCGCZssXQ3Tz-dSIvFo-913oUddjE1_uV4OONsk1Bu-sK1f8-3NWokOWftsTk1m668Tj7YC/s1600/IMG_0373.png" /></a></span><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5xr7Y1EWV5azpzvVvoJOFGgcqiewff8OEZ_aFvrh3KcC4ZiRGKe9LlevSAzsT56R8k8pAlgwG6_tl9c8O0-qJRIRePw8n_MIVukUlziitrxl-TrCQnRmVfMGBN7uBtpdkRETZVG-Tz3KS/s1600/Screen+Shot+2020-05-19+at+10.39.30+PM.png" imageanchor="1" style="margin-left: auto; margin-right: auto; text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="280" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5xr7Y1EWV5azpzvVvoJOFGgcqiewff8OEZ_aFvrh3KcC4ZiRGKe9LlevSAzsT56R8k8pAlgwG6_tl9c8O0-qJRIRePw8n_MIVukUlziitrxl-TrCQnRmVfMGBN7uBtpdkRETZVG-Tz3KS/s1600/Screen+Shot+2020-05-19+at+10.39.30+PM.png" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">Policies associated with the group</span></td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif;"><br /></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Finally click 'Create User'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMGydC_Le7Ok68qRXvFmv9eYfudUWrHm9IFShEGZcZKFy0okEdXP5Qw22Lfm4mGb4fnz7KUUl9o2vm_yj8Ky52uiBXfOmdBbjxeGSop09PKj4CWYrQtz56ikTy_CZeN6692JzrIP0hzMiF/s1600/IMG_0374.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMGydC_Le7Ok68qRXvFmv9eYfudUWrHm9IFShEGZcZKFy0okEdXP5Qw22Lfm4mGb4fnz7KUUl9o2vm_yj8Ky52uiBXfOmdBbjxeGSop09PKj4CWYrQtz56ikTy_CZeN6692JzrIP0hzMiF/s1600/IMG_0374.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Copy the 'Access key ID' and 'Secret access Key'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZhLuPbqlHkX4UL06phu4OgJMwP_6M0q7Fw1g7DELIB5rEjtx_a89dWbEESVNpNbxcRdV_2IpHmCWRH2xpHQ-OTPVvLZZoAHHCu1EQ_CLWRAshmunxsLPPTrbSR7l8a684T0D9SHz4BLNF/s1600/IMG_0375.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1600" data-original-width="1200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZhLuPbqlHkX4UL06phu4OgJMwP_6M0q7Fw1g7DELIB5rEjtx_a89dWbEESVNpNbxcRdV_2IpHmCWRH2xpHQ-OTPVvLZZoAHHCu1EQ_CLWRAshmunxsLPPTrbSR7l8a684T0D9SHz4BLNF/s1600/IMG_0375.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Head back over to the Zimperium zConsole, and fill in either;<br />AWS Region Name<br />Stream Name<br />AWS Access Key ID<br />AWS Secret Access Key<br /><br /><b>OR</b><br />AWS Region Name<br />Stream Name<br />Assumed Rule Name (Amazon Resource Name)<br /><br />My Kinesis environment is in the us-east-2 region. My Stream Name is zIPS, and I have pasted the Access Key ID/Secret Access Key in the example below. Click 'Go on'</span></li>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiO3kWJ9IbJALluOgoYfJFbnysIHKv2IrT0Yff5GFPN2P0lNKNmObAbW51ebmTjXROY7HLRxhVY63IPP4v0arwzUHWoi370nNUvgzf4Fx-qZuO2HetEKDBSXIg-VfAQdAj1nF7hyiTbIEVJ/s1600/Untitled+07.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="744" data-original-width="1600" height="296" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiO3kWJ9IbJALluOgoYfJFbnysIHKv2IrT0Yff5GFPN2P0lNKNmObAbW51ebmTjXROY7HLRxhVY63IPP4v0arwzUHWoi370nNUvgzf4Fx-qZuO2HetEKDBSXIg-VfAQdAj1nF7hyiTbIEVJ/s640/Untitled+07.png" width="640" /></a><br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2rpK_vv36Q_hF_y9Rreho41o43PJCjzvESMSjfOhWpdGsZYeK814ioK7pQ2F4balk_bDmZduPz3f6oivwE9HiSdBlRNwtzo8_e1izgMDe1kx34ip3__3ZNaC7Fa3eK5k6f4CTxhSO5Zz9/s1600/Screen+Shot+2020-05-19+at+10.51.50+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="228" data-original-width="1348" height="108" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2rpK_vv36Q_hF_y9Rreho41o43PJCjzvESMSjfOhWpdGsZYeK814ioK7pQ2F4balk_bDmZduPz3f6oivwE9HiSdBlRNwtzo8_e1izgMDe1kx34ip3__3ZNaC7Fa3eK5k6f4CTxhSO5Zz9/s640/Screen+Shot+2020-05-19+at+10.51.50+PM.png" width="640" /></a></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><br /></span></div>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVi3QD3MQWSPef86cl9ejaEXfexBlMEBd7_yB7TRb0fQKAUCw1wpzKa9RPZEMRT4IkNPiP3zHCaNXbnFs1rTbHs3JpueDCIW2ZiVPhDs44jqNPfm6eiX_yE6VLie0ZuTxldXneIaUmIyNP/s1600/product-page-diagram_Amazon-Kinesis-Data-Streams.074de94302fd60948e1ad070e425eeda73d350e7.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="642" data-original-width="1425" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVi3QD3MQWSPef86cl9ejaEXfexBlMEBd7_yB7TRb0fQKAUCw1wpzKa9RPZEMRT4IkNPiP3zHCaNXbnFs1rTbHs3JpueDCIW2ZiVPhDs44jqNPfm6eiX_yE6VLie0ZuTxldXneIaUmIyNP/s1600/product-page-diagram_Amazon-Kinesis-Data-Streams.074de94302fd60948e1ad070e425eeda73d350e7.png" /></span></a></td></tr>
<tr><td class="tr-caption" style="font-size: 12.8px;"><span style="font-family: "verdana" , sans-serif;">Source: <a href="https://aws.amazon.com/kinesis/data-streams/?nc=sn&loc=2&dn=2">https://aws.amazon.com/kinesis/data-streams/?nc=sn&loc=2&dn=2</a></span></td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />At this time, the Data Stream is setup. Threat data is stream in real time to your Kinesis Data Stream. The following infographic from Amazon does a great job showing where we can send the data. Lambda functions, Apache Spark, an EC2 instance, or Kinesis Data Analytics. I modified the 'Threat Severity Filter Settings' to export 'Normal and Above' threats. With over 100 threats in my Kinesis Data Stream; I have enough event entries to setup Kinesis Data Analytics with Apache Flink or SQL.</span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSBhdNLDHs61Q01vAq7o-JCCIuMDD7NjONY9OBjZEJUXrTU2SC-VEDYkTxB_HrLpq_VOSxQbgU771oL3D1IoRC9ZU9t6BPciToPgWDsxQPOV113-LGWKUkdOFvso3JbRynKUGF9XR1xpMK/s1600/Screen+Shot+2020-05-19+at+11.03.47+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="328" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSBhdNLDHs61Q01vAq7o-JCCIuMDD7NjONY9OBjZEJUXrTU2SC-VEDYkTxB_HrLpq_VOSxQbgU771oL3D1IoRC9ZU9t6BPciToPgWDsxQPOV113-LGWKUkdOFvso3JbRynKUGF9XR1xpMK/s1600/Screen+Shot+2020-05-19+at+11.03.47+PM.png" /></span></a></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
</ol>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div>
<b><span style="font-family: "verdana" , sans-serif; font-size: large;">Kinesis Data Analytics Setup</span></b></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<br />
<ol>
<li><span style="font-family: "verdana" , sans-serif;"> In Kinesis, click on 'Data Analytics' on the left side of the screen<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIRLCw4mIACtZv0iNSyj7pleLM9-KkAKsuCgfJDIUaKobjlTV15nJHlB1eiLDgLVXX5hZ8qBR7kummtOtgBQ7Kno5tZxNbweZ_BFMQW8Umo7imz7f7_1GY0lJcC05a6Jt_PT2c0nLGVEsn/s1600/Screen+Shot+2020-05-19+at+11.11.47+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="664" data-original-width="330" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIRLCw4mIACtZv0iNSyj7pleLM9-KkAKsuCgfJDIUaKobjlTV15nJHlB1eiLDgLVXX5hZ8qBR7kummtOtgBQ7Kno5tZxNbweZ_BFMQW8Umo7imz7f7_1GY0lJcC05a6Jt_PT2c0nLGVEsn/s1600/Screen+Shot+2020-05-19+at+11.11.47+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;"> Click 'Create application'<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigoDZI8ob8-myaVkZbXadr7vSiGfIdP-wU0siUD7Z0zGj758YVhrG-Sl8_ti_YOQcSPCu6xHFxzlxgrUMuJ1s-OBgCS9hPDN5Cl_M-AVoD69O8ybt0ivnQuXUHZlSsV1tdrb8hyphenhyphenI6T3FPu/s1600/Screen+Shot+2020-05-19+at+11.14.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="374" data-original-width="1102" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigoDZI8ob8-myaVkZbXadr7vSiGfIdP-wU0siUD7Z0zGj758YVhrG-Sl8_ti_YOQcSPCu6xHFxzlxgrUMuJ1s-OBgCS9hPDN5Cl_M-AVoD69O8ybt0ivnQuXUHZlSsV1tdrb8hyphenhyphenI6T3FPu/s1600/Screen+Shot+2020-05-19+at+11.14.16+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Name the application and, choose either SQL or Apache Flink. In this example, I will choose SQL.<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4gvuL6lEIFkYqaJMWJp3hCvMJgn5SVTjq7TTT1vt18hho1ubGqCWDaL98FJEIifhe5leylxlh84rFRHVtC73mXAUmaGFiMTKWA_WvYJVfIXOLknDle-jsV_nQaMyM71VtnUCCjYl4_lsL/s1600/Screen+Shot+2020-05-19+at+11.15.01+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="883" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4gvuL6lEIFkYqaJMWJp3hCvMJgn5SVTjq7TTT1vt18hho1ubGqCWDaL98FJEIifhe5leylxlh84rFRHVtC73mXAUmaGFiMTKWA_WvYJVfIXOLknDle-jsV_nQaMyM71VtnUCCjYl4_lsL/s1600/Screen+Shot+2020-05-19+at+11.15.01+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Now that you have an application created, you can connect the streaming data source you just created by clicking 'Connect streaming data'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9BJVykSEiDRZNEgAwusKr7fEOWOyBim27GZBqehdSmhDoIJjmWWE9_t_YXPU7eIVIbLKSPVBT6jvNH9yzIuQAvXuQXXeQD1i-Je-OAt_160rOLnRb8s01jxb1xx5Vk-52uZdgOXGmjjlg/s1600/untitled+09.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1166" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9BJVykSEiDRZNEgAwusKr7fEOWOyBim27GZBqehdSmhDoIJjmWWE9_t_YXPU7eIVIbLKSPVBT6jvNH9yzIuQAvXuQXXeQD1i-Je-OAt_160rOLnRb8s01jxb1xx5Vk-52uZdgOXGmjjlg/s1600/untitled+09.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Specify the data source we just created.<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU2SkSu4-vURpHW_eJF8UhMB2HB2LOpsue0UCFA9Jueq0odDFKqeHli9ITrDRvPv7dEMFC_BIwggL0hIWrdRQIda6BVjpSA-dhkl7S0V_mWdZrdXIASFHjYJuwOlM1C62Vlc7RnX5ynyMp/s1600/Screen+Shot+2020-05-19+at+11.23.20+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1359" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhU2SkSu4-vURpHW_eJF8UhMB2HB2LOpsue0UCFA9Jueq0odDFKqeHli9ITrDRvPv7dEMFC_BIwggL0hIWrdRQIda6BVjpSA-dhkl7S0V_mWdZrdXIASFHjYJuwOlM1C62Vlc7RnX5ynyMp/s1600/Screen+Shot+2020-05-19+at+11.23.20+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">In 'Access Permissions', specify an existing IAM role, or have AWS create it for you automatically<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSCJb6f3822kY-JmtuCm3EotjlQ97-D_iyy6jkJ0P0s9S42LSqW2TafrqTlHPnpEWCSdIwsfFdaI1o8oNBQVqrO_iPaQBFT3PywlcfZvQmTtUDFtMQumMU7vcnpi-XScQp6cjsCnCBEQxG/s1600/Screen+Shot+2020-05-19+at+11.26.13+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="402" data-original-width="1118" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSCJb6f3822kY-JmtuCm3EotjlQ97-D_iyy6jkJ0P0s9S42LSqW2TafrqTlHPnpEWCSdIwsfFdaI1o8oNBQVqrO_iPaQBFT3PywlcfZvQmTtUDFtMQumMU7vcnpi-XScQp6cjsCnCBEQxG/s640/Screen+Shot+2020-05-19+at+11.26.13+PM.png" width="640" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Discovery Schema' for the Data Analytics application to discovery the data schema.<br /><b>Note: </b>This is only possible if you have enough recently streamed threat data.<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3NC1VYnRxrSnluSDI72OrbkmLN_cexGuRWTz9m73DIFQ9S20HL2MCjCYsKAGKcYvLceSqyrYEIp5axVcCnAX1_gHCBF4JY6LyKohBe1mBWNjslSpniXLMxmxnFNQlE-45bddTgKf0YAh1/s1600/Screen+Shot+2020-05-19+at+11.27.37+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="367" data-original-width="952" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3NC1VYnRxrSnluSDI72OrbkmLN_cexGuRWTz9m73DIFQ9S20HL2MCjCYsKAGKcYvLceSqyrYEIp5axVcCnAX1_gHCBF4JY6LyKohBe1mBWNjslSpniXLMxmxnFNQlE-45bddTgKf0YAh1/s1600/Screen+Shot+2020-05-19+at+11.27.37+PM.png" /></a><br /><br />Failure due to lack of recently streamed threat data will look like the following;<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVvkt23QGqLt7W6vv-3bRgZCLyjUc7xDb7Iy6vRnArpGXtf70QRWKXoaZwrtuB-aCQfTwxuBpJc8HJWMVoSbqJ-kf56_lulhQjIbj41O8Et3fLyYolG7gGKH2TBnIoRjSc9ewsib_KlYl6/s1600/Screen+Shot+2020-05-19+at+11.30.12+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="391" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVvkt23QGqLt7W6vv-3bRgZCLyjUc7xDb7Iy6vRnArpGXtf70QRWKXoaZwrtuB-aCQfTwxuBpJc8HJWMVoSbqJ-kf56_lulhQjIbj41O8Et3fLyYolG7gGKH2TBnIoRjSc9ewsib_KlYl6/s1600/Screen+Shot+2020-05-19+at+11.30.12+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Once your schema is discovered, it will look as follows;<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPADYOH3gCsQEtaTFnIr50JvtRSNes2vPujxcAAySRCkfBFKiJ8lrO-x9PkxSdUFpznSfgvG2LkxMefMZLOyA3KWaWzSkvEIBbQBHjAvBmJbb1CG6UFJS5T1199qEofA19tP9RKbuFKsfj/s1600/Screen+Shot+2020-05-09+at+9.22.20+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="479" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPADYOH3gCsQEtaTFnIr50JvtRSNes2vPujxcAAySRCkfBFKiJ8lrO-x9PkxSdUFpznSfgvG2LkxMefMZLOyA3KWaWzSkvEIBbQBHjAvBmJbb1CG6UFJS5T1199qEofA19tP9RKbuFKsfj/s1600/Screen+Shot+2020-05-09+at+9.22.20+AM.png" /></a><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6aPaBo1T-dpx1c3wVxxm1aL7BkTtm0Dy6DEeKRL2Gn2pDuP5IOdHxV7_kELLaYashhzm2Lfogw2uuk3TOlTbEoFFbkD6marDxmd6ZZGrLqqV-tqn46TtfQp2TGqMRwXyFX-w_xYZz_H3H/s1600/Screen+Shot+2020-05-09+at+9.22.32+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="940" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6aPaBo1T-dpx1c3wVxxm1aL7BkTtm0Dy6DEeKRL2Gn2pDuP5IOdHxV7_kELLaYashhzm2Lfogw2uuk3TOlTbEoFFbkD6marDxmd6ZZGrLqqV-tqn46TtfQp2TGqMRwXyFX-w_xYZz_H3H/s1600/Screen+Shot+2020-05-09+at+9.22.32+AM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Your application is ready, but not running. To run your application, click 'Go to SQL Editor'<br /><br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOGImYMOYGRQoh7lfUUQ_X8dslt1PYlv68aWgXPBm2L1d0yZeopwFsJnvjxYlglVPTc7MFvrEa45uF2CwzjSP3nHEUyxf97PMpzvVCj6nqmYYgx2JM5ABpTp84IWQqSLP8Gpr7gu-XDos0/s1600/Screen+Shot+2020-05-09+at+9.22.45+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1185" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOGImYMOYGRQoh7lfUUQ_X8dslt1PYlv68aWgXPBm2L1d0yZeopwFsJnvjxYlglVPTc7MFvrEa45uF2CwzjSP3nHEUyxf97PMpzvVCj6nqmYYgx2JM5ABpTp84IWQqSLP8Gpr7gu-XDos0/s1600/Screen+Shot+2020-05-09+at+9.22.45+AM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">The following prompt will appear, prompting you to start the application, before taken to the 'Real-time analytics' SQL editor, where you can run SQL queries against your streaming data. When viewing 'Real-time analytics', new results are displayed every 2-10 seconds. If you are in a production Zimperium environment with a fair amount of devices (say 10,000 or more devices), you will begin to see threat data showing up. If you are in a decent size environment with more than 100-200k devices; you are likely going to see mobile threat data showing up consistently</span><div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_DfrzKksEubw_ZxrPmZ8JGa9Fg8iEubTvBXXzwSt8A1PDG5-cSzA2BNDhMg2hW66-9dhhlc6UtsRH2CyZ2bHgXTjBGBB4dLMHbGldkW8fRSudU_9tAMjPIQYnLSJJTuQVUEz6l6emlvpH/s1600/Screen+Shot+2020-05-09+at+9.23.04+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="613" data-original-width="1260" height="310" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_DfrzKksEubw_ZxrPmZ8JGa9Fg8iEubTvBXXzwSt8A1PDG5-cSzA2BNDhMg2hW66-9dhhlc6UtsRH2CyZ2bHgXTjBGBB4dLMHbGldkW8fRSudU_9tAMjPIQYnLSJJTuQVUEz6l6emlvpH/s640/Screen+Shot+2020-05-09+at+9.23.04+AM.png" width="640" /></span></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheROdkLVuUsTWeOqD6M6lBcWxiJRQnZ1g2iR6DlBUNVpki26BgrGEHaZT9a7dpPHud_jp6x5rSy71FFFyPx2DW5cR4P0DEA_HLVCDv5hWJ5GLvXWpVTWYxHGFHTHuQHU7gkwN9RpfIShhV/s1600/Screen+Shot+2020-05-09+at+9.23.25+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="857" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheROdkLVuUsTWeOqD6M6lBcWxiJRQnZ1g2iR6DlBUNVpki26BgrGEHaZT9a7dpPHud_jp6x5rSy71FFFyPx2DW5cR4P0DEA_HLVCDv5hWJ5GLvXWpVTWYxHGFHTHuQHU7gkwN9RpfIShhV/s1600/Screen+Shot+2020-05-09+at+9.23.25+AM.png" /></span></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
</li>
</ol>
<div style="text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3b9Y-MVQjPluBzb1lFDUnswQAgT391tlBinmrS6oZexSrHNi0Tjx2y2DhFg56AzwvIWmVl64dIVOHJDVl7r69bA_TaZQVdJ9E80Sav17WqJTU2WH3lWB97oLEQTYi9Y8Rcq7W3OQC0n-5/s1600/Screen+Shot+2020-05-19+at+11.49.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="550" data-original-width="1476" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3b9Y-MVQjPluBzb1lFDUnswQAgT391tlBinmrS6oZexSrHNi0Tjx2y2DhFg56AzwvIWmVl64dIVOHJDVl7r69bA_TaZQVdJ9E80Sav17WqJTU2WH3lWB97oLEQTYi9Y8Rcq7W3OQC0n-5/s1600/Screen+Shot+2020-05-19+at+11.49.55+PM.png" /></span></a></div>
</div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">After creating your SQL query,</span><span style="font-family: "verdana" , sans-serif;"> you are done! You have a Kinesis Data Stream setup, you have a Kinesis Data Analytics application setup.<br /><br />You can offload streaming events to a data lake using a Kinesis Firehose Delivery Stream. Examples of where you can forward data to include Amazon S3 (Simple Storage Service for objects), Amazon Elasticsearch (distributed full-text search engine based on Lucerne), Amazon Redshift (relational data warehouse capable of scaling to petabytes), or Splunk (operational intelligence tool) - depending on your use case. </span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">As always, watch your cloud service bills. Colleagues at VMware often inquire about the cost associated with environments that I run in Azure, Google Cloud Platform, and Amazon Web Services. To satisfy your curiosity; I'll go ahead and share what a small Kinesis lab costs (Firehose, Data Stream, Analytics). The dashboard below was taken on May 20th. AWS does not currently provide Kinesis as part of their <a href="https://aws.amazon.com/free/?all-free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sort-order=asc" target="_blank">always free tier</a></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBeQm8qRW6i21eAsoCWxjs0EUbLQyYUn6_l7gSgIxGpwxdWgDPk3WcLKGfDywbXTYy-C-aBWi4hprKyxd93bG_XO36d6RaXi3t8BEynt0v1UkiIYSi3402TUwbGGgINIjpPiIUYSrKltKW/s1600/Screen+Shot+2020-05-20+at+1.16.09+PM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="879" data-original-width="1265" height="444" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBeQm8qRW6i21eAsoCWxjs0EUbLQyYUn6_l7gSgIxGpwxdWgDPk3WcLKGfDywbXTYy-C-aBWi4hprKyxd93bG_XO36d6RaXi3t8BEynt0v1UkiIYSi3402TUwbGGgINIjpPiIUYSrKltKW/s640/Screen+Shot+2020-05-20+at+1.16.09+PM.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The EC2 instances are not related to Zimperium or Kinesis. The EC2 costs are spot instances for other workloads that I haven't yet migrated to GCP with Velostrata.</td></tr>
</tbody></table>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Stay tuned for upcoming posts covering Kinesis Data Firehose. </span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span></div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Wailea, Wailea-Makena, HI 96753, USA20.6871826 -156.439166820.6277631 -156.5198478 20.7466021 -156.3584858tag:blogger.com,1999:blog-3792012736265800115.post-83032772894000669452020-05-03T10:37:00.000-04:002020-06-25T14:35:29.988-04:00Remove sensitive information from data at rest when authenticating to Workspace ONE API's by entering credentials at runtime (part 2)<span style="font-family: "verdana" , sans-serif;">When it comes to accessing API's and securing your digital workspace, we have options. When accessing Workspace ONE API's, we have options when securely interacting with them; like using base64 encoded credentials, or <a href="https://kb.vmware.com/s/article/76967" target="_blank">OAuth</a> access tokens (versions 2001 and newer).</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">In a <a href="https://www.ws1inhawaii.com/2020/03/how-to-remove-sensitive-data-from-code.html" target="_blank">previous</a> blog post, we covered how to store sensitive credentials used to access Workspace ONE API's with a config.ini file. This approach works, and while ACL's can limit accounts that can read data at rest; organizations may still prefer to not store credentials in something like json or a old school ini file. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Today, we'll provide you with your daily dose of uplifting imagery from Hawaii, code to retrieve credentials at runtime, store base64 encoded credentials in memory during execution, and access Workspace ONE API's with the credentials. This way, you can simply hand your code off to operations, sit by the beach, hop on a trail, and enjoy your time in Hawaii.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCsFkzxBsknqyqimsM_H2nqJIQA6teNDdEI1y44cupvBcRw0Ewj7EBVS68_2XnJzVvgvs7kBxz1PzlcJB7SW_vc4aUnFUUZvSP9va2BTfCmP3eD-QLXCTW_JQHOBOZQd_rs-rQGHvD8mYx/s1600/IMG_20170716_102535.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1574" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCsFkzxBsknqyqimsM_H2nqJIQA6teNDdEI1y44cupvBcRw0Ewj7EBVS68_2XnJzVvgvs7kBxz1PzlcJB7SW_vc4aUnFUUZvSP9va2BTfCmP3eD-QLXCTW_JQHOBOZQd_rs-rQGHvD8mYx/s1600/IMG_20170716_102535.jpg" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Waimea Canyon, the Grand Canyon of the Pacific</td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Maybe you provide your tools to another team to complete a change management event, and the credentials used to access the API's are only valid for a short period of time. We'll help you put a solution together that meets these requirements. So, let's put some data in motion and get to the demo. We'll cover each section of the code to help break down what is happening, and show examples of what to expect.</span><br />
<br />
<span style="font-family: "verdana" , sans-serif;">Line 1-2: Starts with setting PowerShell's verbosity preference. I have become a fan of this, as all write-verbose output is displayed during script execution. I largely discontinue the use of comments in Powershell code, and prefer walking through the code with write-verbose detailing what is happening. Line 2 declares a variable named config and specifies the name of our configuration file, config.ini.<br /> </span><br />
<span style="font-family: "verdana" , sans-serif;">Line 3-49: This is the first function in the code called Test-APICred, where we check if the credential variable is null, and if null, try to get credentials in line 26. The credentials should be in the format of domain\samAccountName (if using LDAP credentials). Any errors are caught on lines 28-33 and 41-46. On line 48, the function Test-APICred is called. Variables instantiated with 'script' in front of the colon have their scope modified to be used throughout. Shoutout to my colleague Aron for getting the phrase instantiated stuck in my head. 😀 <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmgklAQslUQ88K6RVQ19QQoSquTYfYznbZHNF0zLIf3S4_e4Fz8nuO5vnA3UUj3rbEXVYcY3O8FEHb099sz9qrx9ryR5UXcZI8iDbvpeCOigauaQS65_OsPaHQCCUH0Ppc7kbAewxJ7ECS/s1600/Screen+Shot+2020-05-03+at+10.32.24+AM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="262" data-original-width="1600" height="104" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmgklAQslUQ88K6RVQ19QQoSquTYfYznbZHNF0zLIf3S4_e4Fz8nuO5vnA3UUj3rbEXVYcY3O8FEHb099sz9qrx9ryR5UXcZI8iDbvpeCOigauaQS65_OsPaHQCCUH0Ppc7kbAewxJ7ECS/s640/Screen+Shot+2020-05-03+at+10.32.24+AM.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Visual Studio Code, importing a module called DeprovisionApper.psm1 and prompting for credentials</td></tr>
</tbody></table>
</span><br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHV6DUgRubjhKgYHGVZEyR2u5Ppz9-m7Q9sLd80Jak6R1PnnqEoemE7gCnBO8jpfzg1FaNvcL27fTVH0aoXXm4fOTvILahmDun-slpQXVs69Q8mNqHyVIapY47zwio-tYSCWud7mgWeCo-/s1600/Screen+Shot+2020-05-03+at+10.32.35+AM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="381" data-original-width="1600" height="152" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHV6DUgRubjhKgYHGVZEyR2u5Ppz9-m7Q9sLd80Jak6R1PnnqEoemE7gCnBO8jpfzg1FaNvcL27fTVH0aoXXm4fOTvILahmDun-slpQXVs69Q8mNqHyVIapY47zwio-tYSCWud7mgWeCo-/s640/Screen+Shot+2020-05-03+at+10.32.35+AM.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">If no credentials are entered, you are continuously prompted to enter credentials</td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif;"><br /><br />Line 49-50: The variable $UserName has its contents displayed with a write-verbose statement. Line 51 informs me that the code is proceeding to run the second function to create the base64 encoded credentials.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Line 51-62: This is the second function in the code called Set-Base, where we take the contents of the $UserName variable and $Password variable and join them in line 53 with the -join operator. When encoding in to base64, the userid and the password need to be separated by a colon. After joining the userid and password, we finally encode the credentials in line 55. Line 56 checks to see if the variable instantiated is null, and if null; break the script and stop running. After verifying the variable is not null, line 60 informs us that we have the credentials, and we are good to proceed. Line 62 calls the Set-Base64 function.<br /><br />Line 63-64: Write-verbose statements to inform us during script execution that we are proceeding in the script.<br /><br />Line 65-92: This is an example of what we can start to do with our base64 encoded credentials. Line 68 sets the $chromeAPPID variable to be null, in the event that the variable is used previously in the script (which it is not). In a <a href="https://www.ws1inhawaii.com/2020/03/how-to-remove-sensitive-data-from-code.html" target="_blank">prior</a> blog post, we cover how to retrieve data from an ini file, such as the API endpoint URL, API key, etc. Line 67 is where we specify the $appToken variable to be com.android.chrome, which is used later on line 79 as a parameter in the request URL sent to the API. Line 68 specifies that TLS 1.2 cipher is required to be used, as per <a href="https://tools.ietf.org/html/rfc5246" target="_blank">RFC5246</a>, when making the API call. Line 70 and 71 gets the file path where the code is being ran, and then retrieves the contents of an ini file storing environment information called config.ini. Line 71-75 we setup our HTTP Request Header for our API call in line 79. Line 76-89 is where we try to make the API call, and catch any errors when making the call in lines 85-90. Finally we call the function Get-ChromeID in line 92, and identify the unique ID for the Chrome application in line 93. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Lines 65-92 are simply an example of how to use the base64 encoded credentials when accessing API's. We use the $b64 variable, which contains the credentials, to setup the HTTP Request Header. Once you have instantiated the base64 encoded credentials, you can use them anywhere in the module or script. You could incorporate lines 1-64 in one of the examples I've went over in my blog previously. Other great resources to find code examples VMware's various API's can be found on VMware's <a href="https://github.com/vmware-samples" target="_blank">GitHub</a>, or VMware's <a href="https://code.vmware.com/home" target="_blank">{code} blog</a>.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span><br />
<script src="https://gist.github.com/HawaiiRyan/c136b0c90fad52742d34cb6c35a66d5f.js"></script><br />
<span style="font-family: "verdana" , sans-serif;">In this example, sample code has been obtained from <a href="https://www.nutanix.dev/2019/08/30/you-shall-not-pass-how-to-build-http-authentication-headers/" target="_blank">Nutanix</a> and <a href="https://www.powershellbros.com/test-credentials-using-powershell-function/" target="_blank">PowershellBros</a>.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <br />
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span><br />
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Polihale State Park, Lower Saki Mana Rd, Waimea, HI 96796, USA22.0794713 -159.7647939-3.4425631999999986 158.9266121 47.6015058 -118.4561999tag:blogger.com,1999:blog-3792012736265800115.post-81991822880832093282020-04-22T00:48:00.001-04:002020-06-23T16:15:57.652-04:00Digital Workspace Mobile Threat Detection & Response with Workspace ONE & Zimperium - Integrating zConsole<div class="separator" style="clear: both; text-align: left;">
</div>
<div>
<span style="font-family: "verdana" , sans-serif;">Mobile threat detection and response is an area of ever-growing importance, as the world finds themselves accessing sensitive resources on devices everywhere. Application, identity or device management only offers so many protections to the assortment of threats users are faced with. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Digital Workspace products like Workspace ONE and Zimperium's zIPS compliment each other, and offer an additional level of compensating controls, specifically for mobile threats. These capabilities allow your organization to detect threats you might not have had visibility of, let alone the ability to mitigate.</span><br />
<br />
<span style="font-family: "verdana" , sans-serif;">Zimperium focuses on being best-in-breed in MTD, and it shows. In 2019; Zimperium would be the first MTD to be FedRAMP authorized, partner with the VMware to join the Trust Network, and selected by Google to join the App Defense Alliance. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">To make this integration possible, you must first, thank your CISO, and then integrate Zimperium's zConsole with Workspace ONE UEM. In this post, we'll go through all the requirements. Requirements like...</span><br />
<br />
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Mood lifting console background picture</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Obtaining an API Key for integration</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Setting up MDM Integration with zConsole and Workspace ONE UEM</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Testing Integration</span></li>
</ul>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><img border="0" data-original-height="875" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH1K0_fiwx1TAAx9DIeyYC25SkgXSc3i7FsDLdCHEH7HjUELrqq5ZqpH9JFDM_9JjOzQ6qQ7j5sGDXxaRiOQG4OHvKjGfoCx_gnPwunzVMi-1tWjYgvcqcNc9Izd0CKbSFPoaT8BFzBG7c/s1600/Screen+Shot+2020-04-18+at+3.54.06+PM.png" style="margin-left: auto; margin-right: auto;" /></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Grand Hyatt Kauai, not included in Workspace ONE. But, a great place to treat your team and hold a meeting. Hint, hint...</td></tr>
</tbody></table>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhH1K0_fiwx1TAAx9DIeyYC25SkgXSc3i7FsDLdCHEH7HjUELrqq5ZqpH9JFDM_9JjOzQ6qQ7j5sGDXxaRiOQG4OHvKjGfoCx_gnPwunzVMi-1tWjYgvcqcNc9Izd0CKbSFPoaT8BFzBG7c/s1600/Screen+Shot+2020-04-18+at+3.54.06+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"></span></a></div>
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Open the Workspace ONE UEM console and go to;<br />
<b> Groups & Settings -> All Settings </b></span></li>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7BGgPCCxPGNiY4_w0UU0uKx-cgwp906sHMEh9ueFhdePoAe4ynPO0kq7oEihdbNHiGk-Q-Io1aGF_lyEdxsRhx8rSrYicb3-lo3ML8pJRk1L6mLtL9aXjRG-0hYT55fDSMkU0sEzua8sa/s1600/Screen+Shot+2020-04-18+at+3.57.11+PM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1600" data-original-width="930" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7BGgPCCxPGNiY4_w0UU0uKx-cgwp906sHMEh9ueFhdePoAe4ynPO0kq7oEihdbNHiGk-Q-Io1aGF_lyEdxsRhx8rSrYicb3-lo3ML8pJRk1L6mLtL9aXjRG-0hYT55fDSMkU0sEzua8sa/s400/Screen+Shot+2020-04-18+at+3.57.11+PM.png" width="231" /></span></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd94Ivxt0TxYck1d3plqNa5_bnzNvKSjpIXVyW9V5_etE1zl85FfVvth1MWusBBFXlsh8E9NTcuD4_FxzWEexqr3Y8SnX46HO-gOe2jsMoPwuTbyXQCJIyJLYcNb0TtePMHoxB3Rx6zy9J/s1600/Screen+Shot+2020-04-18+at+3.57.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="536" data-original-width="952" height="179" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd94Ivxt0TxYck1d3plqNa5_bnzNvKSjpIXVyW9V5_etE1zl85FfVvth1MWusBBFXlsh8E9NTcuD4_FxzWEexqr3Y8SnX46HO-gOe2jsMoPwuTbyXQCJIyJLYcNb0TtePMHoxB3Rx6zy9J/s320/Screen+Shot+2020-04-18+at+3.57.16+PM.png" width="320" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">Open the Workspace ONE UEM console and go to;<br />
<b>System -> Advanced -> API -> REST API</b></span></li>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXTCbxON3NGbszYqy0Nzo7u1wcESAaOV1sy-rDYdBplLo_nMk5oAh7pzuyqWIzzOvfLDbeb7LScz3VPW7QwU9EP-Mbl3IDjxHPFspPzEw9ufDX1mhPYeDQanzm-tdLQ9TBCXgT-Pc1BJ8h/s1600/Screen+Shot+2020-04-18+at+3.57.34+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1600" data-original-width="1112" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXTCbxON3NGbszYqy0Nzo7u1wcESAaOV1sy-rDYdBplLo_nMk5oAh7pzuyqWIzzOvfLDbeb7LScz3VPW7QwU9EP-Mbl3IDjxHPFspPzEw9ufDX1mhPYeDQanzm-tdLQ9TBCXgT-Pc1BJ8h/s640/Screen+Shot+2020-04-18+at+3.57.34+PM.png" width="443" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">In the 'General' tab, click <b>'Add'<br />
Note: </b>Ensure 'Enable API Access' is set to enabled. This is required.</span></li>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipMduWepEkA3epZL2IR78reSO5c9GF3JbyT4xcKXvW9TCD857O6RqNMdHrdtIw55W4H14M3zU-ly4cxsbIwxlrcRgqKF-er-eG6PUvtts_ka1RBX2kFRmi53EMJocJ2dRf6LbnRKUcX05v/s1600/Screen+Shot+2020-04-18+at+3.57.56+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="806" data-original-width="1600" height="321" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipMduWepEkA3epZL2IR78reSO5c9GF3JbyT4xcKXvW9TCD857O6RqNMdHrdtIw55W4H14M3zU-ly4cxsbIwxlrcRgqKF-er-eG6PUvtts_ka1RBX2kFRmi53EMJocJ2dRf6LbnRKUcX05v/s640/Screen+Shot+2020-04-18+at+3.57.56+PM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">Name the Service, in this example '<b>zConsole</b>' is used. Ensure the '<b>Account Type</b>' is set to '<b>Admin</b>'. <b>Copy</b> the <b>API Key</b> to your clipboard. We will reuse this in the zConsole.</span></li>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgf-fu0hQt-JRstBaX131LmPgIeUg_yyyCtf8OZwMpc2L0h5s1StwhmOvIsIcUWlFRLMmE9vGEnjeCUHFWKqV9yb83rIzlWylu7sRrNOT8a319-ow4yow95VT7MmbU-dGhl4gR1S_QpN472/s1600/Screen+Shot+2020-04-18+at+3.58.22+PM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="336" data-original-width="1600" height="132" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgf-fu0hQt-JRstBaX131LmPgIeUg_yyyCtf8OZwMpc2L0h5s1StwhmOvIsIcUWlFRLMmE9vGEnjeCUHFWKqV9yb83rIzlWylu7sRrNOT8a319-ow4yow95VT7MmbU-dGhl4gR1S_QpN472/s640/Screen+Shot+2020-04-18+at+3.58.22+PM.png" width="640" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">This API key is just for example</span><br />
<br />
<br /></td></tr>
</tbody></table>
<li><span style="font-family: "verdana" , sans-serif;">Login to your Zimperium zConsole</span></li>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnv26NEXGZ9ci6qhP5pgSwT6REdXK92Fp_u-qSS-pK9LtEqL51R8o9r3fsDx9gkChSePfd7I5uh8-ZSSn6-4lh8H-Clf12jsAuHAkuqWQzZsOqmcHBbSZQ0U7KeLWXOLIi-LfCGOSxmGuK/s1600/Screen+Shot+2020-04-18+at+3.45.41+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="413" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnv26NEXGZ9ci6qhP5pgSwT6REdXK92Fp_u-qSS-pK9LtEqL51R8o9r3fsDx9gkChSePfd7I5uh8-ZSSn6-4lh8H-Clf12jsAuHAkuqWQzZsOqmcHBbSZQ0U7KeLWXOLIi-LfCGOSxmGuK/s1600/Screen+Shot+2020-04-18+at+3.45.41+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">In the left navigation pane, locate <b>'Manage'<br />
</b></span></li>
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmuy5zCXuDZf2k2VN1UXwqcby9KotZwQXNLsJaBKWMjIUO2MG1eiBpf79LdJCfyIOMpTpr_r5rQhx-RqERHyLoeuOFCCpimybn57DZeBw2KgzW9C0At66eTh-DlvcCNjmt3DO6AEznbf-a/s1600/Screen+Shot+2020-04-18+at+3.46.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="862" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjmuy5zCXuDZf2k2VN1UXwqcby9KotZwQXNLsJaBKWMjIUO2MG1eiBpf79LdJCfyIOMpTpr_r5rQhx-RqERHyLoeuOFCCpimybn57DZeBw2KgzW9C0At66eTh-DlvcCNjmt3DO6AEznbf-a/s1600/Screen+Shot+2020-04-18+at+3.46.55+PM.png" /></a>
</span>
<li><span style="font-family: "verdana" , sans-serif;">Click '<b>Manage'<br />
</b></span></li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuUgH_Fm7VpdpBHECPFXZhoBJxD3yU0UZ8qAinZqHz_nDzps0yIdR7iMIX9lL1LN0yk2OiFsFS9DwLKTrCzZ4OZeMZc5XdfuUfi5vmxGMYH0cOLrChK8kP_zrmTeSMJkbZDIt9a5z7mjHw/s1600/Screen+Shot+2020-04-18+at+3.47.04+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1344" data-original-width="588" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuUgH_Fm7VpdpBHECPFXZhoBJxD3yU0UZ8qAinZqHz_nDzps0yIdR7iMIX9lL1LN0yk2OiFsFS9DwLKTrCzZ4OZeMZc5XdfuUfi5vmxGMYH0cOLrChK8kP_zrmTeSMJkbZDIt9a5z7mjHw/s400/Screen+Shot+2020-04-18+at+3.47.04+PM.png" width="175" /></a> </span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">In the page that opens, at the top, locate '<b>Integrations</b>' and click it<br />
<br />
</span></li>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjOptkR5isnwvKL8DUqidYIaYXZz6ZOIZaczzLbnnK8-NI9xQFt_omcB9yR40pfGhfQXaxaIkycnNSFDxE88PT7DYUQ81IFxnO7dmmrUc1lgWAL67ImtvTKk9P1V-lkevnt8MwCuthEBo9/s1600/Screen+Shot+2020-04-18+at+3.47.23+PM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="226" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjOptkR5isnwvKL8DUqidYIaYXZz6ZOIZaczzLbnnK8-NI9xQFt_omcB9yR40pfGhfQXaxaIkycnNSFDxE88PT7DYUQ81IFxnO7dmmrUc1lgWAL67ImtvTKk9P1V-lkevnt8MwCuthEBo9/s1600/Screen+Shot+2020-04-18+at+3.47.23+PM.png" /></span></a> </div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">Click <b>'Add MDM'</b></span></li>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3WxbxVsp97EDb4rD15uGriT6JX3eL45lzi57AnjnjWdmhqz2GzpYUGuVpXTRlt96YuqeOQ9SVL8TWwbutU9FMDsdPZQiEf9CllPM0shAZtJj5gJ5eAmjqjLUWza6PXL3jWpqjTUdSV22u/s1600/Screen+Shot+2020-04-18+at+3.48.00+PM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="635" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3WxbxVsp97EDb4rD15uGriT6JX3eL45lzi57AnjnjWdmhqz2GzpYUGuVpXTRlt96YuqeOQ9SVL8TWwbutU9FMDsdPZQiEf9CllPM0shAZtJj5gJ5eAmjqjLUWza6PXL3jWpqjTUdSV22u/s1600/Screen+Shot+2020-04-18+at+3.48.00+PM.png" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">In this example, an existing environment is seen integrated already. Currently, you can have multiple environments associated with a single Zimperium SaaS VPC tenant or on-premise environment</span></td></tr>
</tbody></table>
<br /><br />
<li><span style="font-family: "verdana" , sans-serif;">Select<b> 'airwatch by VMware'</b>, depending on your console version, it may say Workspace ONE. Once selected, click <b>'Next'</b></span></li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6pPtg1syp7_5eU3MgRDETD6FPSF4y5nAPkgqzcYSQst19lvQ5CxHtYEBwZTxj75nmqc2MWYngty5yg1KO4BkD-_Zf3Ha_sX-90AV6N0o0OAoyscAYxDSpvShkQE9UJ9vhA7y03YAhYV74/s1600/Screen+Shot+2020-04-18+at+3.48.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="686" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6pPtg1syp7_5eU3MgRDETD6FPSF4y5nAPkgqzcYSQst19lvQ5CxHtYEBwZTxj75nmqc2MWYngty5yg1KO4BkD-_Zf3Ha_sX-90AV6N0o0OAoyscAYxDSpvShkQE9UJ9vhA7y03YAhYV74/s1600/Screen+Shot+2020-04-18+at+3.48.16+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">Add the following information;<br /><br /><b>URL: </b>This is the URL your Workspace ONE UEM API Endpoint is accessible at. <br /><span style="font-size: x-small;">Note: This needs a DNS A record, publicly resolvable, with 443 inbound/outbound TCP/UDP traffic allowed. This public DNS A record could be created in whatever manages your public facing DNS. <b>Examples:</b> AWS Route 53, Cloudflare DNS, GCP Cloud DNS, Azure DNS. <br />In this example, I have a DNS A Record created in Azure DNS for the URL: https://ws1.ryanpringnitz.com<br />The appropriate network security group, route table and associated configuration is inplace to support this.</span><br /><br /><b>Username:</b> A Basic user, or LDAP user in Workspace ONE UEM.<br /><span style="font-size: x-small;">Note: The account must have permissions to make API calls for the smart groups, users, devices, and applications for the organization group(s) being managed. This example uses a directory account of ryanpringnitz\ws1</span><br /><br /><b>MDM Name:</b><span style="font-size: small;"> </span><span style="font-size: small;">Name it something appropriate, like 'Hawaii Retirement Provider', or</span><br /><span style="font-size: small;">Molokai Bank - Workspace ONE UEM - 1903 - Prod</span><br /><span style="font-size: x-small;">There is no incorrect value for this field. This is strictly to label the MDM environment in zConsole</span><br /><br /><b>Background Sync:</b><span style="font-size: small;"> Ensure this box is checked<br /><b><br /><br />Mask Imported User Information:</b><span style="font-size: small;"> Check if you prefer the data to be anonymized. There are other unique identifiers that are not anonymized, and additional ways to limit data returned for other scenarios (e.g. GDPR compliance). I leave this unchecked in my lab environment.<br /><br /><b>API Key: </b>This is the API Key you copied in to your notepad. Paste it here.<div class="separator" style="clear: both; font-size: small; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiINsj8ZFncnOWOFtVCYrsP8hjV1bPf47zHLJLOXB1WmAyRKXBWbGG4d72oN6C5XAelDB_f3Kq3BTnU4IFbgFUZkYDOCXS0oIGnpltgAoNvgmm6aCKiCtuaPT3pJoXus0S0xpmP2Ariv_pC/s1600/Screen+Shot+2020-04-18+at+3.48.43+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="945" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiINsj8ZFncnOWOFtVCYrsP8hjV1bPf47zHLJLOXB1WmAyRKXBWbGG4d72oN6C5XAelDB_f3Kq3BTnU4IFbgFUZkYDOCXS0oIGnpltgAoNvgmm6aCKiCtuaPT3pJoXus0S0xpmP2Ariv_pC/s1600/Screen+Shot+2020-04-18+at+3.48.43+PM.png" /></a></div>
</span></span></span></li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">In the lower right corner, click <b>'Next'</b></span></li>
<li><span style="font-family: "verdana" , sans-serif;">At the next page, select smart groups from Workspace ONE UEM that you want to import in to the Zimperium Mobile Threat Detection & Response console.<br /><span style="font-size: x-small;">Note: I suggest making and importing the following (5) smart groups in Workspace ONE UEM; Risk-Critical, Risk-Elevated, Risk-Low, App - Zimperium - Pilot, and App - Zimperium - GA<br />More on this in an upcoming post covering... </span></span></li>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVsgDLjToBBpyUP7eRG9lqQ4sWXX8Gxt-F_qhs5JDALVPpPtzqEDpmy1LB6kjCNUDLGGiB4UwM-GdI4ptaZWYdZ-5aMvaLAGThkei1CGFxnrAK7VxknUwREubx05Mcikr1xizASjMhLUSX/s1600/Screen+Shot+2020-04-18+at+3.49.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="908" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhVsgDLjToBBpyUP7eRG9lqQ4sWXX8Gxt-F_qhs5JDALVPpPtzqEDpmy1LB6kjCNUDLGGiB4UwM-GdI4ptaZWYdZ-5aMvaLAGThkei1CGFxnrAK7VxknUwREubx05Mcikr1xizASjMhLUSX/s1600/Screen+Shot+2020-04-18+at+3.49.16+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">Click <b>'Finish'</b></span></li>
<li><span style="font-family: "verdana" , sans-serif;">This will take you back to the 'Integrations' page. Proceed to verify your configuration by clicking the green button <b>'Test MDM'</b></span></li>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigEkJumsZUBC2u66qQ5mn9oENuJKsV2bXvkjbYXTdGWIjS7rSoMzeRnXuEi3ySZSvhCegj6rhacY-N_q-gODey13P6Hz8CAQo3H9PFvGcCVDeI8nl6B5mXBU5t8d068h6kXIjxtu-VoCSB/s1600/Screen+Shot+2020-04-18+at+3.49.34+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="676" data-original-width="1296" height="331" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigEkJumsZUBC2u66qQ5mn9oENuJKsV2bXvkjbYXTdGWIjS7rSoMzeRnXuEi3ySZSvhCegj6rhacY-N_q-gODey13P6Hz8CAQo3H9PFvGcCVDeI8nl6B5mXBU5t8d068h6kXIjxtu-VoCSB/s640/Screen+Shot+2020-04-18+at+3.49.34+PM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<li><span style="font-family: "verdana" , sans-serif;">Verify all the tests passed.<br /><span style="font-size: x-small;">Note: During these tests, network traffic between the VPC and your Workspace ONE environment is expected. A series of API calls from the VPC will be made to verify access to Workspace ONE API endpoints. </span></span></li>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8JffOSLWHP1dMeVnPVYFDkwBUdBYPCnzDBt1QmTqpsFO9IuTUBpufnWL4Rr_nw8EmKmF7mPSyv-CS5Jt984JwBCX7-WCEGLoh4_13iQ2E_IubieCfeHUXRW8wWRQFA4cpJGyMQ56dDaLj/s1600/Screen+Shot+2020-04-18+at+3.50.22+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="740" data-original-width="1426" height="332" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi8JffOSLWHP1dMeVnPVYFDkwBUdBYPCnzDBt1QmTqpsFO9IuTUBpufnWL4Rr_nw8EmKmF7mPSyv-CS5Jt984JwBCX7-WCEGLoh4_13iQ2E_IubieCfeHUXRW8wWRQFA4cpJGyMQ56dDaLj/s640/Screen+Shot+2020-04-18+at+3.50.22+PM.png" width="640" /></span></a></div>
</ol>
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<span style="font-family: "verdana" , sans-serif;">Once integration is complete, you will want to look at my blog post covering zIPS </span><a href="https://www.ws1inhawaii.com/2020/02/zimperium-delivery-and-activation-on.html" style="font-family: Verdana, sans-serif;" target="_blank">delivery and activation</a><span style="font-family: "verdana" , sans-serif;"> on Android devices</span><span style="font-family: "verdana" , sans-serif;">. Stay tuned for more posts covering Workspace ONE, Intelligence, Zimperium, Mobile Threats, and more.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span><br />
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span><br />
<br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<br />Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com01571 Poipu Rd, Koloa, HI 96756, USA21.8756296 -159.4394568-2.0503488999999995 159.2519492 45.801608099999996 -118.13086279999999tag:blogger.com,1999:blog-3792012736265800115.post-12371364597123445732020-04-01T19:34:00.003-04:002020-06-23T16:16:15.004-04:00Updated: Google Chrome Update Tool for Android, using Workspace ONE API’s<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Recent news from the Google Chrome team reminded me to revisit a previously created </span><a href="https://www.ws1inhawaii.com/2020/03/force-android-applications-like-google.html" style="font-family: Verdana, sans-serif;" target="_blank">tool</a><span style="font-family: "verdana" , sans-serif;"> that allowed enterprises to manage public application updates in their digital workspace. The Chrome team announced that they would temporarily pause upcoming Chrome & Chrome OS releases, and focus exclusively on security updates. It became clear that I needed to update this tool, and tailor it for Google Chrome. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> </span></span></div>
<blockquote class="twitter-tweet">
<div dir="ltr" lang="en">
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">Due to adjusted work schedules, we’re pausing upcoming Chrome & Chrome OS releases. Our goal is to ensure they continue to be stable, secure, & reliable for anyone who depends on them. We’ll prioritize updates related to security, which will be included in Chrome 80. Stay tuned.</span></span></span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">— Chrome Developers (@ChromiumDev) <a href="https://twitter.com/ChromiumDev/status/1240322481778569216?ref_src=twsrc%5Etfw">March 18, 2020</a></span></span></span></blockquote>
<script async="" charset="utf-8" src="https://platform.twitter.com/widgets.js"></script><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span></span></span></span><br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Widespread use of Chrome, combined with the number of CVE's addressed in each release of Chrome requires every enterprise to have the ability to upgrade their endpoints. The solution needs to be tactical, precise, and meet the business needs. In other words, just allowing devices to auto-update applications on their on, won't cut it. </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Allowing applications to auto-update leaves the business asking; when will the application upgrade? Can we force them to upgrade? Can we force them to upgrade at a specific time?</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheMRspJqby10vPNLQMMjo840UtX6G77Ousbqga9qEzjJFPaBlI1mNCnIDKqtluXxTgo87FSHoje_LX7F6B-mQbTmWEIsniVRW2xqyJK7JvVrW27DmeNgDRUsNYmtecHAz_3JvqGyxjWxvD/s1600/MVIMG_20190719_134634.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto; text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1200" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheMRspJqby10vPNLQMMjo840UtX6G77Ousbqga9qEzjJFPaBlI1mNCnIDKqtluXxTgo87FSHoje_LX7F6B-mQbTmWEIsniVRW2xqyJK7JvVrW27DmeNgDRUsNYmtecHAz_3JvqGyxjWxvD/s1600/MVIMG_20190719_134634.jpg" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">No caption necessary.</span></td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">While the tool is helpful, fulfills a need, is able assist with more than just Google Chrome; the script required end-user modification, and could be reworked to work with little modification required. The intention of this updated tool was that anyone could copy the code, and reuse it in their own environment with no modification required. But before we get to what the tool looks like; let's remind ourselves of</span><span style="font-family: "verdana" , sans-serif;"> what the experience is like for the end-user, before they call the help desk.</span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1600" data-original-width="900" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3HkqM3GhjoMP2nsbZf0EWa6xsU51yK8CmQT3r7h038tWsKIxX4s47zumUjgDIhObfIQ_aDNPL8EpR8tNlrcA0GJASoXfbqrZCKznqPF3Pj8l0_Qw0FxaeE6gUXJcU0YokkofNc5EoDiJf/s640/Screenshot_20200330-180526.png" style="margin-left: auto; margin-right: auto;" width="360" /></span></td></tr>
<tr><td class="tr-caption" style="font-size: 12.8px;"><span style="font-family: "verdana" , sans-serif;">They see this, but don't worry, Workspace ONE has an API to solve that</span></td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"> In my spare time I updated the tool. The tool is a bit more tactical, and can be used to specifically update Google Chrome on Android devices. Some of the differences between the original tool, and this tool include;</span></span><br />
<ul>
<li><span style="font-family: "verdana" , sans-serif;">No need to manually lookup Application ID</span></li>
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Function in PowerShell to locate application ID</span></li>
</ul>
<li><span style="font-family: "verdana" , sans-serif;">Leverages config.ini file to store sensitive environment data</span></li>
<ul>
<li><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">Config.ini example at the following URL: </span><a href="https://gist.github.com/HawaiiRyan/b610f6d5427afa9609cee145affed912">https://gist.github.com/HawaiiRyan/b610f6d5427afa9609cee145affed912</a></span></li>
</ul>
<li><span style="font-family: "verdana" , sans-serif;">Purpose built, artisanal, handcrafted tool, curated for Google Chrome on Android</span></li>
</ul>
<div>
<span style="font-family: "verdana" , sans-serif;">So, what does the tool look like? See below:</span></div>
<script src="https://gist.github.com/HawaiiRyan/0e43de0ec74ea8a2c358c365cf04bf73.js"></script><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span></span><span style="font-family: "verdana" , sans-serif;">Lines deserving your attention include:<br />
Line 13 requires the config.ini file to be in the correct location (script uses current location\config.ini)<br />
Lines 20,21,22,23 use the UAT values stored in the config.ini file. All you need to do to use the script is setup your config.ini file. If you are using this in production, update the the variable $WS1Env.UATapikey to $WS1Env.prdapikey (in addition to prdb64 and PrdEnvironment).</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
<br />
For all the latest news on upcoming Chrome releases, be sure to check out the Chrome Releases blog from the Chrome team at:</span><br />
<a href="https://chromereleases.googleblog.com/"><span style="font-family: "verdana" , sans-serif;">https://chromereleases.googleblog.com/</span></a><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUBvPok23CBoH4cJvcAR5lCXILdYZonqykFBgU-exRtDugN_E99_87tDgg2R1T7VfJBOVPy5V_ZuD2DMSoojdljwSt6gIREEGdcLCGPLeE-_aMdHZT7MKUnDOyO_qkDrYc9bTcfbwSaIaV/s1600/3uux3y.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="500" data-original-width="500" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUBvPok23CBoH4cJvcAR5lCXILdYZonqykFBgU-exRtDugN_E99_87tDgg2R1T7VfJBOVPy5V_ZuD2DMSoojdljwSt6gIREEGdcLCGPLeE-_aMdHZT7MKUnDOyO_qkDrYc9bTcfbwSaIaV/s320/3uux3y.jpg" width="320" /></a></div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Bonus Tip: Line 32 parameter bundleid can be modified for <b>any</b> public application. If you wanted to update the Hawaiian Airlines app, you would replace com.android.chrome with com.hawaiianairlines.app<br />
<br />
<span style="font-family: "verdana" , sans-serif;"> </span></span><br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both;">
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span></div>
<div class="separator" style="clear: both;">
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span></div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Wailea, Wailea-Makena, HI 96753, USA20.6871826 -156.439166820.6277631 -156.5198478 20.7466021 -156.3584858tag:blogger.com,1999:blog-3792012736265800115.post-84388959882535208642020-03-29T00:02:00.000-04:002020-06-23T16:41:31.129-04:00Setup Single Sign-On with Workspace ONE & ServiceNow (Mobile Flows Series - Part 1)<div>
<span style="font-family: "verdana" , sans-serif;">Weeks like this remind us that time is a valuable commodity, where seconds count, and getting more done with less is the expectation. Typically interacting with enterprise services requires logging on, remembering passwords, and in a mobile context; opening up a separate application or website to complete the task. In bandwidth constrained scenarios; this alone can make completing any task more time consuming than anyone wants.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Mobile Flows in Workspace ONE is a framework that allows enterprises to present notifications with contextual information and actions to users. This provides users the ability to perform actions on various backend products and services (Concur, ServiceNow, Jira, Salesforce, and any service with custom mobile flows connectors,) without having to leave their email client. Mobile Flows are also available in Intelligent Hub. Intelligent Hub, being cross-platform, extends the capabilities of Mobile Flows to any modern workspace your users or devices might be on (Android, iOS, macOS, Windows 10). </span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">Mobile Flows leverages Workspace ONE Access to broker communication with any number of identity providers or user stores, Workspace ONE UEM to communicate with Intelligent Hub, and finally Mobile Flows Connectors to communicate with backend systems. To make all this happen, think; JSON, API calls and your imagination. Your users, in their mobile flow, can interact with any service with an API endpoint.</span></span><br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnYqHlUlNiMbwfEvWlmX5GxgZK8NH0w8b2KdkL7guJvOKTiSh5m2Quz0AYe1VT0mge_8BKcAe7xCMqXoDtGWtz5YzG83jZTdA1DhvOMZtdpe52-HOhsZeBCdMXhWFO-w6S7HGmHUIjZW52/s1600/PSX_20200329_003534.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1600" data-original-width="1172" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnYqHlUlNiMbwfEvWlmX5GxgZK8NH0w8b2KdkL7guJvOKTiSh5m2Quz0AYe1VT0mge_8BKcAe7xCMqXoDtGWtz5YzG83jZTdA1DhvOMZtdpe52-HOhsZeBCdMXhWFO-w6S7HGmHUIjZW52/s640/PSX_20200329_003534.jpg" width="468" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em;"><tbody>
<tr><td class="tr-caption" style="font-size: 12.8px;">But can a mobile flow approve these? Well, <a href="https://developer.squareup.com/us/en">Square</a> <i>does</i> have an API for that</td></tr>
</tbody></table>
</div>
<div>
<br style="font-size: 12.8px;" /></div>
</td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
</div>
</div>
<div>
<br /></div>
<div>
<br /></div>
<div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxLR9z2y3HOdSg1jRyhsV3EBX_GhbzLi4mb1jBCAIeNh9wI4l6FIhDWBsKNPL5L-kYDMcfSDr_vI31PaaDyC6lqPoGXRea0nlF8JkMF9Vxmvln6hx9mwJvOQzp6BbzYqSpUWfzHxk8RCpE/s1600/maxresdefault.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="720" data-original-width="1280" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgxLR9z2y3HOdSg1jRyhsV3EBX_GhbzLi4mb1jBCAIeNh9wI4l6FIhDWBsKNPL5L-kYDMcfSDr_vI31PaaDyC6lqPoGXRea0nlF8JkMF9Vxmvln6hx9mwJvOQzp6BbzYqSpUWfzHxk8RCpE/s1600/maxresdefault.jpg" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Source: <a href="https://www.youtube.com/watch?v=WAFhXyJsvao">https://www.youtube.com/watch?v=WAFhXyJsvao</a></td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div>
<br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">The mobile flow could be approving a notification when they open an email for a ServiceNow request; allowing you the ability to approve a request for a Tesla Model Y (by default, there is no ability to deny a request for a Model Y in Mobile Flows, jk). The mobile flow could be more interesting. There could be an approval necessary for a purchase order in Salesforce. Really anything else with an API accessible can be presented in the notification card, and the user can approve perform an action. An action like allowing a discount, with the flow allowing the user to specify a discount up to a configurable value (e.g. 15% max discount). With a custom connector, the mobile flows capability is limited by the capability of the service you interact with, as the framework can be customized to interact with any backend system. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">Before we start building custom connectors with Spring or NodeJS; we will cover the basics like acquiring and integrating a ServiceNow tenant with our environment. ServiceNow developer tenants are free and easily integrated with out of box connectors in mobile flows. </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">In blog posts to follow, we will cover Mobile Flows setup, working with out-of-box connectors, and approving that Model Y for an office worker in Maui. Initially we will just get single sign-on with ServiceNow setup with Access. Once we have a few examples in ServiceNow with Mobile Flows; we can look at setting up out of box connectors with other enterprise services like Salesforce. Cue the Hawaiian pictures...</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span> <br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNftdWq3xNCxBwOdKGja8wGj4l2y2sYAmzYx_O9jNEpYIfNs-3iC5hLwuJ4HzRA2ezZgYyPjZUt_dk6-mhAEtFyHcBl_Qy7Ul6-VMgpjzpZRlhVigWcyYSwo378gphjgUyY5U6iO_S6aTU/s1600/VID_20190818_030603.jpeg" imageanchor="1" style="clear: right; display: inline !important; margin-bottom: 1em; margin-left: auto; margin-right: auto; text-align: center;"><img border="0" data-original-height="1200" data-original-width="1600" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhNftdWq3xNCxBwOdKGja8wGj4l2y2sYAmzYx_O9jNEpYIfNs-3iC5hLwuJ4HzRA2ezZgYyPjZUt_dk6-mhAEtFyHcBl_Qy7Ul6-VMgpjzpZRlhVigWcyYSwo378gphjgUyY5U6iO_S6aTU/s400/VID_20190818_030603.jpeg" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><br /></td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span></div>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;">For more information on Mobile Flows, see the PDF at the following URL below;</span></div>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><a href="https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/WS1_mobile_flows_Doc.pdf" target="_blank">Workspace ONE Mobile Flows</a></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><b>ServiceNow & Workspace ONE Access (Identity Manager) integration overview:</b></span></span></span> <span style="font-family: "verdana" , sans-serif;"> </span> <br />
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Acquire ServiceNow tenant</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Acquire Identity Provider (idP) metadata (idp.xml)</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Acquire Signing Certificate</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Add/activate ServiceNow plugin (Integration - Multiple Provider Single Sign-On)</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Configure SAML Properties & Certificate in ServiceNow</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Create VMware Workspace ONE Access (formerly known as Identity Manager) Policy</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Create SaaS application for ServiceNow in VMware Workspace ONE Access</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Assign ServiceNow to users</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Ensure user exists in ServiceNow before testing single sign-on</span></li>
</ol>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif; font-size: x-small;">Context: Environment is Workspace ONE Access (Identity Manager), version 19.03. With both AirWatch Cloud Connector and Identity Manager (ESC) connectors installed on-premise with Active Directory. saml2sp is assumed for the SAML keystore. The Name ID in SAML will be the email address, referenced between the identity provider and service provider when authenticated. </span></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">First head over to: https://www.developer.servicenow.com</span></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdQzmo3w1d6uiY-_xHh0YzJpdUU0SJrhnuluL5wSjScSAfhaM4472oRauTxtakrBTX4eUX3GYX9s08L_mf4E8jRMQh-SAQFy9cm8OI2e3-sqXMbOCCSOendj2N2EyaLAJjpYPPr1hGEgiA/s1600/Screen+Shot+2020-03-26+at+10.15.18+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="927" data-original-width="1600" height="370" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdQzmo3w1d6uiY-_xHh0YzJpdUU0SJrhnuluL5wSjScSAfhaM4472oRauTxtakrBTX4eUX3GYX9s08L_mf4E8jRMQh-SAQFy9cm8OI2e3-sqXMbOCCSOendj2N2EyaLAJjpYPPr1hGEgiA/s640/Screen+Shot+2020-03-26+at+10.15.18+PM.png" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Sign up for your developer tenant, or login to your existing tenant, and agree to terms of service:</span></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9-nLkjRo8Hoh_FT8gWfpgYqHjttwBKJi7QmYaHuNJ5pdUSi7dxd8J7JqNGgyynIHt56xuFQPRtenSoSPEP2GuskjBXhmXMv9AMBf6QHM00sl5CPDnBQUoR9RL6qZUik-iAG6aPhS35Vd8/s1600/Screen+Shot+2020-03-26+at+10.15.28+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1042" data-original-width="1600" height="416" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9-nLkjRo8Hoh_FT8gWfpgYqHjttwBKJi7QmYaHuNJ5pdUSi7dxd8J7JqNGgyynIHt56xuFQPRtenSoSPEP2GuskjBXhmXMv9AMBf6QHM00sl5CPDnBQUoR9RL6qZUik-iAG6aPhS35Vd8/s640/Screen+Shot+2020-03-26+at+10.15.28+PM.png" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><br />Request an instance of ServiceNow, if you do not already have one:</span></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEdvrcEt4A1564h0LwLUSQTEqWrfUewrv6V3WF-rs_-GS7r68I6Uudvi0hcNvZslj5bYhcfhvzHhXRkcrVHIVtO1XH6JzyqYkbXJlX_teyCnUX4bUdrf7u4Gno5EB_b9-H-wPIGmfX9wDq/s1600/Screen+Shot+2020-03-26+at+10.15.37+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1600" data-original-width="998" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgEdvrcEt4A1564h0LwLUSQTEqWrfUewrv6V3WF-rs_-GS7r68I6Uudvi0hcNvZslj5bYhcfhvzHhXRkcrVHIVtO1XH6JzyqYkbXJlX_teyCnUX4bUdrf7u4Gno5EB_b9-H-wPIGmfX9wDq/s640/Screen+Shot+2020-03-26+at+10.15.37+PM.png" width="398" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">I will be using the 'Orlando' release of ServiceNow. Go ahead and click on the release, and click 'R</span><span style="font-family: "verdana" , sans-serif;">equest':</span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3biDfnSWW1JylT4S42JBz460XGube4PyM6ag0DcXKFOxu4NwtEpGk5Yq_EejB6FUhqijSg2-glY6yhsitjaexjypuRY7MywU4o4tJNniF1U6ko2fXTR84qHljlYk7Sciw9fjFwmAA0rIV/s1600/Screen+Shot+2020-03-26+at+10.15.47+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="922" data-original-width="1600" height="368" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3biDfnSWW1JylT4S42JBz460XGube4PyM6ag0DcXKFOxu4NwtEpGk5Yq_EejB6FUhqijSg2-glY6yhsitjaexjypuRY7MywU4o4tJNniF1U6ko2fXTR84qHljlYk7Sciw9fjFwmAA0rIV/s640/Screen+Shot+2020-03-26+at+10.15.47+PM.png" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Wait for your request for a ServiceNow instance to be fulfilled:</span></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="clear: left; float: left; font-family: "verdana" , sans-serif; margin-bottom: 1em; margin-right: 1em;"><img border="0" data-original-height="1186" data-original-width="1600" height="296" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3KVTTrTE6tsDGjjm7Zk-99wCSWxmhIMZQRGc_dbcPtidQWJ_6YuZhk9FixVVkUIKgQupUhHXhK7rzPq7ofknnbosaQ92HluQNnmmEBCcssd3L5rMvjzrB26pw2KP3CZzBIOxNG7RA7WFy/s400/Screen+Shot+2020-03-26+at+10.15.52+PM.png" width="400" /></span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHJW2BFeZM9ef97tVAkHEO6lcP-nvVJXZse_x1hX32mdDMIRbMY3GCekcGJr4MUtTn7Ge5J3eAaPzcdXI_-3OesyuEYBHlTqdx4onlOnFjDcsMWMgy5LBLUbVAdvwrqCN6xZvekqXe4ui8/s1600/Screen+Shot+2020-03-26+at+10.16.01+PM.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em; text-align: left;"><span style="clear: right; float: right; font-family: "verdana" , sans-serif; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="474" data-original-width="672" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHJW2BFeZM9ef97tVAkHEO6lcP-nvVJXZse_x1hX32mdDMIRbMY3GCekcGJr4MUtTn7Ge5J3eAaPzcdXI_-3OesyuEYBHlTqdx4onlOnFjDcsMWMgy5LBLUbVAdvwrqCN6xZvekqXe4ui8/s320/Screen+Shot+2020-03-26+at+10.16.01+PM.png" width="320" /></span></a></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPw7xBhj7g64FeWZ8_k1lY0zYl3FUslMdsyvSRbodfri5kZVnu5OUIjMvhxOM5SGEYAV0lp4bPbU8Kjielr5WeDUqYjEpoRoR4BnTvN-jt8R7QizfDEfzE9t1PQ9ukxylLtOEo6nDp0T_w/s1600/InstanceReady.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="861" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPw7xBhj7g64FeWZ8_k1lY0zYl3FUslMdsyvSRbodfri5kZVnu5OUIjMvhxOM5SGEYAV0lp4bPbU8Kjielr5WeDUqYjEpoRoR4BnTvN-jt8R7QizfDEfzE9t1PQ9ukxylLtOEo6nDp0T_w/s1600/InstanceReady.png" /></span></a> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Open instance is provisioned, you will be taken to the following web-page:</span></span></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCcyeVkWRqSdAOiPfN9zzDkJDwBpOCMGK35tiXPRKh0HKGeL020ui0a9fUPgvQi1n_MqUywR71BzdesnBE4oqW5Aqnqt3LM6AL9gMKuje_xEF0DgIOWf1JuHlu3Xzhuy_gJ_2jeIusJXfj/s1600/Screen+Shot+2020-03-26+at+10.19.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="902" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCcyeVkWRqSdAOiPfN9zzDkJDwBpOCMGK35tiXPRKh0HKGeL020ui0a9fUPgvQi1n_MqUywR71BzdesnBE4oqW5Aqnqt3LM6AL9gMKuje_xEF0DgIOWf1JuHlu3Xzhuy_gJ_2jeIusJXfj/s1600/Screen+Shot+2020-03-26+at+10.19.16+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Search for '<b>plugin</b>' in the upper-left corner:</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDktL-F9TtuhDWtK2hL90FYA1TbGSa6ipzZWaz579xlaDyA47NXiZiD0zCN_HVGJE3GP9ECfMAAEKQHcDkpxz7CMQkxaDjgXfgs9mXmKOZiI_5MAGWzWkUZBLGWpl0UuQMOOBNeHC43-mH/s1600/Screen+Shot+2020-03-26+at+10.19.22+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1506" data-original-width="808" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjDktL-F9TtuhDWtK2hL90FYA1TbGSa6ipzZWaz579xlaDyA47NXiZiD0zCN_HVGJE3GP9ECfMAAEKQHcDkpxz7CMQkxaDjgXfgs9mXmKOZiI_5MAGWzWkUZBLGWpl0UuQMOOBNeHC43-mH/s640/Screen+Shot+2020-03-26+at+10.19.22+PM.png" width="342" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Search for '<b>Integration - multiple provider Single Sign-On Installer'</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: left;"><tbody>
<tr><td style="text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="595" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhylNIBxVeeeEwIyrmrtTS36CaYoD64cmsOCSedaorjnycEcTTQLkuoiELmeSlBkTe7mYnSMWXopKfB_eHEPJwcfCAWXAjd4qB0hQQYMtfMKXzA8PPrRWZ4LTcJhpPrvB2ROAqN5WI_f_T/s1600/Screen+Shot+2020-03-26+at+10.19.36+PM.png" style="margin-left: auto; margin-right: auto;" /></span></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">Before you type the entire phrase in, results will begin to appear</span></td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhylNIBxVeeeEwIyrmrtTS36CaYoD64cmsOCSedaorjnycEcTTQLkuoiELmeSlBkTe7mYnSMWXopKfB_eHEPJwcfCAWXAjd4qB0hQQYMtfMKXzA8PPrRWZ4LTcJhpPrvB2ROAqN5WI_f_T/s1600/Screen+Shot+2020-03-26+at+10.19.36+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "verdana" , sans-serif;"></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Click <b>'Install'.</b> This will bring a new window up, prompting you to select '<b>Activate</b>'</span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYya5MO9-OvqMz5rmgPoyHmygvrGRKRdnGBHpkJkI4iwxhR5Vs3EaxmGgUP-HACyGBdOj_By9xVjf-nKlEQqR20gdGIXc7UGpsxgmG46MSdSFhg2kh3fooJEuhVN4jZgi3m-m7L0U_56lU/s1600/Screen+Shot+2020-03-26+at+10.19.56+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="678" data-original-width="1410" height="306" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhYya5MO9-OvqMz5rmgPoyHmygvrGRKRdnGBHpkJkI4iwxhR5Vs3EaxmGgUP-HACyGBdOj_By9xVjf-nKlEQqR20gdGIXc7UGpsxgmG46MSdSFhg2kh3fooJEuhVN4jZgi3m-m7L0U_56lU/s640/Screen+Shot+2020-03-26+at+10.19.56+PM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<span style="font-family: "verdana" , sans-serif;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhE39cQfdJZURTGLL6uRZJ1zo0hi2TyiUFQZ40mAEEZXUVCB3DAFtVIJlXF8aKQBtnvINEZ5BnBGOtkGgc4HbarhK1oLVGcZo1VaTdmHT7aOwbDbdfWN55jurfa8Xkc2xtxoW1736DKHlqQ/s1600/Screen+Shot+2020-03-26+at+10.20.02+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="450" data-original-width="1460" height="196" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhE39cQfdJZURTGLL6uRZJ1zo0hi2TyiUFQZ40mAEEZXUVCB3DAFtVIJlXF8aKQBtnvINEZ5BnBGOtkGgc4HbarhK1oLVGcZo1VaTdmHT7aOwbDbdfWN55jurfa8Xkc2xtxoW1736DKHlqQ/s640/Screen+Shot+2020-03-26+at+10.20.02+PM.png" width="640" /></a></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Once the plugin completes activation, click <b>'Close & Reload Form</b>'</span></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_wKKNYUyUsivuLBxyXn3ELn4x3t3C9YwMkZWNsTPTDptkwN-K8IHw4H3LSpvpbwvhEpxZo5h-5xPGtiga21KHfM5WGXZZKRkBt7HtTKzIjhtf8fqVPAn4bZRw6-o0FIWFps3YyPXwh5h3/s1600/Screen+Shot+2020-03-26+at+10.20.05+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="452" data-original-width="1354" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_wKKNYUyUsivuLBxyXn3ELn4x3t3C9YwMkZWNsTPTDptkwN-K8IHw4H3LSpvpbwvhEpxZo5h-5xPGtiga21KHfM5WGXZZKRkBt7HtTKzIjhtf8fqVPAn4bZRw6-o0FIWFps3YyPXwh5h3/s640/Screen+Shot+2020-03-26+at+10.20.05+PM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Now that the plugin is installed and activated; we can proceed to search for <b>'SAML'</b>, and then click <b>'Certificate'</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrCjvXFia4woR9gehODReU9EHzJgcS3E7o-PAMJUT67u46X1CsvrfKcm1_KBFJRkAk1YAVvPMHfYVtMIAwodGb8_-nn2eKu9MI6crzf0aNIDfNUsYWmB57bDaz0Ho_g5eOG_KYZlrFIrLg/s1600/Screen+Shot+2020-03-26+at+10.30.36+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="892" data-original-width="804" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrCjvXFia4woR9gehODReU9EHzJgcS3E7o-PAMJUT67u46X1CsvrfKcm1_KBFJRkAk1YAVvPMHfYVtMIAwodGb8_-nn2eKu9MI6crzf0aNIDfNUsYWmB57bDaz0Ho_g5eOG_KYZlrFIrLg/s320/Screen+Shot+2020-03-26+at+10.30.36+PM.png" width="288" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Click on the original <b>'SAML 2.0' </b>entry. In the event we need it later, we can keep it by renaming it to <b>'SAML 2.0 - original' </b>and saving it:</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6NKtf_MK3xV_Ty6FvljR-GWgwuQSf-Pyl4xPIqWsVt7J_ol2MdqAJv2k4j49IZddO8pcQARpIkq1yi0ZD5wrGf2x_6RK1sDpr3SxxA7luEtDl3_BAkvnuDKrV5rA4ZtgU_O3hre7BIw0Z/s1600/Screen+Shot+2020-03-26+at+10.20.29+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="381" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6NKtf_MK3xV_Ty6FvljR-GWgwuQSf-Pyl4xPIqWsVt7J_ol2MdqAJv2k4j49IZddO8pcQARpIkq1yi0ZD5wrGf2x_6RK1sDpr3SxxA7luEtDl3_BAkvnuDKrV5rA4ZtgU_O3hre7BIw0Z/s1600/Screen+Shot+2020-03-26+at+10.20.29+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Create a new record. It is important that it be named correctly. The entry must be named: <b>SAML 2.0</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPrbI8RoO6NYKCRzO9faLbZkfL84hE6gP39OM6O6DkIdpn9X4IbWeZV5OGrg7gmm3t4Zy_O3yQxOzDMKExFIBJIOo0zGrRnOcAxgUvxRO5zVPoi2tqVM0qn2GCOC2w_VQpxxKEK9voingW/s1600/Screen+Shot+2020-03-26+at+10.23.24+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="579" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPrbI8RoO6NYKCRzO9faLbZkfL84hE6gP39OM6O6DkIdpn9X4IbWeZV5OGrg7gmm3t4Zy_O3yQxOzDMKExFIBJIOo0zGrRnOcAxgUvxRO5zVPoi2tqVM0qn2GCOC2w_VQpxxKEK9voingW/s1600/Screen+Shot+2020-03-26+at+10.23.24+PM.png" /></a></span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">The short description is unnecessary, but there is no harm in setting it. To complete this page, we need to grab some information from VMware Workspace ONE Access, formerly known as VMware Identity Manager (vIDM). In this example; we see the URL for this service is located at: https://idm.ryanpringnitz.com</span></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN1oakbSu7-wYTta-06o8lV1gscfhyphenhyphen_jL8GOD2Wxa5r-o5mRQL0EE3he6H5gbsj75ZT3rCyr9GkR1jKZfCM1S1hpC2QXs8gtybqQQ4_1GEVGofvZ-ag_oHikG6fJjCO_gegfcsxgmIXkaz/s1600/Screen+Shot+2020-03-26+at+10.23.37+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="904" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN1oakbSu7-wYTta-06o8lV1gscfhyphenhyphen_jL8GOD2Wxa5r-o5mRQL0EE3he6H5gbsj75ZT3rCyr9GkR1jKZfCM1S1hpC2QXs8gtybqQQ4_1GEVGofvZ-ag_oHikG6fJjCO_gegfcsxgmIXkaz/s1600/Screen+Shot+2020-03-26+at+10.23.37+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Click on '<b>Catalog</b>' followed by '<b>Web Apps'</b></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div style="text-align: left;">
<div style="text-align: left;">
<div style="text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2z1JQtlSXxU9Og857S_DMv9JbMslX1pq1Phip_fuJYxYPsSrW5fyNB5AdU44UCELs0d7B5x4FpZ02Yf0el_OlpxKE0m7mAfkWXVGVk7qrw-Th4L9Pf_shTWWCtdCNlQhDzZRXif2OpMG/s1600/Screen+Shot+2020-03-27+at+9.25.08+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="175" data-original-width="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2z1JQtlSXxU9Og857S_DMv9JbMslX1pq1Phip_fuJYxYPsSrW5fyNB5AdU44UCELs0d7B5x4FpZ02Yf0el_OlpxKE0m7mAfkWXVGVk7qrw-Th4L9Pf_shTWWCtdCNlQhDzZRXif2OpMG/s1600/Screen+Shot+2020-03-27+at+9.25.08+AM.png" /></span></a></div>
</div>
</div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Click '<b>Settings'</b></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div style="text-align: left;">
<div style="text-align: left;">
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTnD5XTskffZFqSfjdJY9K3cco-RI5oDwWrQoTLiXUPdztfL_lR-2L29elcNNNKxnv9GKnJnY7E9yqwnVcANJZnaDDaMgB47mgNq5hXVvDst_NyLjPnxjHnCxBDoPM0ZaYPSIGG_lQzD2Y/s1600/Screen+Shot+2020-03-27+at+9.37.41+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="116" data-original-width="427" height="86" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTnD5XTskffZFqSfjdJY9K3cco-RI5oDwWrQoTLiXUPdztfL_lR-2L29elcNNNKxnv9GKnJnY7E9yqwnVcANJZnaDDaMgB47mgNq5hXVvDst_NyLjPnxjHnCxBDoPM0ZaYPSIGG_lQzD2Y/s320/Screen+Shot+2020-03-27+at+9.37.41+AM.png" width="320" /></a></span></div>
</div>
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;">In the new window that appears, click '<b>SAML Metadata</b>' </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjK6cABc6dfcKIjUlucKHg8O6bU4YyeRj4y7DKlFyq14Qy7sF_XtZUVBx4q6dnIXzkQb4hR8QBe5QkrL_ivWfqZjkKm1py2wzuFOQeAxqeTCHYjaqjBVlwX8UN2bpNa7kISBBudLbO9ily9/s1600/Screen+Shot+2020-03-26+at+10.23.53+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="832" data-original-width="1594" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjK6cABc6dfcKIjUlucKHg8O6bU4YyeRj4y7DKlFyq14Qy7sF_XtZUVBx4q6dnIXzkQb4hR8QBe5QkrL_ivWfqZjkKm1py2wzuFOQeAxqeTCHYjaqjBVlwX8UN2bpNa7kISBBudLbO9ily9/s1600/Screen+Shot+2020-03-26+at+10.23.53+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">We need to download the '<b>Identity Provider (iDP) metadata</b>' xml file, named <b>idp.xml</b></span></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlnf9luKogl7tw-UJm4OgN1zT8rGq-985m_Gs1gozzJZjtyk5tWWUjWEnEgmINNjLihZpicHm2ARFgDJnkO8TU1OOBVFOiF_6O-e7Uyl_4UtUEs6uDBhux768oIY_Dub_qAjyiEmTGW-pj/s1600/Screen+Shot+2020-03-26+at+10.24.06+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1084" data-original-width="1558" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlnf9luKogl7tw-UJm4OgN1zT8rGq-985m_Gs1gozzJZjtyk5tWWUjWEnEgmINNjLihZpicHm2ARFgDJnkO8TU1OOBVFOiF_6O-e7Uyl_4UtUEs6uDBhux768oIY_Dub_qAjyiEmTGW-pj/s1600/Screen+Shot+2020-03-26+at+10.24.06+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> Then we need to scroll down, and find the<b> 'Signing Certificate'</b>, then download the <b>'Signing Certificate'</b></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_qZFgeNmOGhOVbGBkkQXYvUI01QUmEKHn17bR-10MZpqSwQVxW2woX64nbID5LsjC1eFmovRImL0jsg11DZFBb0byRthCmonHQyUBT6F5BWpnE8is8_ZgWRA5oS35vCtcS-slpPyIm6Rc/s1600/Screen+Shot+2020-03-26+at+10.29.09.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="736" data-original-width="1072" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_qZFgeNmOGhOVbGBkkQXYvUI01QUmEKHn17bR-10MZpqSwQVxW2woX64nbID5LsjC1eFmovRImL0jsg11DZFBb0byRthCmonHQyUBT6F5BWpnE8is8_ZgWRA5oS35vCtcS-slpPyIm6Rc/s1600/Screen+Shot+2020-03-26+at+10.29.09.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> Back over in ServiceNow; double check for 'Format' is set to<b> 'PEM'</b>. Then copy the 'Signing Certificate' verbatim, and then paste it in the '<b>PEM Certificate</b>' form field. Then click <b>'Save'</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div style="text-align: left;">
<div style="text-align: left;">
<div style="text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMeyNU6IHFHng25EL1z_WYOQt-jssJvXRcV01mbvWD8WfK435xqQVkRGEz2pDfEI2upbaqxdB1ofwxg5uJggaGVShicDaMDKyzHX9subntrl64ThztImSBsBNK1AH8IWGe9tqW-eAPNEzu/s1600/Screen+Shot+2020-03-26+at+10.23.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="785" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMeyNU6IHFHng25EL1z_WYOQt-jssJvXRcV01mbvWD8WfK435xqQVkRGEz2pDfEI2upbaqxdB1ofwxg5uJggaGVShicDaMDKyzHX9subntrl64ThztImSBsBNK1AH8IWGe9tqW-eAPNEzu/s1600/Screen+Shot+2020-03-26+at+10.23.16+PM.png" /></span></a></div>
</div>
</div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNGONhwpelguLrh4CpFC5aVUL147YL9N1_BdOxQ3a-R6uiHkY3OryehqJ_UySC1K08la5hP4r-gGSFVSKU0J9kjP_1MUHX8lfx1VhW19CzBHLDM3F0gnMY_XYHE38MEHlz8gUtENCtIVOo/s1600/Screen+Shot+2020-03-26+at+10.30.23+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="992" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiNGONhwpelguLrh4CpFC5aVUL147YL9N1_BdOxQ3a-R6uiHkY3OryehqJ_UySC1K08la5hP4r-gGSFVSKU0J9kjP_1MUHX8lfx1VhW19CzBHLDM3F0gnMY_XYHE38MEHlz8gUtENCtIVOo/s1600/Screen+Shot+2020-03-26+at+10.30.23+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Now we can view our newly created X.509 certificate called <b>'SAML 2.0'</b></span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuV-6NIO53lWz82R63QQbe4JlasDzkWcgz5L15nAJmXX_YQRR1MKjMhFr4alwcgX6ivknDQNydAcTZnnPZniJAIP89r2hveww03g0d-JCNsM-A8-WyulmxcU7E5nYLFUHqjVGBqH5n5oiU/s1600/Screen+Shot+2020-03-26+at+10.30.31+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="193" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiuV-6NIO53lWz82R63QQbe4JlasDzkWcgz5L15nAJmXX_YQRR1MKjMhFr4alwcgX6ivknDQNydAcTZnnPZniJAIP89r2hveww03g0d-JCNsM-A8-WyulmxcU7E5nYLFUHqjVGBqH5n5oiU/s1600/Screen+Shot+2020-03-26+at+10.30.31+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> Now that the new SAML 2.0 X.509 Certificate is loaded, we can proceed to configure the Properties. </span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">If you still have the search results for <b>'SAML' </b>available; click <b>'Properties'</b></span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrCjvXFia4woR9gehODReU9EHzJgcS3E7o-PAMJUT67u46X1CsvrfKcm1_KBFJRkAk1YAVvPMHfYVtMIAwodGb8_-nn2eKu9MI6crzf0aNIDfNUsYWmB57bDaz0Ho_g5eOG_KYZlrFIrLg/s1600/Screen+Shot+2020-03-26+at+10.30.36+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="892" data-original-width="804" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrCjvXFia4woR9gehODReU9EHzJgcS3E7o-PAMJUT67u46X1CsvrfKcm1_KBFJRkAk1YAVvPMHfYVtMIAwodGb8_-nn2eKu9MI6crzf0aNIDfNUsYWmB57bDaz0Ho_g5eOG_KYZlrFIrLg/s1600/Screen+Shot+2020-03-26+at+10.30.36+PM.png" /></span></a></span></div>
<span style="font-family: "verdana" , sans-serif;"> <span style="font-size: x-small;">VMware provides incredible documentation outlining all of the required values. The documentation is available in PDF format at the following link: <a href="https://www.vmware.com/pdf/vidm-servicenow-saml.pdf" target="_blank">VMware Identity Manager Integration with ServiceNow</a></span> I have added my instances details below, and noted the appropriate values to enter. The user will login to their ServiceNow account, in my scenario, with their email address. E.G. <b>maui@ryanpringnitz.com</b></span> <span style="font-family: "verdana" , sans-serif;"> The <b>'Properties'</b> area of ServiceNow is filled out in the images below:</span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibSWAezhBrtaKcUoV9AS4uYhNq4KSzxJQASahvIlszhwMgEGJHcVqUg5pWRCy6gc_Usjh49ic5YBIdAGeS-dd-JVm_7wOBwV_irpC5iFl4rbn0RIMtTAHZyqoz4WQqAyVVumae4o3jVuhF/s1600/Screen+Shot+2020-03-26+at+10.30.55+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1048" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibSWAezhBrtaKcUoV9AS4uYhNq4KSzxJQASahvIlszhwMgEGJHcVqUg5pWRCy6gc_Usjh49ic5YBIdAGeS-dd-JVm_7wOBwV_irpC5iFl4rbn0RIMtTAHZyqoz4WQqAyVVumae4o3jVuhF/s1600/Screen+Shot+2020-03-26+at+10.30.55+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM8Ek8t_VLpN3jAhOekkStyDXVgAFoSix3FI9SgaX5A7mucrYO_QRXSYDbA_qOnsrW3_184Xu-c7XQAtRTckoku_XDPSlmbWnxPGrW7lEUjx4KE4YK2w_zRL-vigWelCyF8TcyFz_IhZGA/s1600/UpdatedScreen.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="767" data-original-width="1362" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM8Ek8t_VLpN3jAhOekkStyDXVgAFoSix3FI9SgaX5A7mucrYO_QRXSYDbA_qOnsrW3_184Xu-c7XQAtRTckoku_XDPSlmbWnxPGrW7lEUjx4KE4YK2w_zRL-vigWelCyF8TcyFz_IhZGA/s1600/UpdatedScreen.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj30c1TXwbEGgXxM4MStcM4XLJXNafGhoIKbgY8mpcCvO2_nRS37o8uV6ZrC4IElclW57m8Thte2XnDXqJuWw6MPt-mqeE4ViGIV4sgCAcZ_XgZR3lgkPIOHchb0OFIaiOKKjUgRvQIMA66/s1600/Screen+Shot+2020-03-26+at+10.31.12+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">I like to check 'Yes' to turn on debug logging for SAML 2.0 Authentication. <b><span style="font-size: x-small;">This is optional.</span></b></span></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgLHye0YLnuI6SndqjgAUUhtrpUvq5JzJajMSZAMbvaPo8mRho9hKGPoIxw8gv8NpMdzhS8zdChvl4IVNm63kd6oyboDqeVMMs9ec7ENDMXpD1WMW8OcmXso7sb7hbPacZuSVx6RmbDnQB/s1600/Screen+Shot+2020-03-27+at+9.03.07+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="430" data-original-width="1214" height="141" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgLHye0YLnuI6SndqjgAUUhtrpUvq5JzJajMSZAMbvaPo8mRho9hKGPoIxw8gv8NpMdzhS8zdChvl4IVNm63kd6oyboDqeVMMs9ec7ENDMXpD1WMW8OcmXso7sb7hbPacZuSVx6RmbDnQB/s400/Screen+Shot+2020-03-27+at+9.03.07+PM.png" width="400" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><b> </b></span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><b>Back to Workspace ONE Access</b></span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">To quick recap what we've done so far:</span></span> <span style="font-family: "verdana" , sans-serif;"> </span> <br />
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Obtained a ServiceNow tenant, installed a plugin for SSO </span></li>
<li><span style="font-family: "verdana" , sans-serif;">Provided our idp.xml location from Workspace ONE Access (vIDM), which provides the security token (SAML). </span></li>
</ul>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">To quick recap what we need to do still:</span></div>
<div>
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Setup a Policy in Workspace ONE Access, with the policy specifying the criteria necessary to be satisfied before the user is authorized</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Create a new SaaS application for our particular ServiceNow instance in Workspace ONE Access, and assign the user the resource. </span></li>
<li><span style="font-family: "verdana" , sans-serif;">Create the user (maui@ryanpringnitz.com) in ServiceNow, as the user does not exist in the ServiceNow environment</span></li>
</ul>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"> </span></div>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;">Note: This environment does not reflect the potential capabilities offered with Workspace ONE Intelligence & Risk Score authentication.</span></div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;">VMware covers authentication methods in much greater detail at the following PDF below for Access 20.01.</span></div>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><a href="https://docs.vmware.com/en/VMware-Workspace-ONE-Access/20.01/ws1_access_authentication.pdf" target="_blank">Managing User Authentication Methods in VMware Workspace ONE Access</a></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"><b>Login</b> to your Workspace ONE Access tenant or appliance:</span> <br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;"> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN1oakbSu7-wYTta-06o8lV1gscfhyphenhyphen_jL8GOD2Wxa5r-o5mRQL0EE3he6H5gbsj75ZT3rCyr9GkR1jKZfCM1S1hpC2QXs8gtybqQQ4_1GEVGofvZ-ag_oHikG6fJjCO_gegfcsxgmIXkaz/s1600/Screen+Shot+2020-03-26+at+10.23.37+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="904" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN1oakbSu7-wYTta-06o8lV1gscfhyphenhyphen_jL8GOD2Wxa5r-o5mRQL0EE3he6H5gbsj75ZT3rCyr9GkR1jKZfCM1S1hpC2QXs8gtybqQQ4_1GEVGofvZ-ag_oHikG6fJjCO_gegfcsxgmIXkaz/s1600/Screen+Shot+2020-03-26+at+10.23.37+PM.png" /></a></span></div>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Click on<b> 'Catalog' </b>followed by <b>'Web Apps'</b>, and then <b>'New'</b></span></span></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><span style="margin-left: 1em; margin-right: 1em; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2z1JQtlSXxU9Og857S_DMv9JbMslX1pq1Phip_fuJYxYPsSrW5fyNB5AdU44UCELs0d7B5x4FpZ02Yf0el_OlpxKE0m7mAfkWXVGVk7qrw-Th4L9Pf_shTWWCtdCNlQhDzZRXif2OpMG/s1600/Screen+Shot+2020-03-27+at+9.25.08+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="175" data-original-width="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhd2z1JQtlSXxU9Og857S_DMv9JbMslX1pq1Phip_fuJYxYPsSrW5fyNB5AdU44UCELs0d7B5x4FpZ02Yf0el_OlpxKE0m7mAfkWXVGVk7qrw-Th4L9Pf_shTWWCtdCNlQhDzZRXif2OpMG/s1600/Screen+Shot+2020-03-27+at+9.25.08+AM.png" /></a> </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZsDJjE0EHLyQP7UoG2igFf3KdqFUtZt_31PnAr-WFY1kGtirB5amJQ2xp1KTr9GVnw0t7aFB2vZlmA3pYTZPFZ5XUN5El53eaMN1-BS93x_ON_XNCSOL0Sp1fO6ILSfoRfzHBSUm0Qvas/s1600/Screen+Shot+2020-03-28+at+2.10.22+AM.png" imageanchor="1" style="clear: left; display: inline !important; margin-bottom: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="146" data-original-width="302" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiZsDJjE0EHLyQP7UoG2igFf3KdqFUtZt_31PnAr-WFY1kGtirB5amJQ2xp1KTr9GVnw0t7aFB2vZlmA3pYTZPFZ5XUN5El53eaMN1-BS93x_ON_XNCSOL0Sp1fO6ILSfoRfzHBSUm0Qvas/s1600/Screen+Shot+2020-03-28+at+2.10.22+AM.png" /></a></span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;">In the <b>'Name' </b>form-field, type in ServiceNow. Click <b>'Next'</b> <span style="font-size: x-small;">Optionally, add an icon of something cool, like a picture of a Tesla parked at a beach in Maui. Since the Mobile Flow is not setup yet, the request for the Tesla cannot be approved. Therefore there is no picture of a Tesla parked at a beach in Maui. The icon will therefore be blank in our example, but a ServiceNow logo would also be appropriate. </span><b> </b></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9KY562IcoXzK9_f2MENXDWaGxfxBphG4ZtWoWV9rTFFL0sXlB9hLsut82wHTCGOM7Futi2vVETJdlNuw5v2bATxaw6Yyis6XKtmrjbWT6fFZbupmJPmmEYNKDJFoXD9Y3vYwFD_kYx_iU/s1600/Screen+Shot+2020-03-26+at+10.32.06+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="954" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9KY562IcoXzK9_f2MENXDWaGxfxBphG4ZtWoWV9rTFFL0sXlB9hLsut82wHTCGOM7Futi2vVETJdlNuw5v2bATxaw6Yyis6XKtmrjbWT6fFZbupmJPmmEYNKDJFoXD9Y3vYwFD_kYx_iU/s1600/Screen+Shot+2020-03-26+at+10.32.06+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">In the<b> </b>'Authentication Type'<b> </b>specify <b>'SAML 2.0'</b>, followed by clicking the <b>'Manual'</b> radiobox.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Fill in the form fields as per your ServiceNow tenant; <br /><b>Single Sign-on URL:</b> <a href="https://dev89492.service-now.com/">https://dev89492.service-now.com</a>/navpage.do <br /><b><br /></b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><b>Recipient URL:</b> <a href="https://dev89492.service-now.com/">https://dev89492.service-now.com/</a>navpage.do <br /><b><br />Application ID:</b> <a href="https://dev89492.service-now.com/">https://dev89492.service-now.com</a></span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoB0ZtyddF1eU5yk0ZfEv6E7HOZFjHarKraoF_OjduYqZ-B7bZFk9cUvfMavJtnAmYGmtdF0Eb67hIPMXWoVrTjIKIw7QbDulGJ4kZ0H1E7275jxHji_3937H3kgrVRTkM2a-umefTFyR-/s1600/Screen+Shot+2020-03-26+at+10.32.12+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="919" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoB0ZtyddF1eU5yk0ZfEv6E7HOZFjHarKraoF_OjduYqZ-B7bZFk9cUvfMavJtnAmYGmtdF0Eb67hIPMXWoVrTjIKIw7QbDulGJ4kZ0H1E7275jxHji_3937H3kgrVRTkM2a-umefTFyR-/s1600/Screen+Shot+2020-03-26+at+10.32.12+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><b>Specify the 'Username Format' as:</b></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Email Address</span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><b>Specify the 'Username Value' as:</b></span></div>
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;">${user.email}</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBSEVaIiMfwbc3JVqCHspOZ1dwBs88lRWELHzOAro__0hYLVR3NmAwyRd3o2-OaDPwdaFQEYdPR7rZDFrC7lIFCyzRqTmJfSbUtmRLVk7M52w23AvPPt4h1g25QIK4ii4owwrwwVQw0RQ3/s1600/Screen+Shot+2020-03-26+at+10.32.18+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="933" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiBSEVaIiMfwbc3JVqCHspOZ1dwBs88lRWELHzOAro__0hYLVR3NmAwyRd3o2-OaDPwdaFQEYdPR7rZDFrC7lIFCyzRqTmJfSbUtmRLVk7M52w23AvPPt4h1g25QIK4ii4owwrwwVQw0RQ3/s1600/Screen+Shot+2020-03-26+at+10.32.18+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Ensure 'Sign Response' is set to <b>'Yes'</b> Ensure 'Sign Assertion' is set to <b>'Yes'</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;"> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi8wP-_Buojqb5Npi4Css7jNkm-nIKaWMbuqgZswMnBVYuuedVK35qDa-vFgHL2h5W9YVDbgnizCzE0QWQCAltPfddoC0p-9irvTaeyGuRi-yP_Jrv-Dk0atCOAlBf6N_A9VDk3gCZdNr9/s1600/Screen+Shot+2020-03-26+at+10.32.23+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1084" data-original-width="1600" height="433" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi8wP-_Buojqb5Npi4Css7jNkm-nIKaWMbuqgZswMnBVYuuedVK35qDa-vFgHL2h5W9YVDbgnizCzE0QWQCAltPfddoC0p-9irvTaeyGuRi-yP_Jrv-Dk0atCOAlBf6N_A9VDk3gCZdNr9/s640/Screen+Shot+2020-03-26+at+10.32.23+PM.png" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span></span> <span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">For the SaaS application to present itself in the User Portal; 'Show in User Portal' must be set to <b>'Yes'</b></span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWfIORzkekr3j6oIl3-AV1Pb2nX-v8XP9Yv-Vxx3aOecxtMMqVpXxNaWxIMnshlngRdrYIiFyxL5kKTeSnpl0bCm0z0_7ab2Os_SjOSGQ4K3ZIbj0855gJL-Xpvx-E1HYyfqUwtBU1rgTQ/s1600/Screen+Shot+2020-03-26+at+10.32.28+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="957" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgWfIORzkekr3j6oIl3-AV1Pb2nX-v8XP9Yv-Vxx3aOecxtMMqVpXxNaWxIMnshlngRdrYIiFyxL5kKTeSnpl0bCm0z0_7ab2Os_SjOSGQ4K3ZIbj0855gJL-Xpvx-E1HYyfqUwtBU1rgTQ/s1600/Screen+Shot+2020-03-26+at+10.32.28+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">If you already have created a Access Policy, select the appropriate policy here. Otherwise select <b>'default_access_policy_set</b>'. The Access Policy named 'ServiceNow' was created prior to this application. You can modify the Access Policy at another time.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWndaGAAVqXASqAh4MGKF5wGJAMlQVG4BH3ei6OZWKmvGCpw03u3dNkPQGTU0q-6F7oK9o3D1RrZ9uj2WffkVyVXexVv-6QSug_IDR-0mgtW5m3pdtLBIGUlZLNM_6XXrpyR2dmE4-vI4g/s1600/Screen+Shot+2020-03-26+at+10.32.33+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="933" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWndaGAAVqXASqAh4MGKF5wGJAMlQVG4BH3ei6OZWKmvGCpw03u3dNkPQGTU0q-6F7oK9o3D1RrZ9uj2WffkVyVXexVv-6QSug_IDR-0mgtW5m3pdtLBIGUlZLNM_6XXrpyR2dmE4-vI4g/s1600/Screen+Shot+2020-03-26+at+10.32.33+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirr64Pp56rqcRrQ4PxdZ9V4bkPNXPdWfLDWB-rj3MamN5Jtutw6z3jUNBtIEbTol2CSIdIHXQOWiwDKsGRE-CxTA6Bj-PK2CiJPzE4UbLv0-hXHaY8mzbvTlsbShnwavXxPOQgAhN40874/s1600/Screen+Shot+2020-03-26+at+10.32.39+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="946" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirr64Pp56rqcRrQ4PxdZ9V4bkPNXPdWfLDWB-rj3MamN5Jtutw6z3jUNBtIEbTol2CSIdIHXQOWiwDKsGRE-CxTA6Bj-PK2CiJPzE4UbLv0-hXHaY8mzbvTlsbShnwavXxPOQgAhN40874/s1600/Screen+Shot+2020-03-26+at+10.32.39+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Click 'Save and Assign'. In the new window that appears, select the user and/or user groups. Followed by changing the 'Deployment Type' to <b>Automatic</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzUM7sJLBUGsg64iV0LRL85S58gIT8rmgcAfgNHjZvjI_TNk2p8xiw5O4zHTD3QicomJg_pPkeFAS5mRV0cXcF4Lq0bnOJy3GOMVhOZDxabzs5nmQI6XtLvYG542N1LooLe74Xzg2hXIRQ/s1600/Screen+Shot+2020-03-26+at+10.33.12+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="686" data-original-width="524" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzUM7sJLBUGsg64iV0LRL85S58gIT8rmgcAfgNHjZvjI_TNk2p8xiw5O4zHTD3QicomJg_pPkeFAS5mRV0cXcF4Lq0bnOJy3GOMVhOZDxabzs5nmQI6XtLvYG542N1LooLe74Xzg2hXIRQ/s200/Screen+Shot+2020-03-26+at+10.33.12+PM.png" width="151" /></a></span><span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX15pklfsSviv5eDuUCQP_FDtvIosN-qoGRsjJI7m7iyUchX9CbVvDOqkZ71XAeQuKJsJxezyDDpp1tbupVzXk2vybpAWWGE7EUhVhJuSvA3caMcoRr2fOIxB6tN26ZQySF3C3Pk2duEFf/s1600/Screen+Shot+2020-03-26+at+10.33.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="342" data-original-width="1600" height="67" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX15pklfsSviv5eDuUCQP_FDtvIosN-qoGRsjJI7m7iyUchX9CbVvDOqkZ71XAeQuKJsJxezyDDpp1tbupVzXk2vybpAWWGE7EUhVhJuSvA3caMcoRr2fOIxB6tN26ZQySF3C3Pk2duEFf/s320/Screen+Shot+2020-03-26+at+10.33.16+PM.png" width="320" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Optionally, we can create a Access Policy now. If you used an existing Access Policy, or the default_access_policy, you are able to tTo do this;</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Click <b>'Identity & Access Management'</b>, followed by clicking 'Add Policy'</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"> </span> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR25Se4mRWs45GjUiAtLalf-fagFxF5m2AjuJ8xK1VK5p_Jkoz2snyXunZMs-rj-VrvWkeTfWMTTgcdOQG9jGikQpJ0DOnuuI8TZFBeNt3LyVU5xFpdWW-S7sYbEO1avZpTBCfYIcj8c2o/s1600/Screen+Shot+2020-03-26+at+10.31.29+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="706" data-original-width="1404" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR25Se4mRWs45GjUiAtLalf-fagFxF5m2AjuJ8xK1VK5p_Jkoz2snyXunZMs-rj-VrvWkeTfWMTTgcdOQG9jGikQpJ0DOnuuI8TZFBeNt3LyVU5xFpdWW-S7sYbEO1avZpTBCfYIcj8c2o/s640/Screen+Shot+2020-03-26+at+10.31.29+PM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Define a Policy Name in the form field. In the 'Applies To' search box, click in the search box for a list of applications to pick from appear. Select 'ServiceNow', and then click <b>'Next'</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjlc_8eD-P3cLLi0xcOeeHd-fLoBp5uykk_NXjOzM4r4DMtU9DyA36fKdD8Hp2ZpCamJBhYBio_G3W31hGU7hRCHvyVbUY1_f71Z4JyfW0oWh-9J5vmcunOIVBDF6COs7llfSuQJ9EjIkD/s1600/Screen+Shot+2020-03-28+at+2.39.01+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="707" data-original-width="1184" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjlc_8eD-P3cLLi0xcOeeHd-fLoBp5uykk_NXjOzM4r4DMtU9DyA36fKdD8Hp2ZpCamJBhYBio_G3W31hGU7hRCHvyVbUY1_f71Z4JyfW0oWh-9J5vmcunOIVBDF6COs7llfSuQJ9EjIkD/s1600/Screen+Shot+2020-03-28+at+2.39.01+AM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAaSdbgoAX40vgw234iJfcL9l27eQAmkD5EuNgHWNwxJrXlS5pp0q4R5ucUd-Ku5tYu0A_AwtmS1F3DnX4QCqX3K8qtR0BZ_nM3h3uCNunxGVmKHaN7N6yLRnHZ-gJhqzcvh0ALwHgAGHW/s1600/Screen+Shot+2020-03-26+at+10.31.35+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="562" data-original-width="1462" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAaSdbgoAX40vgw234iJfcL9l27eQAmkD5EuNgHWNwxJrXlS5pp0q4R5ucUd-Ku5tYu0A_AwtmS1F3DnX4QCqX3K8qtR0BZ_nM3h3uCNunxGVmKHaN7N6yLRnHZ-gJhqzcvh0ALwHgAGHW/s1600/Screen+Shot+2020-03-26+at+10.31.35+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Click 'Add Policy Rule' to define the policy rules.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhE_YGDhmbFONb78OEpmRy6wGWDqA7VRGjnhRbEt7yhEUtC28gH43DhsXUJx-JtbgiXDXIFXbpHpETAg5ein_zN8AkUpVFSnjplQN0Z7brZj01UeVwlhdGc049MdSFzpgljtIm69htzIkDn/s1600/Screen+Shot+2020-03-26+at+10.31.42+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="885" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhE_YGDhmbFONb78OEpmRy6wGWDqA7VRGjnhRbEt7yhEUtC28gH43DhsXUJx-JtbgiXDXIFXbpHpETAg5ein_zN8AkUpVFSnjplQN0Z7brZj01UeVwlhdGc049MdSFzpgljtIm69htzIkDn/s1600/Screen+Shot+2020-03-26+at+10.31.42+PM.png" /></a></span></div>
<span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Configure the Policy Rule appropriately. To keep it simple. The policy will be left to values of; If a user's network range is <b>ALL RANGES</b> and a user accessing content from <b>All Device Types</b></span> <span style="font-family: "verdana" , sans-serif;">and user belongs to (no groups selected)</span> <span style="font-family: "verdana" , sans-serif;">Then perform this action <b>Authenticate using...</b> then the user may authenticate using <b>'Password (cloud deployment)'</b></span> <span style="font-family: "verdana" , sans-serif;"><b> </b></span> <span style="font-family: "verdana" , sans-serif; font-size: x-small;">*Note - Password (cloud deployment) authentication method will use the built-in identity provider, which will use a Identity Manager Connector to use an auth method of <b>'PasswordIdpAdapter'</b>. This allows the connector(s) to communicate with Active Directory.</span> <span style="font-family: "verdana" , sans-serif;"> </span> <br />
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgN2Z6K9V2bqTE4pysSa8ExAivK53kfIhUscaEUE4CxSAFjReHCJcXQKaQGif0UCCaSmAG6SyyVuKUpW-KJ4q46cMU9KqKXkPvvS_RJYX6uIfCgmzmiOziAlU1YuhjvPQHNKmovx7XHR8Gf/s1600/Screen+Shot+2020-03-26+at+10.31.48+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="880" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgN2Z6K9V2bqTE4pysSa8ExAivK53kfIhUscaEUE4CxSAFjReHCJcXQKaQGif0UCCaSmAG6SyyVuKUpW-KJ4q46cMU9KqKXkPvvS_RJYX6uIfCgmzmiOziAlU1YuhjvPQHNKmovx7XHR8Gf/s1600/Screen+Shot+2020-03-26+at+10.31.48+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiriSk5oD0NMav1QdzHfh6E0bIkhBkO0A8JKyiRdxkDycGOJMO-XUfVSALHRs8uPJocosss97rRYAHK9BOc2LK_9r_MaraUF4eeurY4YXr_SXg4-9m-BbiY69WA2BSc16djOf2Iu4j44-MW/s1600/Screen+Shot+2020-03-26+at+10.31.53+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="892" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiriSk5oD0NMav1QdzHfh6E0bIkhBkO0A8JKyiRdxkDycGOJMO-XUfVSALHRs8uPJocosss97rRYAHK9BOc2LK_9r_MaraUF4eeurY4YXr_SXg4-9m-BbiY69WA2BSc16djOf2Iu4j44-MW/s1600/Screen+Shot+2020-03-26+at+10.31.53+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDHbET1MoXtKq2wNIbl6sdPgzwW5LoAQqEaXark1D0I7CdJrYK9CG_bvUVZaaqB6Huj-TJd8kJJmUNiYBrzTTagujd2wLETBZ4sI0VCsiwFR4JxHTPGvDlKg3l5M4ATz60BMZiscaftE-6/s1600/Screen+Shot+2020-03-26+at+10.31.59+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="894" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDHbET1MoXtKq2wNIbl6sdPgzwW5LoAQqEaXark1D0I7CdJrYK9CG_bvUVZaaqB6Huj-TJd8kJJmUNiYBrzTTagujd2wLETBZ4sI0VCsiwFR4JxHTPGvDlKg3l5M4ATz60BMZiscaftE-6/s1600/Screen+Shot+2020-03-26+at+10.31.59+PM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> Click <b>'Save'</b>.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">If you need to assign the Access Policy to the previously created SaaS application (ServiceNow); navigate to <b>'Catalog' </b>in the top of the console.<b> </b>Once the catalog loads, select the 'ServiceNow' application and click '<b>Edit</b>'.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div style="text-align: left;">
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEga_OXY7FrJHceeJG15TVc8C6DOG8GXqmR4pKlNASoqyraaPQWV-niObT2R4rd4QMy108s2X2BjJvY3B4shQTWgxtZZVeG8NKDbwfCquqvxwVnZBB0bZbJkfzco8-orWFo-3QVJOZtO-xxT/s1600/Screen+Shot+2020-03-28+at+5.01.53+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1010" data-original-width="1324" height="488" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEga_OXY7FrJHceeJG15TVc8C6DOG8GXqmR4pKlNASoqyraaPQWV-niObT2R4rd4QMy108s2X2BjJvY3B4shQTWgxtZZVeG8NKDbwfCquqvxwVnZBB0bZbJkfzco8-orWFo-3QVJOZtO-xxT/s640/Screen+Shot+2020-03-28+at+5.01.53+PM.png" width="640" /></a></span></div>
</div>
<span style="font-family: "verdana" , sans-serif;"> The '<b>Edit SaaS Application'</b> window will appear, click <b>'Next'</b> to proceed to 'Access Policies'. At the 'Access Policies' page, click the drop-down and specify the ServiceNow Access Policy created previously (reminder: the Access Policy was named 'ServiceNow').</span> <br />
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div style="text-align: left;">
<div style="text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeDIWyHSyHh-aSiL49MAh9XAPJLUvPH92pxnrA5v7GzzLwXhyzUonhhhZBcNh-rt7cUIPM21xNqhFKtxMsZlBoxi9lxxt1MRECuUTIC17kJsbkM8wjrjY_ilBU2_CIv8GZShsNLSMUfDUz/s1600/Screen+Shot+2020-03-28+at+5.02.14+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="965" data-original-width="1600" height="384" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjeDIWyHSyHh-aSiL49MAh9XAPJLUvPH92pxnrA5v7GzzLwXhyzUonhhhZBcNh-rt7cUIPM21xNqhFKtxMsZlBoxi9lxxt1MRECuUTIC17kJsbkM8wjrjY_ilBU2_CIv8GZShsNLSMUfDUz/s640/Screen+Shot+2020-03-28+at+5.02.14+PM.png" width="640" /></a></span></div>
</div>
<span style="font-family: "verdana" , sans-serif;"> <b> </b> Select the <b>'ServiceNow</b>' application previously created, and click '<b>Edit'.</b> In the new window that appears, allowing you to edit the SaaS application, click <b>'Next</b>', followed by '<b>Save</b>'. At this time, we have setup;</span> <br />
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Access Policy</span></li>
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Created, if necessary</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Assigned to Resource (ServiceNow)</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Specified Access Policy rules (Password (cloud deployment))</span></li>
</ul>
<li><span style="font-family: "verdana" , sans-serif;">Created SaaS application (ServiceNow)</span></li>
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Assigned to user/user group</span></li>
</ul>
<li><span style="font-family: "verdana" , sans-serif;">Setup Single Sign-On in ServiceNow</span></li>
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Activated, installed plugin</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Configured Properties, Certificate</span></li>
</ul>
</ul>
<div>
<span style="font-family: "verdana" , sans-serif;">If your ServiceNow tenant is not integrated with LDAP and populating users and user email accounts; you will need to create the user you wish to test with. Since the domain ryanpringnitz.com is not integrated with ServiceNow; we will quickly cover how to create the maui@ryanpringnitz.com user in ServiceNow.</span></div>
<div>
</div>
<div>
<span style="font-family: "verdana" , sans-serif;">Login to your ServiceNow tenant, if you are being redirected to VMware Workspace ONE Access for Single Sign-On and unable to login; you can access the tenant through the side door. Available at the following address: <a href="https://%7Btenant%7D.service-now.com/side_door.do">https://{tenant}.service-now.com/side_door.do</a></span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTw88MoiGjwaEIKj8p7DPYPExfDUx2976H4cGtuFOdmwOa0KZu1JJRud9VaOL3jslwcp_z4Kw1q-vt3Vx8xfPUG2gM5IinIFU02s0jJnW_vtu8U4uwU_cBzIKlleKt5Pigv4mp70xjwJ5K/s1600/Screen+Shot+2020-03-28+at+5.27.56+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="410" data-original-width="1600" height="164" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTw88MoiGjwaEIKj8p7DPYPExfDUx2976H4cGtuFOdmwOa0KZu1JJRud9VaOL3jslwcp_z4Kw1q-vt3Vx8xfPUG2gM5IinIFU02s0jJnW_vtu8U4uwU_cBzIKlleKt5Pigv4mp70xjwJ5K/s640/Screen+Shot+2020-03-28+at+5.27.56+PM.png" width="640" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Search for '<b>Users</b>', followed by clicking '<b>Users'</b> in the menu</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5eolWzhyNTIyf8U0Pgq-anof7JZQ82P5M_BsExPVH5o00TcER5mdfIf82_X7SFBWOgA5mpQNCduDUKt7aTLKtvfKKjVZOvUdFOq1yFKZx7hGOVnYN9Keev7iqLIug2tmPgPfJzSDFtzNb/s1600/Screen+Shot+2020-03-28+at+5.28.03+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1600" data-original-width="515" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi5eolWzhyNTIyf8U0Pgq-anof7JZQ82P5M_BsExPVH5o00TcER5mdfIf82_X7SFBWOgA5mpQNCduDUKt7aTLKtvfKKjVZOvUdFOq1yFKZx7hGOVnYN9Keev7iqLIug2tmPgPfJzSDFtzNb/s640/Screen+Shot+2020-03-28+at+5.28.03+PM.png" width="206" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Before adding maui@ryanpringnitz.com, search for the user to verify they do not already exist:</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-TH10fYwbdUBP5nI2ePkasyApYalhgG_Sqv3aIloQj7tvAa2cVmcbGpJf2k_zQEV0nr7DVp1kw3vnUTbwV16m9N6R0AoMWUgqTNfe5vba_voBVdPNtb40gdTmlIT4CN221CfsycaNuDyv/s1600/Screen+Shot+2020-03-28+at+5.28.16+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="262" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-TH10fYwbdUBP5nI2ePkasyApYalhgG_Sqv3aIloQj7tvAa2cVmcbGpJf2k_zQEV0nr7DVp1kw3vnUTbwV16m9N6R0AoMWUgqTNfe5vba_voBVdPNtb40gdTmlIT4CN221CfsycaNuDyv/s1600/Screen+Shot+2020-03-28+at+5.28.16+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif; margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirGcBRc0LfyDWOiaqH3l5SexQdA5M-lV0GyecPRV6_n0bv6mLC5Twd6znFZKomMRx5iFWFCoHIvV6nKL3tXuXHnIFpokQDmX7bYuHSd6W7bw18UzCK8ugJF-sY9qYCx2xUw4z3uotUZq4I/s1600/Screen+Shot+2020-03-26+at+10.33.46+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="447" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEirGcBRc0LfyDWOiaqH3l5SexQdA5M-lV0GyecPRV6_n0bv6mLC5Twd6znFZKomMRx5iFWFCoHIvV6nKL3tXuXHnIFpokQDmX7bYuHSd6W7bw18UzCK8ugJF-sY9qYCx2xUw4z3uotUZq4I/s1600/Screen+Shot+2020-03-26+at+10.33.46+PM.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">The user does not exist, and we can proceed to click <b>'New'</b>. Once inside the New Record page, fill out the user details. Recall that the identifier in the Name ID SAML attribute is the email address. It is critical that there are no typos in the email address. Once the user details are filled out, click <b>'Submit'</b></span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7AcbY_eP5rmIJwt65lXKswDYU55kpedAX2_XZZlrLW55Bwldbn2VsI3vtJHomvVmBIKqhEydmFtFEh6oTMYlNwEUOvk20E4NRRnxjVcfS3ucWXUjibOr1sYEG0UVOMYN9ijqzX7JbZptN/s1600/Screen+Shot+2020-03-26+at+10.33.54+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="723" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7AcbY_eP5rmIJwt65lXKswDYU55kpedAX2_XZZlrLW55Bwldbn2VsI3vtJHomvVmBIKqhEydmFtFEh6oTMYlNwEUOvk20E4NRRnxjVcfS3ucWXUjibOr1sYEG0UVOMYN9ijqzX7JbZptN/s1600/Screen+Shot+2020-03-26+at+10.33.54+PM.png" /></span></a></div>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span></div>
<div>
<span style="font-family: "verdana" , sans-serif;"> </span> <span style="font-family: "verdana" , sans-serif;">Finally, two videos to demonstrate single sign-on configuration, and single-sign on in Safari. At this time, the user is able to perform both iDP initiated or SP initiated SSO flow.</span></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/qFS6k9Q2xro/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/qFS6k9Q2xro?feature=player_embedded" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
</div>
<div class="separator" style="clear: both; text-align: left;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/hHfxHnVysyM/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/hHfxHnVysyM?feature=player_embedded" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Verdana, sans-serif;">Mahalo,</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Verdana, sans-serif;">Ryan Pringnitz</span></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"> </span></div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"> Reference:</span> <span style="font-family: "verdana" , sans-serif; font-size: x-small;"><a href="https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/index.html" target="_blank">VMware Workspace ONE Documentation Home</a></span> <span style="font-family: "verdana" , sans-serif; font-size: x-small;"><a href="https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/services/WS1_mobile_flows_Doc.pdf" target="_blank">Workspace ONE Mobile Flows</a></span> <a href="https://www.vmware.com/pdf/vidm-servicenow-saml.pdf"><span style="font-family: "verdana" , sans-serif; font-size: x-small;">VMware Identity Manager Integration with ServiceNow</span></a></div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Koloa Rd, Koloa, HI 96756, USA21.9042389 -159.4649767-2.0217455999999991 159.2264293 45.830223399999994 -118.1563827tag:blogger.com,1999:blog-3792012736265800115.post-74374054082178614442020-03-24T20:08:00.000-04:002020-06-25T14:42:56.173-04:00How to remove sensitive data from code and access Workspace ONE API's more securely (part 1)<span style="font-family: "verdana" , sans-serif;">Organizations that use custom built tools to access API's can approach this in a variety of ways. It is not uncommon to find tools developed with sensitive data contained within the source code itself. PowerShell scripts are a great example of where we can find sensitive data leaking. These scripts come with the best of intentions, but can accidentally contain the keys to the kingdom. We’ll look at how I use a config.ini file to access a funny environment we’ll call https://Kauai.ryanpringnitz.com, but b</span><span style="font-family: "verdana" , sans-serif;">efore we proceed, cue the mood boosting visuals...</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCl1CoPrnu55nyNRYpwzRHp3_C8cyQLYtVzhFb0vNyPt6ey5U9Hr9mVbO0U2AWei1pKdSugTZNweF5wGa9TLQLJP2M98DSlQGuLDN4vwijB8xFa3TN2Rpn4oCmMHCiU2QeplR1ALbJDTAs/s1600/9642C49B-54E4-4ACF-8EB9-FC23A6022604.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="1200" data-original-width="1600" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCl1CoPrnu55nyNRYpwzRHp3_C8cyQLYtVzhFb0vNyPt6ey5U9Hr9mVbO0U2AWei1pKdSugTZNweF5wGa9TLQLJP2M98DSlQGuLDN4vwijB8xFa3TN2Rpn4oCmMHCiU2QeplR1ALbJDTAs/s640/9642C49B-54E4-4ACF-8EB9-FC23A6022604.JPG" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><br /></td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><br /></span><span style="font-family: "verdana" , sans-serif;">Storing sensitive data in code makes it difficult to commit code to a source version control system Bitbucket, GitHub, TFS, etc), as it would be insecure. It can even be against company policy to store sensitive data this way. By storing the sensitive information in a config.ini file; you can more easily present the code in a screen sharing session (maybe in a sprint demo), or commit your code to remote a repository. </span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Examples of sensitive data found in custom tools include, but are not limited to;</span></span><br />
<br />
<ul>
<li><span style="font-family: "verdana" , sans-serif;">Hostname</span></li>
<li><span style="font-family: "verdana" , sans-serif;">FQDN </span></li>
<li><span style="font-family: "verdana" , sans-serif;">API Key</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Plain Text Credential</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Base64 Encoded Credential</span></li>
<li><span style="font-family: "verdana" , sans-serif;">UNC File Share</span></li>
</ul>
<div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">Let's take a look at what is commonly seen in the code of a custom built tool, that could be more securely implemented:</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<script src="https://gist.github.com/HawaiiRyan/cd55082ba13373caaed9e92e75497f7d.js"></script><span style="font-family: "verdana" , sans-serif;"><br />
</span> <br />
<div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">To improve on this; we can create a config.ini file that our code references. This removes the sensitive information previously stored in the script itself, and stores it in a config.ini file.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">So, what does the config.ini file look like?</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <script src="https://gist.github.com/HawaiiRyan/b610f6d5427afa9609cee145affed912.js"></script><br />
<br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;"><br /></span><br />
<span style="font-family: "verdana" , sans-serif;">The config.ini file needs to be tailored to your environment. For example; line 11 contains the URL that can respond to API calls. Line 16 contains the base64encoded credentials. Line 17 contains the API key with proper scope for the environment. Finally, line 28 references the path where files can be stored for logging. Note, due to regex and how backslashes are parsed; you will have to use two backslash instead </span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Let's rewrite that PowerShell code used above, and see how we to remove this sensitive data from the script using the config.ini file. Line 7 and 8 are going to get the location of the config.ini file.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <script src="https://gist.github.com/HawaiiRyan/a04c2c09ed03114dbe2640d381a73e0a.js"></script><br />
<span style="font-family: "verdana" , sans-serif;">Line 8, we store the contents of the config.ini file in the $WS1Env variable. This variable is an object that can be used in the script. For example, the URL of the environment is no longer exposed in plain text in the script. We have hidden the base64 encoded credentials, API key, and log path. This is accomplished by replacing sensitive data in the code with data obtained in the objects properties (e.g. $WS1Env.UATapikey )</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">To further improve the script and how it communicates with remote REST Endpoints, on line 3 and 4, communication is forced to use the TLS 1.2 cipher suite. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">We can take this one step further, and apply ACL's to the config.ini file to restrict access to approved users only. </span><span style="font-family: "verdana" , sans-serif;">For instance, </span><span style="font-family: "verdana" , sans-serif;">you could remove read access to the config.ini file, then grant read access only to a service account. To further secure access to the config.ini file, the service account could be enrolled in a privileged access management product</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span><br />
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span></div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com1Princeville, HI, USA22.2236111 -159.485277822.194212099999998 -159.52561830000002 22.2530101 -159.4449373tag:blogger.com,1999:blog-3792012736265800115.post-88392318347581594262020-03-14T21:11:00.000-04:002020-06-25T14:43:55.485-04:00Using Product Provisioning in Workspace ONE to deliver intents to Android devices and perform tasks like activating Zimperium zIPS<span style="font-family: "verdana" , sans-serif;">Friday the 13th, 2020 has come and gone, and what a week it was. Everyday we should be thankful, but this week I am especially thankful; thankful for health, thankful for my colleagues, team-mates, teachers, friends and mentors I get to work with and learn from everyday - even remotely. </span><span style="font-family: "verdana" , sans-serif;">It is a honor to be able to collaborate on projects that push the envelope, and work with people who selflessly share their time and knowledge. </span><span style="font-family: "verdana" , sans-serif;">Weeks like this remind me to appreciate the small things, encourages me to be more generous, and look for more ways to help others.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">I am thankful for everyone who does their part to make the world we all have come to appreciate, a better place. We might not have everything we want, but we can keep working toward our goals. Join me in being thankful, and looking for more ways to help where you can.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">The labor force is shifting in unprecedented ways this week, with class-A office space traded for makeshift offices - or makeshift medical facilities. We all have a role to play in making sure the services and products required to make the economy function are available - and working.</span><br />
<br />
<span style="font-family: "verdana" , sans-serif;">The digital workspace is varied; with use cases solving problems that didn’t exist 3 months or 3 years ago. For you to get to Hawaii safely, you might run in to a few devices along the way. Ticket scanners, kiosks, in-flight entertainment, digital signage. And the information displayed, or the applications in use won’t always be the same. They may change daily, hourly, and you don’t even realize it. Automating actions that could require user input on remote Android devices makes things a bit easier. Maybe you need to update the application - and start the application. We covered this at a high-level with Zimperium zIPS previously, but lets look at how to do this with other examples that allow us to look at a code sample. But before that, cue the mood boosting visuals...</span><br />
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> </span><br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNDIyYvS8-ggCs91DnlSUVXFBzkJ-JnP6f0540L7wsmlnTfh1cSMQL2lTyeHDlYU-TL6jrj-RgAvM-UcKo2odfwkv1KMeSUnGBNWWiUYBTZMbuONqilGEIOg2e6QUbWrbFVKcJobWPswAf/s1600/IMG-20180811-172206.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;"><img border="0" data-original-height="1600" data-original-width="1200" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNDIyYvS8-ggCs91DnlSUVXFBzkJ-JnP6f0540L7wsmlnTfh1cSMQL2lTyeHDlYU-TL6jrj-RgAvM-UcKo2odfwkv1KMeSUnGBNWWiUYBTZMbuONqilGEIOg2e6QUbWrbFVKcJobWPswAf/s640/IMG-20180811-172206.jpg" width="480" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;">Hawaii still has plenty of aloha to share</span></td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> </span><br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7ZjmGwq2qi0nSK8KhWnon9fOeJJCT9YRVwSimj4F_9N-p7oS0c66muY204lVz6wn6N2puxgIDNFlFDuIrbNaxg8aA3biYsTO27dFC9uCDV7XK_A0Lm8Wiypfmmm6N-I4NDSvRILFN-LuB/s1600/IMG-20190416-183447.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;"><img border="0" data-original-height="1200" data-original-width="1600" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7ZjmGwq2qi0nSK8KhWnon9fOeJJCT9YRVwSimj4F_9N-p7oS0c66muY204lVz6wn6N2puxgIDNFlFDuIrbNaxg8aA3biYsTO27dFC9uCDV7XK_A0Lm8Wiypfmmm6N-I4NDSvRILFN-LuB/s640/IMG-20190416-183447.jpg" width="640" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;">This little goober is still willing to flash a smile<br />
</span></td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span> <br />
<div style="text-align: right;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span></div>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikwoAL2uD5Zt-rUkPoVZbqg_5Mzt5tLUVE-FR5HUc3sXnWKlcHg8XIUqo3WuhixAaDoNGYcaILjwArib4Asu2dN4aviCogXUQ_5NzSZgIDqjZNGoKVcf5y5HpFFf9cjs58J2muJY4QeMMA/s1600/IMG-t3tvdj.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;"><img border="0" data-original-height="534" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikwoAL2uD5Zt-rUkPoVZbqg_5Mzt5tLUVE-FR5HUc3sXnWKlcHg8XIUqo3WuhixAaDoNGYcaILjwArib4Asu2dN4aviCogXUQ_5NzSZgIDqjZNGoKVcf5y5HpFFf9cjs58J2muJY4QeMMA/s1600/IMG-t3tvdj.jpg" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-left: 1em; text-align: center;"><tbody>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;">The Awa'awapuhi trail still offers breathtaking views of the Na Pali Coast</span></td></tr>
</tbody></table>
</td></tr>
</tbody></table>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span> <br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkRYPhqH4JlUV8pu2P6NZ1CpbtigBTUtSVXKbJKAbWV2nlS_wyOkYKmCw8a8YVo0gU77hd5ZoXdBhx6ABiC30HeAclVrMFyc-FZVGwY3Q7k5vNDHE3-W2TIIbCySHGGNCN2keKgucVvSS3/s1600/74000.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;"><img border="0" data-original-height="1200" data-original-width="1600" height="479" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkRYPhqH4JlUV8pu2P6NZ1CpbtigBTUtSVXKbJKAbWV2nlS_wyOkYKmCw8a8YVo0gU77hd5ZoXdBhx6ABiC30HeAclVrMFyc-FZVGwY3Q7k5vNDHE3-W2TIIbCySHGGNCN2keKgucVvSS3/s640/74000.jpg" width="640" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;">And today my solar array surpassed 4 Megawatt hours of production, with my SolarEdge inverter reporting over 6,200 lbs of CO2 emissions saved from the atmosphere. Fun fact: the second Friday in March is solar appreciation day.</span></td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEji4-R2ZDX29LlBgdapXGBsO_aeAIGWjqKotfsntiG4IeIQE1bZlPB_MmZicGkZozDiSQXRCKep-6-JLcSTfJnC2OPDd0sGH13aiy8dHB514zG-QZLJjHEK-LB8F1Rm-XN7jAI-DaOg6LMr/s1600/IMG_0311.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif; font-size: x-small;"></span></a></div>
<div style="caret-color: rgb(0, 0, 0); text-size-adjust: auto;">
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span></div>
<div>
<span style="font-family: "verdana" , sans-serif; font-size: x-small;"><br />
</span></div>
<span style="font-family: "verdana" , sans-serif;">On with the show; let's take a look at how to unlock some under-appreciated capabilities in Workspace ONE. It just might help you deliver services that people <i>really</i> depend on more than ever today.</span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">In a <a href="https://www.ws1inhawaii.com/2020/02/zimperium-delivery-and-activation-on.html" target="_blank">prior</a> blog post we covered how to secure mobile devices by delivering a mobile threat detection and response product by Zimperium called zIPS. What we did not cover in detail was how zIPS could be delivered <b>and</b> activated on devices in various power states. Android OS's native power saving capabilities (app standby and doze mode) allow us to get the battery life we demand, but these features do not have to come at the expense of security or your patience during a maintenance window.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">If your maintenance window provides a window to communicate with devices that are idle, with the display off, or even unplugged from a power source; you need a tactical approach to accomplish this, and the ability communicate with them reliably during this window. Even if the device is being used, you will find the Android OS is actively putting individual applications in battery conserving states like app standby, or even the device itself with doze mode.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">For more on how Android OS defers network communication and conserves </span><span style="font-family: "verdana" , sans-serif;">battery life; I have included links below covering Doze Mode, App Standby, and Wakelocks below.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <a href="https://developer.android.com/training/monitoring-device-state/doze-standby"><span style="font-family: "verdana" , sans-serif;">https://developer.android.com/training/monitoring-device-state/doze-standby</span></a></span><br />
<span style="font-family: "verdana" , sans-serif;"><a href="https://developer.android.com/training/scheduling/wakelock">https://developer.android.com/training/scheduling/wakelock</a></span><br />
<span style="font-family: "verdana" , sans-serif;"><a href="https://youtu.be/Rwshwq_vI1s">https://youtu.be/Rwshwq_vI1s</a> - Joanna Smith, Google, App Standby vs Doze: Understanding System Sleep (Big Android BBQ 2015)</span><br />
<span style="font-family: "verdana" , sans-serif;"><a href="https://youtu.be/p6ZiDZBgPY8">https://youtu.be/p6ZiDZBgPY8</a> - Joanna Smith, Google, App Standby vs Doze: Understanding System Sleep (Android Dev Summit 2015)</span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Workspace ONE UEM overcomes these challenges by leveraging Google's recently introduced Firebase Cloud Messaging (FCM). When you send a product with Workspace ONE and communicate with 50,000 or 500,000 devices; you have the power of a high-priority FCM message going to your devices. High-priority FCM messages are sent to any Android device it is intended for, even if it means turning on the wireless radio (e.g. cellular wireless (3G/4G/5G) or Wi-Fi (802.11)).</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Workspace ONE UEM's adoption of FCM allows us to have confidence in our ability to communicate with our devices. This is worth writing about, sharing, and demonstrating. This gives us the ability to provide a zero-touch solution when delivering mobile security products such as Zimperium zIPS to devices in various power states. But this ability with product provisioning to send intents has other use cases it can assist with. Let’s walk through the flow in the Zimperium zIPS use case, and then demonstrate this with a custom application that we can show the source code in - so you can apply this to more use cases of your own.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span></span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">When we deliver an application that has not had its services started in the background or foreground; we need a little help from Workspace ONE to activate Zimperium's zIPS. Product Provisioning in Workspace ONE is able to deliver high-priority FCM messages. A high-priority FCM gives us the capability to wake up the device from any power state (except devices powered off) and complete the prescribed tasks. With zIPS; the zIPS application has an intent explicitly sent by Product Provisioning. When we send this explicit intent after installation; we tell the device to start the Zimperium zIPS activity. This allows zIPS to start its own pub/sub messaging service on the device. </span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;">zIPS receives the intent, and starts the necessary services locally on the device. Workspace ONE provides the managed configuration for the application which tells the zIPS application where to direct the activation request. The device sends outbound network traffic destined for the Zimperium zConsole. As soon as activation occurs, the device is offered protection from mobile threats with the zIPS mobile threat detection and response engine. zIPS works in conjunction with Workspace ONE UEM as Device Owner (in Android Enterprise Work Managed use cases) to carry out threat remediation responses configured in Zimperium & Workspace ONE.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Your use case could differ slightly, but solved in a similar manner. If your use case requires an intent; you can use Workspace ONE UEM's Product Provisioning capabilities. For more details on Product Provisioning in Workspace ONE, see the PDF below.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <a href="https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/1903/WS1_ProdProv_for_Android.pdf"><span style="font-family: "verdana" , sans-serif;">https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/1903/WS1_ProdProv_for_Android.pdf</span></a></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;">Let's look at an example of how intents work with product provisioning.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> </span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBotgY-sfOwIafWK4i9O4jeMfW1DW3oFSw8tGOzhHY3-Mb-VqO3zDFxorzE5uzKz5BXz4OhdghjhXNbOekBy8-eYg6HIm34GbUfn0NHIwG9RPBgUv0odqbaUmxmyb2Ikq2z8qbEi4wIf8L/s1600/Screen+Shot+2020-03-14+at+3.41.36+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="908" data-original-width="1456" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBotgY-sfOwIafWK4i9O4jeMfW1DW3oFSw8tGOzhHY3-Mb-VqO3zDFxorzE5uzKz5BXz4OhdghjhXNbOekBy8-eYg6HIm34GbUfn0NHIwG9RPBgUv0odqbaUmxmyb2Ikq2z8qbEi4wIf8L/s1600/Screen+Shot+2020-03-14+at+3.41.36+AM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span></span></span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">In the screenshot above, you see a screenshot of Android Studio, and</span></span> one of the core-components in an Android application, AndroidManifest.xml. In the AndroidManifest.xml file you can find all the services, activities, content providers, receivers and <b>intent-filters</b>. Intent-filters tell your application what broadcasts to listen to from the Android OS. If there are multiple applications listening for the same intent; and the intent is broadcast implicitly, the user can be presented with the choice of which application to perform the action with. We prefer the best user experience without interruptions, and should try to use explicit intents where possible.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;">Q: So we broadcast an intent to what? <br />
A: To either an activity or service.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span></span>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">Q: To do what?</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;">A: Start something, a service or activity</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span></span> <span style="font-family: "verdana" , sans-serif;">Q: What is an activity? </span><br />
<span style="font-family: "verdana" , sans-serif;">A: The activity presents the view that your users interact with.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Take a look below at the demo application below. Android Studio is showing what we view in applications activity. If we want to bring this activity to the foreground, we would send an intent with Workspace ONE Product Provisioning.</span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> </span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTGQu4jZQsXtHNZ7bptc5-EXd9Z5zH57VgwYUcpN_mQ97SROXgc9iSupOLnVn3gSAX9VJ7ISqJOatE-y4NMbFuqZvM69j_BTzveyUbXfs5gNTFnRXvs3alYvcSDgcnIQ6S2uDS0YhEl9Kb/s1600/Screen+Shot+2020-03-02+at+1.34.47+AM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="904" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTGQu4jZQsXtHNZ7bptc5-EXd9Z5zH57VgwYUcpN_mQ97SROXgc9iSupOLnVn3gSAX9VJ7ISqJOatE-y4NMbFuqZvM69j_BTzveyUbXfs5gNTFnRXvs3alYvcSDgcnIQ6S2uDS0YhEl9Kb/s1600/Screen+Shot+2020-03-02+at+1.34.47+AM.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">If we wanted to open Chrome, we would send an intent of android.intent.action.MAIN to the activity of apps.chrome.Main. This activity is inside of the Android component, or bundle ID of com.android.chrome. So in the example above, if we wanted to remotely launch the 'Commercial Real Estate Services' application; we would use the following line in our product.</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span></span>
<script src="https://gist.github.com/HawaiiRyan/60b5b026de6c82996fbfd0178f9c476d.js"></script><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span><span style="font-family: "verdana" , sans-serif;">Let's give it a try with our demo application and see how it works in a different use case. We'll create a 'File/Actions' component called 'Molokai - Foreground Activity', add the intent you see below in the product manifest. Then create a product in Product Provisioning, and deliver it.</span></span><br />
<ol>
<li><span style="font-family: "verdana" , sans-serif;">In the console, navigate to Devices -> Provisioning -> Components -> Files/Actions<br /><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidd8DQcsap8Y5b60Kjr2-LxLfT9af3D73m-g3EfnZqk8ZmOyUqzSJwiPGFvskKr7pvZxzbuIe-UfRtbDomCj_xw4WcHLcM7TpzMOew_zl2wmiO-38IEsC7c5A3ZTQH-kCilM3LLcHQqfm7/s1600/Screen+Shot+2020-03-14+at+2.30.06+PM.png" imageanchor="1" style="font-family: Times; margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="420" data-original-width="799" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidd8DQcsap8Y5b60Kjr2-LxLfT9af3D73m-g3EfnZqk8ZmOyUqzSJwiPGFvskKr7pvZxzbuIe-UfRtbDomCj_xw4WcHLcM7TpzMOew_zl2wmiO-38IEsC7c5A3ZTQH-kCilM3LLcHQqfm7/s1600/Screen+Shot+2020-03-14+at+2.30.06+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Add Files/Actions' and in the new window that opens, click 'Android'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Name the Files/Actions appropriately<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiri9r1wHVDRDyM5n2iv9cAeQvNUBxyIhnE8FWJCFXjLVTYlUq2BALZt2hnwHrZonSgK9SLOogGqB3dxjxuQRrK_wJ_WQ-qBHu4l_ELSQrwmIDnaydyY-T-aa-cxIcsyVj0u0SEwtbHw1Ep/s1600/Screen+Shot+2020-03-14+at+2.24.05+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="560" data-original-width="1124" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiri9r1wHVDRDyM5n2iv9cAeQvNUBxyIhnE8FWJCFXjLVTYlUq2BALZt2hnwHrZonSgK9SLOogGqB3dxjxuQRrK_wJ_WQ-qBHu4l_ELSQrwmIDnaydyY-T-aa-cxIcsyVj0u0SEwtbHw1Ep/s1600/Screen+Shot+2020-03-14+at+2.24.05+PM.png" /></a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Manifest', followed by 'Add Action'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the 'Command Line and Arguments to run' form field, enter the intent you see in the Gist snippet below<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKqo_L6wOCrK-PTflNI4jbOijsdxmBqryGk_I0oBp0Wo2uBm6BhyphenhyphenOABTgIyqvfxtNxJ_z1v3JSWJCNUCXDDNQanIXn3T6l9Zz2ppX5U2pry300eGaYf2I-KBXrJRv93860YYqU87iu6bDe/s1600/Screen+Shot+2020-03-14+at+2.24.15+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="697" data-original-width="1331" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKqo_L6wOCrK-PTflNI4jbOijsdxmBqryGk_I0oBp0Wo2uBm6BhyphenhyphenOABTgIyqvfxtNxJ_z1v3JSWJCNUCXDDNQanIXn3T6l9Zz2ppX5U2pry300eGaYf2I-KBXrJRv93860YYqU87iu6bDe/s1600/Screen+Shot+2020-03-14+at+2.24.15+PM.png" /></a></span></li>
<script src="https://gist.github.com/HawaiiRyan/60b5b026de6c82996fbfd0178f9c476d.js"></script>
<li><span style="font-family: "verdana" , sans-serif;">Specify a timeout value of -1 and click 'Save'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">In 'Provisioning', click 'Product List View' followed by 'Add Product' and select 'Android'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Name the product appropriately, assign it to the appropriate smart group</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Manifest' followed by 'Add'</span></li>
<li><span style="font-family: "verdana" , sans-serif;">In the 'Actions to Perform' drop-down, select 'Install Files/Actions'</span><div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKliAU4yWmYvMg5UnSKVcrWozTNXNxwSc0x58cp5VKR3wlmFLVQNiFQIU0oRLJJ_lp5dKrgyjn6O-9754hqy-wXydszSeh8edZ7iHGZB36yeanU6AnVi70lfGx1pUrJtG2nh9ROm2VjuTo/s1600/Screen+Shot+2020-03-14+at+2.30.06+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="420" data-original-width="799" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKliAU4yWmYvMg5UnSKVcrWozTNXNxwSc0x58cp5VKR3wlmFLVQNiFQIU0oRLJJ_lp5dKrgyjn6O-9754hqy-wXydszSeh8edZ7iHGZB36yeanU6AnVi70lfGx1pUrJtG2nh9ROm2VjuTo/s1600/Screen+Shot+2020-03-14+at+2.30.06+PM.png" /></a></span></div>
</li>
<li><span style="font-family: "verdana" , sans-serif;"> Select your File/Action event you just created and click 'Save'</span><div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnHmv_U2_CXfKmz0BaB2-rKtntD0pNt864Iu2_BW6n_kpxYTxMoE7Q9k2gk95wDuHjVl5dqtk0je9z2VhU_JCKS5dIhmH1qcX0WrVOLbNiaOlCbHJx24cNKuTh-RFtFWt8cQb9a-D9jnUm/s1600/Screen+Shot+2020-03-14+at+2.31.19+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="412" data-original-width="758" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnHmv_U2_CXfKmz0BaB2-rKtntD0pNt864Iu2_BW6n_kpxYTxMoE7Q9k2gk95wDuHjVl5dqtk0je9z2VhU_JCKS5dIhmH1qcX0WrVOLbNiaOlCbHJx24cNKuTh-RFtFWt8cQb9a-D9jnUm/s1600/Screen+Shot+2020-03-14+at+2.31.19+PM.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Click 'Activate' followed by 'Activate' in the next window that appears<br />
</span></li>
</ol>
<span style="font-family: "verdana" , sans-serif;">To see what this looks like on a device without Workspace ONE Launcher; take a look at the video below when we use Product Provisioning to send this intent.</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dy-9tzt0UKldT46Hx8093OuyRQvW0L9OzuTTE7Ea5w05bBay33uFDoZNocCbAzH_YUXLE8E_zNKIxccZ5gJNw' class='b-hbp-video b-uploaded' frameborder='0'></iframe></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">In upcoming blog posts, we'll look at how to bring Workspace ONE Launcher in to the equation.</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Song of the day: Odesza - Don't Stop</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;"><br />
</span><iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/PZvFFezMTOU/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/PZvFFezMTOU?feature=player_embedded" width="320"></iframe></div>
<br />Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Kapaʻa, HI 96746, USA22.0881391 -159.337981822.029285599999998 -159.4186628 22.1469926 -159.2573008tag:blogger.com,1999:blog-3792012736265800115.post-16608470404409926552020-03-08T12:09:00.004-04:002020-06-25T14:48:38.177-04:00Force Android applications like Google Chrome to update in a zero-day/bug-fix/new-feature scenario with Workspace ONE<span style="font-family: "verdana" , sans-serif;">There is a real and immediate need for every organization to be able to quickly react to zero-day vulnerabilities or new application releases with features requiring immediate and precise cut-overs. The threat landscape is wider than ever, while the frequency of new application builds in a world of CI/CD pipelines decreases from days to hours; and everything supporting the business has exacting requirements that need to be met. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Workspace ONE and the EUC product line-up is really well equipped to handle any digital workspace use case on any major platform. When you offer all that with API's to manage identity, access management and secure edge services; you have API's for everything to provide secure remote access to resources. </span><span style="font-family: "verdana" , sans-serif;">What has been interesting to watch over the years is the utility, broad-appeal, varied-price points and proven capabilities of the Android OS. As the OS has matured from the era of Jelly Bean, KitKat and Lollipop; the number of use cases supported by Google devices surprises even the most seasoned veterans in tech. Let the numbers speak for themselves...</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">It has been almost one year since Google I/O 2019, where Stephanie Cuthbertson shared 2.5 billion Android devices were in use world wide. To put this in perspective, there are more devices running Android than iOS, macOS, and Windows 10 combined. Need a positive thought to dwell on? T</span><span style="font-family: "verdana" , sans-serif;">hink of the electricity savings realized by moving use cases to a platform like Android. Where the SoC chipset consumes 5 watts of power, while the OS packs in energy-saving features such as Doze and App Standby.</span><br />
<span style="font-family: "verdana" , sans-serif;"><a href="https://news.microsoft.com/bythenumbers/en/windowsdevices">https://news.microsoft.com/bythenumbers/en/windowsdevices </a></span><br />
<a href="https://www.theverge.com/2019/5/7/18528297/google-io-2019-android-devices-play-store-total-number-statistic-keynote" style="font-family: verdana, sans-serif;">https://www.theverge.com/2019/5/7/18528297/google-io-2019-android-devices-play-store-total-number-statistic-keynote</a><br />
<a href="https://www.theverge.com/2019/1/29/18202736/apple-devices-ios-earnings-q1-2019" style="font-family: verdana, sans-serif;">https://www.theverge.com/2019/1/29/18202736/apple-devices-ios-earnings-q1-2019</a><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Power savings are great, but for adoption to continue to expand and use cases to succeed; we need to show real, demonstrable examples of how to manage Android Enterprise applications at scale. It really isn’t a question of if you will have a need to immediately update a fleet of devices, but rather how prepared are you to do this? </span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">There is a large Android Enterprise use case that presented the opportunity to solve this. Start with some context; we’re looking at forcibly updating public Android applications enrolled in Android Enterprise. We want to install them at a specific time that satisfies our business requirements. </span><br />
<div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<span style="font-family: "verdana" , sans-serif;">Workspace ONE UEM offers an assortment of REST API endpoints that allow us to accomplish a variety of tasks including an API Endpoint with the ability to update </span><b style="font-family: verdana, sans-serif;">purchased</b><span style="font-family: "verdana" , sans-serif;"> Apple (e.g. Apple Business Manager, formerly Volume Purchase Program (VPP)) applications. But don’t mix this API Endpoint with the API endpoint to install/update public applications like those from Google Play. </span><br />
<div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <br />
<div>
<div>
<span style="font-family: "verdana" , sans-serif;">Public Applications in Android Enterprise are easily managed by Workspace ONE UEM. Behind the scenes you will see that that the Workspace ONE UEM API's interact with the Google's Play EMM API. We will cover the Play EMM API more in an upcoming post, but in this post we'll cover how we can interact with Play EMM using Workspace ONE UEM API's. </span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg67dIZydqogAgNo30vwKnkbGFGsrCpJB5LqzZtaR-C86yrTeC_hktxxB3sLbZfFuMU3vgd3ymrqD8ljNuayp4rRObFzm0EFJpTJtCAljozhv1BVrlnes9sa2y8v1kWZHlNRVdLRxEt_MsI/s1600/3rcfjh.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="367" data-original-width="680" height="344" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg67dIZydqogAgNo30vwKnkbGFGsrCpJB5LqzZtaR-C86yrTeC_hktxxB3sLbZfFuMU3vgd3ymrqD8ljNuayp4rRObFzm0EFJpTJtCAljozhv1BVrlnes9sa2y8v1kWZHlNRVdLRxEt_MsI/s640/3rcfjh.jpg" width="640" /></a></div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"></span><br />
<span style="font-family: "verdana" , sans-serif;">Let's get to it...what are the API endpoints?</span></div>
<div>
<html><br />
<head><br />
<style>
table, th, td {
border: 1px solid black;
border-collapse: collapse;
}
</style><br />
</head><br />
<body><br />
<table style="width: 100%;">
<tr> <th>HTTP Verb</th> <th>Workspace ONE UEM API Endpoint</th><th>HTTP Request Message Body</th> </tr>
<tr> <td>POST</td> <td>/mam/apps/public/{applicationid}/install</td><td> {<br />
"DeviceId": 1,<br />
"Udid": "6bf0f04c73681fbecfc3eb4f13cbf05b",<br />
"SerialNumber": "LGH871c18f631a",<br />
"MacAddress": "0x848506B900BA"<br />
} </td> </tr>
<tr> <td>GET</td> <td>/mam/apps/public/{applicationid}/devices</td><td> (no request payload, specify application ID in HTTP URL parameter) </td> </tr>
</table>
</body><br />
</html></div>
</div>
</div>
<div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><br />
</span><br />
<span style="font-family: "verdana" , sans-serif;">We see above that we have to POST an HTTP Message with a body that must contain one of the four key/value pairs. In this example I will use the deviceID. The API Endpoint URL requires a parameter to be specified for the application ID. To get the devices assigned to an application ID, we provide the app ID in the parameter of the API Endpoint URL. This is the numeric value of the public application from Workspace ONE UEM. To locate your public application ID's; navigate to; Apps & Books -> Native -> Public</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Hover your mouse over the application and then look for the URL to appear with the application ID in the lower left corner or click on the application and look in the Address Bar for the ID.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFOK5Y4AHk7P_IINDckPonCtPbMgRxHFtVVRJzeGgLdUEmm_hR9ArAes9tlNDlzqtb31xWeVsyIQxLad2lIsNSa0k2bA2UokkbBgtN9XGz20LH7ElV2pFnuvw55e00be4TU2ywQSWTTUCU/s1600/Screen+Shot+2020-03-02+at+8.14.51+PM.png" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="366" data-original-width="1560" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFOK5Y4AHk7P_IINDckPonCtPbMgRxHFtVVRJzeGgLdUEmm_hR9ArAes9tlNDlzqtb31xWeVsyIQxLad2lIsNSa0k2bA2UokkbBgtN9XGz20LH7ElV2pFnuvw55e00be4TU2ywQSWTTUCU/s1600/Screen+Shot+2020-03-02+at+8.14.51+PM.png" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">Tunnel is application ID 192</span></td></tr>
</tbody></table>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie2E9mWyxs72jrzOPmAGe4wrXqTxVwx2hbLa11iyN2kqlBFcue1AkLkzGqXk5WSju4ZgO042YdoKdYqJLRvtaaUz1cox7s_xqiSfad6WaaiKcMtN1TRPZD4wzDleft5Oo8H5gi46foqyEA/s1600/Screen+Shot+2020-03-03+at+12.16.03+AM.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="356" data-original-width="995" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie2E9mWyxs72jrzOPmAGe4wrXqTxVwx2hbLa11iyN2kqlBFcue1AkLkzGqXk5WSju4ZgO042YdoKdYqJLRvtaaUz1cox7s_xqiSfad6WaaiKcMtN1TRPZD4wzDleft5Oo8H5gi46foqyEA/s1600/Screen+Shot+2020-03-03+at+12.16.03+AM.png" /></span></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span style="font-family: "verdana" , sans-serif;">Google Chrome ID 223</span></td></tr>
</tbody></table>
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Application ID, check. Let's get some deviceID's assigned to the application now. We can make another API call to /mam/apps/public/{applicaitonid}/devices to get the deviceID's and store them in an object in Powershell. We can grab the devices assigned to Google Chrome with the snippet of code included below;</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <br />
<script src="https://gist.github.com/HawaiiRyan/4692cd45f09fc6aea54b24d092f8e290.js"></script><br />
<br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">In the HTTP Response Body for this API, you will have deviceID's returned in JSON like you see below;</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <script src="https://gist.github.com/HawaiiRyan/688ed32231e2d412a7a000ca2bee6ea1.js"></script><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Device ID, check. You store both the device ID's assigned to each respective application ID in an object in Powershell or Python, and then post a series of API calls with the device ID's stored in JSON in the HTTP request body to the API endpoint at /mam/apps/public/{applicationid}/install. </span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">Workspace ONE UEM calls the Google Play EMM API for each of your respective deviceID's, and forces an over-the-air (local Wi-Fi, 3G/4G/5G, wired ethernet) install/update of the application to the currently published version in the Google Play Store. Important to note: this does not work in air-gapped/offline scenarios, or scenarios where the Google Play Store is not enabled or available (e.g. AOSP without Google Play Store, or devices from manufacturers lacking licensing from Google Mobile Services, e.g Huawei, or custom-built hardware). If your device does not have Google Play Store enabled at the time the API call is made; Workspace ONE UEM will not know the Google Device ID of your device, and the device will not be able to receive the request to forcibly update the application.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">The curl command would look like this for a single device; but with the appropriate basic credentials, or OAuth 2.0 token (supported in newer Workspace ONE UEM versions). Your aw-tenant-code would also contain the appropriate API key that is scoped to access the resources.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span> <script src="https://gist.github.com/HawaiiRyan/095853668598c299f8cd87da088a869e.js"></script><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;"><br />
</span><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;">Once you send the HTTP Request to the API Endpoint above, a series of events will occur. Each event is covered in sequential order below;</span><br />
<br />
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Workspace ONE UEM retrieves a short-lived OAuth 2.0 token explicitly scoped to for the Google Play EMM API for your enterprise ID.</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Workspace ONE UEM retrieves the GoogleDeviceID and GoogleUserID for each Workspace ONE UEM device ID specified in the HTTP Request body in the /mam/apps/public/{applicationid}/install API call</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Google Play EMM API sends an EMM notification to the Android device in a pub/sub manner<br />
More details at; <a href="https://developers.google.com/android/work/play/emm-api/about-notifications">https://developers.google.com/android/work/play/emm-api/about-notifications</a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">If the device is powered on, provided outbound/inbound network connectivity, and Google Play is enabled on the device; an over-the-air update occurs<br />
More details about network firewall requirements at; <a href="https://static.googleusercontent.com/media/www.android.com/en//static/2016/pdfs/enterprise/Android-Enterprise-Migration-Bluebook_2019.pdf">https://static.googleusercontent.com/media/www.android.com/en//static/2016/pdfs/enterprise/Android-Enterprise-Migration-Bluebook_2019.pd</a>f</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Application installation process is requested on device, with Workspace ONE environment logs displaying Install Application Requested</span></li>
<li><span style="font-family: "verdana" , sans-serif;">The install command to install the APK is provided</span></li>
<li><span style="font-family: "verdana" , sans-serif;">The device returns a response to the Workspace ONE environment stating the installation is pending</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Package verification verifies application is signed properly by developer</span></li>
<li><span style="font-family: "verdana" , sans-serif;">SafetyNet Verify optionally verifies apk is not potentially harmful application<br />
<a href="https://android-developers.googleblog.com/2017/09/safetynet-verify-apps-api-google-play.html">https://android-developers.googleblog.com/2017/09/safetynet-verify-apps-api-google-play.html</a></span></li>
<li><span style="font-family: "verdana" , sans-serif;">APK installation occurs, upon completion, logs in Workspace ONE update to display the installation is confirmed.</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Application sample from device returns a response to the Workspace ONE environment stating the installation is complete</span></li>
</ol>
<div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOSox0Y3pGuXewXEJaJ1PX0qizjhV7VD92MSE-mR7I59I3BeZ6YmzMfD8Fvaj1wrud2ueYXhSF0ZQySOm2NHkmCbDJ0yBwdmIVwGFmhx8IToR0YNBTXvmnPsBQmg4-svDxgcNReo0DjT59/s1600/Screen+Shot+2020-03-06+at+9.42.05+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="599" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOSox0Y3pGuXewXEJaJ1PX0qizjhV7VD92MSE-mR7I59I3BeZ6YmzMfD8Fvaj1wrud2ueYXhSF0ZQySOm2NHkmCbDJ0yBwdmIVwGFmhx8IToR0YNBTXvmnPsBQmg4-svDxgcNReo0DjT59/s1600/Screen+Shot+2020-03-06+at+9.42.05+PM.png" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha8SOxsKU5aLeeQVu-O56X1zfb1E89oY1QwVM9gvCCOza-Z7h4k5uRXKypsZCYXW5-n4zx_IMF00dNdaaeu23qSiwyb24uYv3gJcNHvIe1uaEe43PWvDprmFiTZuIq81JN_PKFiuhdPvGp/s1600/Screen+Shot+2020-03-06+at+9.36.43+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="787" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEha8SOxsKU5aLeeQVu-O56X1zfb1E89oY1QwVM9gvCCOza-Z7h4k5uRXKypsZCYXW5-n4zx_IMF00dNdaaeu23qSiwyb24uYv3gJcNHvIe1uaEe43PWvDprmFiTZuIq81JN_PKFiuhdPvGp/s1600/Screen+Shot+2020-03-06+at+9.36.43+PM.png" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgC1jB8QAZ9Qls3uHNp5lcLNDT6S1vItbAHSy2EQUzoGQZmgSr4Eh4V-CJibXEge2OcmmRKvKBrhhsty6MrgGEuXQn1Q6lCbiQpzhNG3XjZmRBW5X98mmd4hDA8u2AJMw6m5BVuwNPZYIsj/s1600/Screen+Shot+2020-03-06+at+9.44.22+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="727" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgC1jB8QAZ9Qls3uHNp5lcLNDT6S1vItbAHSy2EQUzoGQZmgSr4Eh4V-CJibXEge2OcmmRKvKBrhhsty6MrgGEuXQn1Q6lCbiQpzhNG3XjZmRBW5X98mmd4hDA8u2AJMw6m5BVuwNPZYIsj/s1600/Screen+Shot+2020-03-06+at+9.44.22+PM.png" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: "verdana" , sans-serif;">Post install request, it takes less than one minute to complete the task.</span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXk6b4zEFpbRHrY0wxz0fSf5kgd4XPCUkAk-nNJfSECZ5Hp7IYLUpfWKtpAEY3HB78KJwGQMLz6q5rBxukpsIrKDP6H_d_kDKhXV0QIP0QmA7ZkmJIVlmxQVt4zR4THCYXT8aP3d7iXViW/s1600/device-2020-03-06-213920.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1600" data-original-width="900" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXk6b4zEFpbRHrY0wxz0fSf5kgd4XPCUkAk-nNJfSECZ5Hp7IYLUpfWKtpAEY3HB78KJwGQMLz6q5rBxukpsIrKDP6H_d_kDKhXV0QIP0QmA7ZkmJIVlmxQVt4zR4THCYXT8aP3d7iXViW/s640/device-2020-03-06-213920.png" width="360" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjW2YBHUOAwg1Ln7nrE_Ytq_7DBayxLhIcw5XuiAQuTMNncFRmk5sVYmXg9TFmgPc99TSEKZA0G7FIGEiss3Yc10MiPO89xDy32t-wjchQdl2YpZe7tKccgpheM5vaIyK7y19O22UnkHKSB/s1600/device-2020-03-06-214037.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1600" data-original-width="900" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjW2YBHUOAwg1Ln7nrE_Ytq_7DBayxLhIcw5XuiAQuTMNncFRmk5sVYmXg9TFmgPc99TSEKZA0G7FIGEiss3Yc10MiPO89xDy32t-wjchQdl2YpZe7tKccgpheM5vaIyK7y19O22UnkHKSB/s640/device-2020-03-06-214037.png" width="360" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif;">Looking at a Powershell script to get you started. This will force a public application to install or update on a fleet of devices assigned to application ID 223, this is Google Chrome in my scenario. You could run this Powershell script in Task Scheduler at a specific time.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<script src="https://gist.github.com/HawaiiRyan/9a740aded3015302382089d7b122e672.js"></script><br />
<span style="font-family: "verdana" , sans-serif;"><br />
</span></div>
<div>
<span style="font-family: "verdana" , sans-serif;">Things to consider;</span></div>
<div>
<ol>
<li><span style="font-family: "verdana" , sans-serif;">Google briefly caches the EMM notification request for a device, but not for a length of time that can be relied upon to deliver compliance if the device is offline.</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Devices currently using the application being updated will close the application before proceeding with the installation </span></li>
<li><span style="font-family: "verdana" , sans-serif;">If your use case requires an activity to be launched and running in the foreground to display a user interface (e.g. inflight entertainment software, point-of-sale software, electronic billboard display, etc); consider broadcasting an explicit intent of android.intent.action.MAIN to the desired Android activity after completing the update. Or using Workspace ONE Launcher in single app mode, with Launcher pinned to the foreground.</span></li>
<li><span style="font-family: "verdana" , sans-serif;">The device reports the results back in near real time to the console troubleshooting logs</span></li>
<li><span style="font-family: "verdana" , sans-serif;">Syncing the device from the console or from the Workspace ONE UEM API will force the device to upload results back to the console</span></li>
</ol>
</div>
<span style="font-family: Verdana, sans-serif;">Mahalo,</span><br />
<span style="font-family: Verdana, sans-serif;">Ryan Pringnitz</span></div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Anahola, HI, USA22.1452778 -159.315555622.0864498 -159.3962366 22.204105799999997 -159.2348746tag:blogger.com,1999:blog-3792012736265800115.post-85005138227088072552020-03-03T00:10:00.001-05:002020-06-25T14:49:18.532-04:00Submitting HTTP Requests to REST API endpoints in Workspace ONE UEM to retrieve devices<span style="font-family: "verdana" , sans-serif;">Usage and adoption of REST API's continues to increase, as the need to integrate services over the web is greater than it has ever been. One of the most frequently used API endpoints in Workspace ONE UEM is /API/mdm/devices. This API endpoint accepts a variety of parameters that help filter your result set to only include what is necessary, and reduce the payload size returned in the HTTP response. We will take a look at a quick example of how to perform this HTTP Request with Powershell and invoke-restmethod. Below is a simple Powershell script I was able to create for this example. Make sure to include base64 encoded credentials in a folder (c:\creds\b64.txt in the example), and to update the $apiKey object with an API key.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<script src="https://gist.github.com/HawaiiRyan/98c00ce7b62a2db6719e073eaac37650.js"></script><span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;">When reviewing the results from the object with $getDevices.Devices, the following is stored in the variable:</span></span><br />
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> </span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhagkHRvD21Tkooepl6Buy0FjECnO1vmr2LLxJ6N8ZOc4cEhdZJU3j6P1e1GbNLViSxXADhNvyIK_9KX9WHT9ZHkHaA576QbQX6q6KWCf-hy6ng53iZk8SIMFSr5OOkVQxdEA3QfkIWP4IH/s1600/Screen+Shot+2020-03-02+at+8.32.42+PM.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-family: "verdana" , sans-serif;"><img border="0" data-original-height="1086" data-original-width="1508" height="460" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhagkHRvD21Tkooepl6Buy0FjECnO1vmr2LLxJ6N8ZOc4cEhdZJU3j6P1e1GbNLViSxXADhNvyIK_9KX9WHT9ZHkHaA576QbQX6q6KWCf-hy6ng53iZk8SIMFSr5OOkVQxdEA3QfkIWP4IH/s640/Screen+Shot+2020-03-02+at+8.32.42+PM.png" width="640" /></span></a></div>
<span style="font-family: "verdana" , sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br />
</span><span style="font-family: "verdana" , sans-serif;"><br />
</span></span><br />
<span style="font-family: "verdana" , sans-serif;">This API really gives you quite a bit to work with, and VMware is really good about offering developers an assortment of APIs to report on, create, or update objects. Including API endpoints representing (less verbose) device details, or purpose-built API's with for application status, uploading applications, and so on. Use the /devices/litesearch API if you just want to retrieve basic device data in a smaller payload, which will allow front-end framework or native app to render it all the faster. You can request a content-type of either application/json, or application, xml. Whatever works easiest for you.</span><br />
<br />
<span style="font-family: Verdana, sans-serif;">Mahalo,</span><br />
<span style="font-family: Verdana, sans-serif;">Ryan Pringnitz</span>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Waimea Canyon State Park, Waimea Canyon Dr, Waimea, HI 96796, USA22.0714839 -159.6616774-1.8545005999999979 159.0297286 45.9974684 -118.3530834tag:blogger.com,1999:blog-3792012736265800115.post-55795865990000839892020-02-27T23:38:00.002-05:002021-08-04T07:15:57.236-04:00Zimperium Delivery and Activation on Android Enterprise with Workspace ONE UEM Product Provisioning<span style="font-family: "verdana" , sans-serif; font-size: normal;">A use case I am involved in required remotely delivering Zimperium zIPS, a mobile threat detection and response security product, to Android Enterprise devices with Workspace ONE UEM. Zimperium is an incredible mobile security product, which I will discuss more in upcoming blog posts. The way Workspace ONE and Zimperium compliment each other is ideal for securing devices running (Android and iOS supported). First we need to deliver zIPS; and this will cover the delivery and activation of zIPS on an Android Work Managed device with Workspace ONE UEM Product Provisioning.</span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;">For zIPS to secure a device, report threats back to Zimperium's zConsole and eventually Workspace ONE Intelligence; zIPS requires activation on each device. It sounds daunting, especially because it isn't just delivering an apk file and managed configuration. If you have a fleet of 15,000 or 150,000 devices; you wouldn't want to visit each point-of-sale kiosk, in-flight entertainment system, medical device, or ATM and launch zIPS; right? For zIPS to activate; zIPS must install with the correct managed configuration, granted permissions before application </span><span style="font-family: "verdana" , sans-serif; text-align: center;">runtime (to not interrupt the foreground activity, which is a secured, pinned Launcher), before finally passing an intent with Product Provisioning.</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;">The intent launches the Android application's package name and component class name required to activate zIPS. Once activation is attempted, zIPS will only register the device record with the zConsole if it is allowed. The device is allowed if the zConsole is already aware of the devices deviceID that it obtained from Workspace ONE UEM. zConsole obtains this with a series of ad-hoc API calls or by preloading the devices in a nightly sync (which is also performed with a series of API calls). </span><span style="font-family: "verdana" , sans-serif; font-size: normal;">Ensuring you have Workspace ONE UEM API's publicly accessible is a requirement for this integration to work. Because Workspace ONE is already on an Android device as a device owner in our use case, zIPS doesn't have to be device owner of the device for it to add another layer of security on the device.</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;">Think of intents as like command lines with arguments that you can explicitly send to a single thing (explicit intent), or to anything that can listen for that intent. These things that listen for intents are intent-filters in your application. I prefer explicit intents, as they are meant for a specific recipient. Adam Cozzette has a great article on intent spoofing for more about why this is a more secure choice. </span><a href="http://blog.palominolabs.com/2013/05/13/android-security/index.html"><span style="font-family: "verdana" , sans-serif; font-size: normal;">http://blog.palominolabs.com/2013/05/13/android-security/index.html</span></a></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;">Workspace ONE UEM can only run (or start) activities defined with </span><span style="background-color: white; color: #111111; font-family: "monaco" , "consolas" , "andale mono" , "dejavu sans mono" , monospace; white-space: nowrap;">android:exported=true</span><span style="font-family: "verdana" , sans-serif; font-size: normal;"> in the apks AndroidManifest.xml file. Google defines how intents work in the Android OS at: </span><a href="https://developer.android.com/guide/components/intents-filters" style="font-family: verdana, sans-serif;">https://developer.android.com/guide/components/intents-filters</a></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;">Knowing how intents, intent-filters and how your Android application can be managed with Workspace ONE Product Provisioning is really the key, and a really creative away to approach different use cases that were otherwise more challenging. For a comprehensive read on Product Provisioning, see VMware documentation at <a href="https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/1903/WS1_ProdProv_for_Android.pdf">https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/1903/WS1_ProdProv_for_Android.pdf</a></span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif;"><br />
</span> <span style="font-family: "verdana" , sans-serif;">The Product in Workspace ONE UEM has a manifest, which is one or many components you define. A component can be an application, profile, or Files/Actions. The file/action component has the capability of delivering commands as if they were running interactively from adb shell. The sequence of the component manifest is outlined below:</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;"><b><u>Overview:</u></b></span></span><br />
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><span style="font-size: normal;">1.</span><span style="font-stretch: normal; line-height: normal;"><span style="font-size: normal;"> </span></span><span style="font-size: normal;">Install Profile containing zIPS application configuration (key value pairs)<o:p></o:p></span></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">2.<span style="font-stretch: normal; line-height: normal;"> </span>Install zIPS application (apk)<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">3.<span style="font-stretch: normal; line-height: normal;"> </span>Install Profile granting zIPS permissions*<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">4.<span style="font-stretch: normal; line-height: normal;"> </span>Install Files/Actions containing first activity intent<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpLast" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">5.<span style="font-stretch: normal; line-height: normal;"> </span>Install Files/Actions containing second activity intent</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8DtF42mNTTUkUtEKnHoQJfzdvu5lq-ECZQ9e8Zy2myjNGoedYCGA67RI0o_QsTwCyTu_OHdgR58j4GUmvBEOzjbDDEiPOEW2gNf9Vbn7EnE0LezX_hVpU9Dl-ADiNGrJQxe_9vcgC4I-w/s1600/10.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="402" data-original-width="747" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8DtF42mNTTUkUtEKnHoQJfzdvu5lq-ECZQ9e8Zy2myjNGoedYCGA67RI0o_QsTwCyTu_OHdgR58j4GUmvBEOzjbDDEiPOEW2gNf9Vbn7EnE0LezX_hVpU9Dl-ADiNGrJQxe_9vcgC4I-w/s1600/10.png" /></a></span></div>
<div class="separator" style="clear: both; text-align: left;">
<u style="font-family: verdana, sans-serif; text-indent: -0.25in;"><b><span style="font-size: normal;">Product Manifest Step 1.</span></b></u></div>
<span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">1.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Navigate to Devices -> Provisioning -> Components -> Profiles</span></span><br />
<span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">2.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Add Profile’, and specify ‘Android’, followed by naming the profile appropriately</span></span><br />
<span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">3.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; font-size: normal;">In ‘Custom Settings’, click ‘Configure’ and paste the XML below with correct TenantID & DefaultChannel values:</span></span></div>
<div class="MsoListParagraphCxSpLast" style="margin: 0in 0in 0.0001pt 0.75in; text-indent: -0.25in;">
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;"><script src="https://gist.github.com/HawaiiRyan/19dd5f8e3a443eee821d5bb1c5d18ab8.js"></script></span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">4.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal;"> </span><span style="font-family: "verdana" , sans-serif;">Save Profile. Example screenshot from ‘Custom Settings’:</span></span></div>
<div class="MsoListParagraph" style="margin: 0in 0in 0.0001pt 0.75in;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia-hK4N3rU9OoH0wb1-TvGoNiT5l6gbV0hZnnEBD4MsAfCfrzk2C1HFC0BOuU-lTI1o1_ZoSA77co7YqGRnaU3lwa72ZKbf1LnSxjSO03v7BEHSlL6-5qRvAHvlrCfjWBqFLEoR28t0H5Q/s1600/02.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="514" data-original-width="818" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEia-hK4N3rU9OoH0wb1-TvGoNiT5l6gbV0hZnnEBD4MsAfCfrzk2C1HFC0BOuU-lTI1o1_ZoSA77co7YqGRnaU3lwa72ZKbf1LnSxjSO03v7BEHSlL6-5qRvAHvlrCfjWBqFLEoR28t0H5Q/s1600/02.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeqW2MhDdWoD4t8ChyphenhyphenGNbqTFebFY8ApskbqDDrv-ani5it3WmCwytQf6OEkgBRFMXVF7bZiFfLcK4dTci4GFxl0DdbZhVWUwwtPNz62szb3N4eXFaYs3UYruTT6P3Xt9rC0GPMJcPmxZMv/s1600/13.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="406" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeqW2MhDdWoD4t8ChyphenhyphenGNbqTFebFY8ApskbqDDrv-ani5it3WmCwytQf6OEkgBRFMXVF7bZiFfLcK4dTci4GFxl0DdbZhVWUwwtPNz62szb3N4eXFaYs3UYruTT6P3Xt9rC0GPMJcPmxZMv/s1600/13.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: normal;"><br />
</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: normal;"><br />
</span></div>
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><o:p></o:p></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0.0001pt 0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><b><u><span style="font-family: "verdana" , sans-serif;"><br />
</span> Product Manifest Step 2.</u></b></span></div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">1.<span style="font-stretch: normal; line-height: normal;"> </span>Navigate to Devices -> Provisioning -> Components -> Applications<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">2.<span style="font-stretch: normal; line-height: normal;"> </span>Add Application<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">3.<span style="font-stretch: normal; line-height: normal;"> </span>Upload the APK file for Zimperium<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpLast" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">4.<span style="font-stretch: normal; line-height: normal;"> </span>Once the APK upload completes. Save the application. Example screenshot from ‘Applications’ in the ‘Components’ section of the Workspace ONE UEM console</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIoW3wmwoNbFTe1PkJRbZFEjymZ3an0j4dKG84SB8kWH7QYd8aJK5zObZP3M46IwukB9VWNkWPb3mYipuuCU6l4uuB2pa-XiMaZB3sIivktshqKya2TOHJR6EEVpDJKA-ADKc88_e0o0LB/s1600/03.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="402" data-original-width="974" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjIoW3wmwoNbFTe1PkJRbZFEjymZ3an0j4dKG84SB8kWH7QYd8aJK5zObZP3M46IwukB9VWNkWPb3mYipuuCU6l4uuB2pa-XiMaZB3sIivktshqKya2TOHJR6EEVpDJKA-ADKc88_e0o0LB/s1600/03.png" /></span></a></div>
<div class="separator" style="clear: both; text-align: left;">
<b style="font-family: verdana, sans-serif; text-indent: -0.25in;"><u><span style="font-size: normal;"><br />
</span></u></b></div>
<div class="separator" style="clear: both; text-align: left;">
<b style="font-family: verdana, sans-serif; text-indent: -0.25in;"><u><span style="font-size: normal;"><br />
</span></u></b></div>
<div class="separator" style="clear: both; text-align: left;">
<b style="font-family: verdana, sans-serif;"><u><span style="font-size: normal;">Product Manifest Step 3.</span></u></b></div>
</div>
<div class="MsoNormal" style="margin: 0in 0in 0.0001pt 0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">* This step requires adding Zimperium IPS as a public application, as Permissions profiles will not let you define Permissions for internal application packages (com.zimperium.zips). </span></div>
<div class="MsoListParagraphCxSpFirst" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">1.<span style="font-stretch: normal; line-height: normal;"> </span>Navigate to Apps & Books -> Native -> Public<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">2.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Add Application’<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">3.<span style="font-stretch: normal; line-height: normal;"> </span>Select ‘Platform’ drop-down and specify ‘Android’<span style="font-size: normal;"><o:p></o:p></span></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkNsS9uIGwSAoIzI3xyGZdzDoeXJfPqU6E4GJNJORK_Zo35-fqkW7yrouM4Iyed3MuTYqfd6oXlezhGE0XU_31lpuumbPFHIWs3Sx-ldL1tcgROKZlbWE7d_70KLOBoELrXq4GcFyiKsih/s1600/04.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="468" data-original-width="654" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjkNsS9uIGwSAoIzI3xyGZdzDoeXJfPqU6E4GJNJORK_Zo35-fqkW7yrouM4Iyed3MuTYqfd6oXlezhGE0XU_31lpuumbPFHIWs3Sx-ldL1tcgROKZlbWE7d_70KLOBoELrXq4GcFyiKsih/s1600/04.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">4.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Next’ to search the application store<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in;">
<div class="separator" style="clear: both; text-align: center;">
</div>
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">5.<span style="font-stretch: normal; line-height: normal;"> </span>Complete the wizard to add the Zimperium IPS application as a ‘Public’ application.<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">6.<span style="font-stretch: normal; line-height: normal;"> </span>‘Public’ applications will show Zimperium Mobile IPS once this is complete</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvuTMLsPT9M4DQhxRhggvO2kUDRaURQi9ALtJedquc9RsuNqcYQVwVToZKy3GO5OQBPYJ8BdCbnqkUtfmhsEmHt-RK_OeGgI6RrOEYVmZ4S5Ux7BN1eSJhyXyePPfrae2qx26WRS5B6JdA/s1600/05.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="214" data-original-width="974" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgvuTMLsPT9M4DQhxRhggvO2kUDRaURQi9ALtJedquc9RsuNqcYQVwVToZKy3GO5OQBPYJ8BdCbnqkUtfmhsEmHt-RK_OeGgI6RrOEYVmZ4S5Ux7BN1eSJhyXyePPfrae2qx26WRS5B6JdA/s1600/05.png" /></a></span></div>
<span style="font-size: normal;"><span style="font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;"><o:p></o:p></span></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">7.<span style="font-stretch: normal; line-height: normal;"> </span>Navigate to Devices -> Provisioning -> Components -> Profiles<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">8.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Add Profile’, and specify ‘Android’, followed by naming the profile appropriately<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">9.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Permissions’ and click ‘Configure’<span style="font-size: normal;"><o:p></o:p></span></span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidiZyR5QbYCV-180rK9FRbuGj2aRyOZ1n1mGjNI2iSOse9eqX56cZQiXpt35HH8aUGitrReo1OuFespll0buz_hJ6_7PSShTDa_fVZDqSo1Au9_hzOeupDZ19NhU5NZ37Fcto7GTZgC0Dm/s1600/06.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="340" data-original-width="841" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEidiZyR5QbYCV-180rK9FRbuGj2aRyOZ1n1mGjNI2iSOse9eqX56cZQiXpt35HH8aUGitrReo1OuFespll0buz_hJ6_7PSShTDa_fVZDqSo1Au9_hzOeupDZ19NhU5NZ37Fcto7GTZgC0Dm/s1600/06.png" /></span></a></div>
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">10.<span style="font-stretch: normal; line-height: normal;"> </span>In the ‘Exceptions’ form-field, specify ZIMPERIUM Mobile IPS<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">11.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Configure’<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">12.<span style="font-stretch: normal; line-height: normal;"> </span>Ensure every permission requested is set to ‘Grant’</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiomoQ-KD0Q4PcV_qOtfd3RPxvxmJoXXK3eI8CMSKFvLXAcBe7PBX6Ot0t1cVAy6wT9i5p2Ag0BZHM_XhlKeSBGbVLN0NFZBV_-XdOjlXds0wAncrSo7pNUNzKVzMeAYi8LbZh5A8qZq2jN/s1600/07.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="641" data-original-width="768" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiomoQ-KD0Q4PcV_qOtfd3RPxvxmJoXXK3eI8CMSKFvLXAcBe7PBX6Ot0t1cVAy6wT9i5p2Ag0BZHM_XhlKeSBGbVLN0NFZBV_-XdOjlXds0wAncrSo7pNUNzKVzMeAYi8LbZh5A8qZq2jN/s1600/07.png" /></span></a></div>
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;"><o:p></o:p></span></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">13.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Save’<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpLast" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">14.<span style="font-stretch: normal; line-height: normal;"> </span>Ensure the profile is named appropriately in the ‘General’ tab, and click ‘Save’ </span><br />
<div class="separator" style="clear: both; text-align: left;">
<b style="font-family: verdana, sans-serif;"><u><span style="font-size: normal;"><br />
</span></u></b></div>
<div class="separator" style="clear: both; text-align: left;">
<b style="font-family: verdana, sans-serif;"><u><span style="font-size: normal;">Product Manifest Step 4.</span></u></b></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">1.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Navigate to Devices -> Provisioning -> Components -> Files/Actions</span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">2.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Add Files/Actions’</span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">3.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Select ‘Android’</span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">4.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Name the Add Files/Action component appropriately</span></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">5.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Manifest’</span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEix5WM6w4UrQ0Jw5g7HGX0LhTPqMYMIC7b6EpR8Wv6wQYNp7HColS5nshrR0fnQ9Ev1Zd3t6DLk2CcnBFTomUR9B0rk1_PclAcMC2Zc-TXnFEQF6HiEwMWFuF_mm-bx8Mo_pEI4-vOLxSft/s1600/08.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="297" data-original-width="720" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEix5WM6w4UrQ0Jw5g7HGX0LhTPqMYMIC7b6EpR8Wv6wQYNp7HColS5nshrR0fnQ9Ev1Zd3t6DLk2CcnBFTomUR9B0rk1_PclAcMC2Zc-TXnFEQF6HiEwMWFuF_mm-bx8Mo_pEI4-vOLxSft/s1600/08.png" /></span></a></div>
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">6.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Add Action’</span></span><br />
<span style="text-align: center; text-indent: -0.25in;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">7.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">In ‘Actions To Perform’, specify ‘Run Intent’</span></span><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EXarf0eHAo4PpRaQR-pq4EXVjEaAPXcKhS_pFcZYuytzhCB9bxu2I6IjOg283-Ipi8Q0ECV1bvFEoRtHzg1EQZ7fqfkwgkMGmEMWwrxFhgu0AxZn4CXJajqAv_MCKg8S7qMDQJ2_fvqb/s1600/12.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center; text-indent: -0.25in;"><span style="font-size: normal;"><img border="0" data-original-height="822" data-original-width="1556" height="338" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EXarf0eHAo4PpRaQR-pq4EXVjEaAPXcKhS_pFcZYuytzhCB9bxu2I6IjOg283-Ipi8Q0ECV1bvFEoRtHzg1EQZ7fqfkwgkMGmEMWwrxFhgu0AxZn4CXJajqAv_MCKg8S7qMDQJ2_fvqb/s640/12.png" width="640" /></span></a><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">8.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">In the ‘Command Line and Arguments to run’ form-field, specify:</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><br />
</span> <span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><script src="https://gist.github.com/HawaiiRyan/b85be0239fa7cc58fbac584689183e00.js"></script></span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">9.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">In the TimeOut value form-field, specify </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">-1</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">10.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Save’</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">11.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Save’ to save the Files/Actions</span></span><br />
<span style="font-size: normal;"><b style="font-family: verdana, sans-serif;"><u><span style="font-size: normal;"><br />
</span></u></b> <b style="font-family: verdana, sans-serif;"><u><span style="font-size: normal;">Product Manifest Step 5.</span></u></b></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">1.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Navigate to Devices -> Provisioning -> Components -> Files/Actions</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">2.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Add Files/Actions’</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">3.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Select ‘Android’</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">4.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Name the Add Files/Action component appropriately</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">5.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Manifest’ (as previously performed in Product Manifest Step 4).</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">6.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Add Action’</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">7.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">In ‘Actions To Perform’, specify ‘Run Intent’</span></span><br />
<span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><br />
</span> <br />
<div class="MsoNormal" style="margin: 0in 0in 0.0001pt 0.25in;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EXarf0eHAo4PpRaQR-pq4EXVjEaAPXcKhS_pFcZYuytzhCB9bxu2I6IjOg283-Ipi8Q0ECV1bvFEoRtHzg1EQZ7fqfkwgkMGmEMWwrxFhgu0AxZn4CXJajqAv_MCKg8S7qMDQJ2_fvqb/s1600/12.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="822" data-original-width="1556" height="338" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0EXarf0eHAo4PpRaQR-pq4EXVjEaAPXcKhS_pFcZYuytzhCB9bxu2I6IjOg283-Ipi8Q0ECV1bvFEoRtHzg1EQZ7fqfkwgkMGmEMWwrxFhgu0AxZn4CXJajqAv_MCKg8S7qMDQJ2_fvqb/s640/12.png" width="640" /></span></a></div>
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">8.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">In the ‘Command Line and Arguments to run’ form-field, specify:</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><br />
</span> <span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><script src="https://gist.github.com/HawaiiRyan/62c4530e8f718bc196f2831033bd9090.js"></script></span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">9.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">In the TimeOut value form-field, specify </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">-1</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">10.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Save’</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">11.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Save’ to save the Files/Actions</span></span></div>
<div class="MsoNormal" style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0.0001pt 0.5in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span></div>
<div class="MsoNormal" style="margin: 0in 0in 0.0001pt;">
<b><u><span style="font-family: "verdana" , sans-serif; font-size: normal;">Create Zimperium IPS Product</span></u></b><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"><br />
</span> <span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">1.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Navigate to Navigate to Devices -> Provisioning -> Product List View</span></span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">2.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Add Product’</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">3.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Specify ‘Android’</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">4.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Name the Product appropriately</span></span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">5.</span><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;"> </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Assign the product to the Smart Group of devices you want to receive Zimperium</span></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZjLGDkk-LLTwSeBLVjJ76WsC9FzCPAulzFkD3UySYZjSoZGkOziaTdDrS52srn_IAuk1OV3KwvpLGv11PEBy4g-sKaUp0pu1N0P9vc-rF9Km3yiRQsaYdQ2iekvwffJHk6Lq2C1J5i6bQ/s1600/09.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="499" data-original-width="639" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZjLGDkk-LLTwSeBLVjJ76WsC9FzCPAulzFkD3UySYZjSoZGkOziaTdDrS52srn_IAuk1OV3KwvpLGv11PEBy4g-sKaUp0pu1N0P9vc-rF9Km3yiRQsaYdQ2iekvwffJHk6Lq2C1J5i6bQ/s1600/09.png" /></span></a></div>
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;"><o:p></o:p></span></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">6.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Manifest'</span><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-stretch: normal; line-height: normal; text-indent: -0.25in;">7. </span><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">Click ‘Add’ to add each of the (5) components previously created. The order of the steps is;</span></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.75in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">1. Profile – App Config</span><br />
<span style="font-family: "verdana" , sans-serif; font-size: normal;">2. Application</span><br />
<span style="font-family: "verdana" , sans-serif; font-size: normal;">3. Profile – Permissions</span><br />
<span style="font-family: "verdana" , sans-serif; font-size: normal;">4. Files/Actions – DormancyStartActivity</span><br />
<span style="font-family: "verdana" , sans-serif; font-size: normal;">5. Files/Actions – ZipsActivity</span><br />
<span style="font-family: "verdana" , sans-serif; font-size: normal;">Example:</span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="margin-left: 1em; margin-right: 1em;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8DtF42mNTTUkUtEKnHoQJfzdvu5lq-ECZQ9e8Zy2myjNGoedYCGA67RI0o_QsTwCyTu_OHdgR58j4GUmvBEOzjbDDEiPOEW2gNf9Vbn7EnE0LezX_hVpU9Dl-ADiNGrJQxe_9vcgC4I-w/s1600/10.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="402" data-original-width="747" height="215" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8DtF42mNTTUkUtEKnHoQJfzdvu5lq-ECZQ9e8Zy2myjNGoedYCGA67RI0o_QsTwCyTu_OHdgR58j4GUmvBEOzjbDDEiPOEW2gNf9Vbn7EnE0LezX_hVpU9Dl-ADiNGrJQxe_9vcgC4I-w/s400/10.png" width="400" /></a></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;"> </span></div>
</div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">8. Click ‘Deployment’<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">9.<span style="font-stretch: normal; line-height: normal;"> </span>Ensure ‘Pause/Resume’ checkbox is checked<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">10.<span style="font-stretch: normal; line-height: normal;"> </span>Ensure ‘Product Type’ is ‘Required’<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">11.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Activate’<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">12.<span style="font-stretch: normal; line-height: normal;"> </span>Click ‘Save’<o:p></o:p></span></div>
<div class="MsoListParagraphCxSpMiddle" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">13.<span style="font-stretch: normal; line-height: normal;"> </span>Ensure the Product List View displays the product with a green icon, indicating the product is enabled</span><br />
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4Q1IzlB3PVosbEXcpI3D5ueJZqOrL1GF02E2FuyqH3mV2GA_CH7-gB0yrEu642kAeMGR_8dMgZtDjeNbZLmab1UAXbhp9BrYv_0bqHnr6hmnyOBK_kGROXHwex6POtRE-fSqi74YEe7oA/s1600/11.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="font-size: normal;"><img border="0" data-original-height="218" data-original-width="647" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4Q1IzlB3PVosbEXcpI3D5ueJZqOrL1GF02E2FuyqH3mV2GA_CH7-gB0yrEu642kAeMGR_8dMgZtDjeNbZLmab1UAXbhp9BrYv_0bqHnr6hmnyOBK_kGROXHwex6POtRE-fSqi74YEe7oA/s1600/11.png" /></span></a><br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;"><o:p></o:p></span></span></div>
<div class="MsoListParagraphCxSpLast" style="margin: 0in 0in 0.0001pt 0.5in; text-indent: -0.25in;">
<span style="font-family: "verdana" , sans-serif; font-size: normal;">14.<span style="font-stretch: normal; line-height: normal;"> </span>Devices will begin to receive Zimperium at this time. The product will take under 1 minute to complete with broadband connectivity. Allow additional time for step 2 to complete the APK download in bandwidth constrained environments.</span><br />
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span> <span style="font-family: "verdana" , sans-serif; font-size: normal;">Note:</span><br />
<br />
<br />
<br />
<br />
<li><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">If the permissions profile does not have Zimperium zIPS added as an ‘Exception’, not all permissions requested by zIPS will be granted automatically.</span></li>
<li><span style="font-family: "verdana" , sans-serif; text-indent: -0.25in;">If your device has Launcher pinned and running in the foreground, Zimperium zIPS will need to be added as a hidden application in Launcher, unless you wish for application icon to be visible in Launcher</span></li>
<br />
<br />
<br />
<span style="font-size: normal;"><span style="font-family: "verdana" , sans-serif;"> Once zIPS is protecting your device, there is a patented z9 engine that runs in the background on the device. The device remains protected in both connected and air-gapped/offline use cases. The z9 engine operates in tandem with configurable policies with remediation actions based on the configurable responses. To see the delivery in action, take a look at a video that I used in a prior blog post. </span></span><br />
<span style="font-family: "verdana" , sans-serif; font-size: normal;"><br />
</span></div>
<div>
<div style="text-align: center;">
<span style="font-size: normal;"><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dztq7K6DVtVdQKxlzWTG18On_Xp43Npm92zdq0cgxTLuh2BZOoB58vUov8zEwqarY6M0D4fzeTFKkLPOe6IGw' class='b-hbp-video b-uploaded' frameborder='0'></iframe></span><br />
<span style="font-size: normal;"><br /></span>
<span style="font-size: normal;"><br /></span>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; font-size: normal;">Mahalo,</span></div>
<div style="text-align: left;">
<span style="font-family: Verdana, sans-serif; font-size: normal;">Ryan Pringnitz</span></div>
</div>
</div>
<div class="MsoNormal" style="margin: 0in 0in 0.0001pt;">
<br /></div>
</div>
Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Poipu, Koloa, HI 96756, USA21.8833158 -159.468179321.8538468 -159.50851980000002 21.912784799999997 -159.4278388tag:blogger.com,1999:blog-3792012736265800115.post-82483411065906701882020-01-31T19:19:00.006-05:002021-03-02T08:55:56.715-05:00Capturing and creating configurations with Workspace ONE UEM API's<span face=""verdana" , sans-serif">API's in Workspace ONE UEM continue to be a popular topic when working with clients. API's allow you to integrate other products and services; while also giving you the flexibility to build your own toolsets if needed. Treating enterprise configurations as source code is one challenge I have been working on lately, and in this blog post we will look at creating Android profiles with the appropriate configuration with Workspace ONE UEM API's.</span><br />
<br />
<html><br />
<head><br />
<style>
table, th, td {
border: 1px solid black;
border-collapse: collapse;
}
</style><br />
</head><br />
<body><br />
<table style="width: 100%;">
<tr> <th>HTTP Verb</th> <th>Workspace ONE UEM API Endpoint</th> </tr>
<tr> <td>GET</td> <td>/profiles/{profileId}</td> </tr>
<tr> <td>POST</td> <td>/profiles/platforms/android/create</td> </tr>
</table>
<br />
</body><br />
</html><br />
<span face=""verdana" , sans-serif">The table above lists the HTTP verb and API endpoints being used in this example.</span><br />
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif">If you have a development, user acceptance testing and production environment; you could capture the configuration used in development. Then post the configuration to the API endpoint in UAT and production. This should reduce mistakes when committing your changes, and allow you to store your configurations in a centralized software code management tool. </span><br />
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif">Lets look at how to capture the profile. Below you see the cURL code snippet for a profile ID with a value of 86:</span><br />
<span face=""verdana" , sans-serif"><br /></span><br />
<script src="https://gist.github.com/HawaiiRyan/a8c34e6da7c2aee5ed0112ab5f0c303f.js"></script>
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif">The result set returns as JSON, and is as follows:</span><br /><br />
<span face=""verdana" , sans-serif"><br /></span>
<script src="https://gist.github.com/HawaiiRyan/b1d54a2dc62734013f94cadcc817043d.js"></script>
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif">Interesting. Lets break down some of the important details, especially as they could vary from environment to environment. The ManagedLocationGroupID has a numeric value of 570, the password is hidden, and we can see the profile is for Android devices. Every organization group (OG) in Workspace ONE UEM has a numeric value assigned to it. The value of 570 is important to note. If your development environment has different OG ID than your other environment, make sure to put the correct 'ManagedLocationGroupID value in its place. The password is not returned for security reasons, and this will need to be updated as well.</span><br />
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif">Let's look at creating this profile in another environment. Below you see the profiles already in a environment:</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj4g_Jpxl3BT484YD1gs03lgsQT6q_pA269bc4sdt7VrLWBFwqK7M75dQbg-C990wLwWw972aQc7BCUvaESjk_87RzxgPPfJKEnwDe5QCfp2wD075N9hgv4o3x-3MnXCUJAsfpDpII-00m/s1600/Screen+Shot+2020-01-31+at+6.55.02+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="289" data-original-width="1600" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgj4g_Jpxl3BT484YD1gs03lgsQT6q_pA269bc4sdt7VrLWBFwqK7M75dQbg-C990wLwWw972aQc7BCUvaESjk_87RzxgPPfJKEnwDe5QCfp2wD075N9hgv4o3x-3MnXCUJAsfpDpII-00m/s16000/Screen+Shot+2020-01-31+at+6.55.02+PM.png" /></a></div>
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif"><br /></span><br />
<span face=""verdana" , sans-serif">Here we have the JSON which will be included in the POST. I have updated the password values before issuing the cURL command:</span><br />
<span face=""verdana" , sans-serif"><br /></span><br />
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif">After we send the POST request, the HTTP request returns a 200 numeric value, which indicates success. The cURL code issued to the API endpoint is below for reference:</span><br />
<span face=""verdana" , sans-serif"><br /></span><br />
<script src="https://gist.github.com/HawaiiRyan/601965f2e4bf76ffe0ecab5f3037bf2d.js"></script>
<span face=""verdana" , sans-serif" style="color: blue;"><br /></span>
<span face=""verdana" , sans-serif" style="color: blue;"><br /></span>
<span face=""verdana" , sans-serif">Finally we see the profile is created in the environment, as expected:</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpqkg0K0nlMMcu4jIdDD4b9YJ5Bhl7sTRXqAB_F923o9-oxLBN9Wk3iUQO8dcrx3t9dr9ojD0Kr7-XjKeqNKH5D_PCG-QdEuUJX5KhfuRbfz18hyphenhyphenws0HRu_g7Yh-4UJwOdySm5EXFuYYn-/s1600/Screen+Shot+2020-01-31+at+7.11.00+PM.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="124" data-original-width="1600" height="48" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpqkg0K0nlMMcu4jIdDD4b9YJ5Bhl7sTRXqAB_F923o9-oxLBN9Wk3iUQO8dcrx3t9dr9ojD0Kr7-XjKeqNKH5D_PCG-QdEuUJX5KhfuRbfz18hyphenhyphenws0HRu_g7Yh-4UJwOdySm5EXFuYYn-/s640/Screen+Shot+2020-01-31+at+7.11.00+PM.png" width="640" /></a></div>
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif"><br /></span>
<span face=""verdana" , sans-serif">In our software code management repository, we would commit the captured configuration. Then when committing changes to different environments (or recovering if the environment is lost), we would send the POST request. This allows us to create configurations in different environments.</span><br />
<span face=""verdana" , sans-serif"><br /></span>
<span face="verdana, sans-serif">Mahalo,</span><br />
<span face="verdana, sans-serif">Ryan Pringnitz</span>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0tag:blogger.com,1999:blog-3792012736265800115.post-53928651517985408852020-01-08T22:03:00.000-05:002020-06-23T16:13:37.608-04:00How to use Powershell with the Workspace ONE UEM API to search for users<span style="font-family: Verdana, sans-serif;">Using API's has been infinitely helpful in integrating Workspace ONE UEM with other enterprise services and applications. A question was asked recently about forming the correct HTTP header using Powershell, and returning the users in the users. Below is an example Powershell script I was able to create for this example. Make sure to include base64 encoded credentials in a folder (c:\creds\b64.txt in the example), and to update the $apiKey variable with an API key.</span><br />
<span style="font-family: Verdana, sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span>
</span><br />
<div class="p1">
<div class="p1" style="background-color: white; color: #757575; font-size: 15px;">
<span style="color: darkgreen; font-family: Verdana, sans-serif;">#Workspace ONE UEM Environment Address / Authentication </span></div>
<div class="p2" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><span class="s2" style="color: orangered;">$addy</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span>"https://ws1.molokaibank.com"</span></div>
<div class="p2" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><span class="s2" style="color: orangered;">$b64</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s5" style="color: blue;">Get-Content</span><span class="s3" style="color: black;"> </span><span class="s6" style="color: navy;">-Path</span><span class="s3" style="color: black;"> </span>"c:\creds\b64.txt"</span></div>
<div class="p2" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><span class="s2" style="color: orangered;">$apiKey</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span>"apikey"</span></div>
<div class="p3" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;">$b64EncodedAuth<span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s7" style="color: darkred;">"</span>$b64<span class="s7" style="color: darkred;">"</span></span></div>
<div class="p4" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="p1" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;">#<span style="color: darkgreen;">Header</span></span></div>
<div class="p2" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><span class="s2" style="color: orangered;">$content</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span>"application/json"<span class="s3" style="color: black;"> </span></span></div>
<div class="p3" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;">$authHeader<span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s7" style="color: darkred;">"Basic "</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">+</span><span class="s3" style="color: black;"> </span>$b64EncodedAuth</span></div>
<div class="p4" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><span class="s2" style="color: orangered;">$header</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> @{</span><span style="color: darkred;">"Authorization"</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s2" style="color: orangered;">$authHeader</span><span class="s3" style="color: black;">; </span><span style="color: darkred;">"aw-tenant-code"</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s2" style="color: orangered;">$apiKey</span><span class="s3" style="color: black;">; </span><span style="color: darkred;">"Accept"</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s2" style="color: orangered;">$content</span><span class="s3" style="color: black;">; </span><span style="color: darkred;">"Content-Type"</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s2" style="color: orangered;">$content</span><span class="s3" style="color: black;">}</span></span></div>
<div class="p4" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="p4" style="background-color: white; color: #757575; font-size: 15px;">
<span style="color: darkgreen; font-family: Verdana, sans-serif;">#Get Users from Workspace ONE API</span></div>
<div class="p2" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;"><span class="s2" style="color: orangered;">$getUsers</span><span class="s3" style="color: black;"> </span><span class="s4" style="color: darkgrey;">=</span><span class="s3" style="color: black;"> </span><span class="s5" style="color: blue;">Invoke-RestMethod</span><span class="s3" style="color: black;"> </span><span class="s6" style="color: navy;">-Uri</span><span class="s3" style="color: black;"> </span>"<span class="s2" style="color: orangered;">$addy</span>/API/system/users/search"<span class="s3" style="color: black;"> </span><span class="s6" style="color: navy;">-Headers</span><span class="s3" style="color: black;"> </span><span class="s2" style="color: orangered;">$header</span></span></div>
<span style="font-family: Verdana, sans-serif;"><br style="background-color: white; color: #757575; font-size: 15px;" /></span>
<div class="p3" style="background-color: white; color: #757575; font-size: 15px;">
<span style="font-family: Verdana, sans-serif;">$getUsers<span class="s4" style="color: darkgrey;">.</span><span class="s3" style="color: black;">Users<span class="Apple-converted-space"> </span></span></span></div>
</div>
<span style="font-family: Verdana, sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">When reviewing the results from the object with $getUsers.Users, the following is stored in the variable:</span></span><br />
<span style="font-family: Verdana, sans-serif;"><span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcBexTViHp-SQndYxOF7c2kazynPMYTnqZNn6ZvyzSygw5zIMFIxuCyu4skdWlWRWxtZt13L2VGtpGg4gNiJrH2psRs7hnJAvEwfGimQzC_2k-BOgmt1j6hb09A72z7cu1Cy6B2jrt1Txh/s1600/Screen+Shot+2020-01-08+at+10.02.28+PM.png" imageanchor="1"><img border="0" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcBexTViHp-SQndYxOF7c2kazynPMYTnqZNn6ZvyzSygw5zIMFIxuCyu4skdWlWRWxtZt13L2VGtpGg4gNiJrH2psRs7hnJAvEwfGimQzC_2k-BOgmt1j6hb09A72z7cu1Cy6B2jrt1Txh/s640/Screen+Shot+2020-01-08+at+10.02.28+PM.png" width="640" /></a></span></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<span style="font-family: Verdana, sans-serif;">Mahalo,</span><br />
<span style="font-family: Verdana, sans-serif;">Ryan Pringnitz</span>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Kalamazoo, MI, USA42.2917069 -85.587228642.1037199 -85.9099521 42.4796939 -85.264505100000008tag:blogger.com,1999:blog-3792012736265800115.post-27858468012032987822020-01-08T18:46:00.000-05:002020-06-23T16:13:07.883-04:00Workspace ONE UEM Product Provisioning for Android - Troubleshooting via Job Log Level<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]-->
<!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves/>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="376">
<w:LsdException Locked="false" Priority="0" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Mention"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Smart Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hashtag"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Unresolved Mention"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Smart Link"/>
</w:LatentStyles>
</xml><![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;
mso-font-charset:0;
mso-generic-font-family:roman;
mso-font-pitch:variable;
mso-font-signature:-536870145 1107305727 0 0 415 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;
mso-font-charset:0;
mso-generic-font-family:swiss;
mso-font-pitch:variable;
mso-font-signature:-536858881 -1073732485 9 0 511 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-unhide:no;
mso-style-qformat:yes;
mso-style-parent:"";
margin:0in;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
.MsoChpDefault
{mso-style-type:export-only;
mso-default-props:yes;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:Calibri;
mso-fareast-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;
mso-header-margin:.5in;
mso-footer-margin:.5in;
mso-paper-source:0;}
div.WordSection1
{page:WordSection1;}
</style>
</div>
-->
<!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
<!--StartFragment-->
<!--EndFragment--><div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">Product provisioning in Workspace ONE UEM is an incredibly
useful feature. We are often able to deliver resources or manage a device without the use of product provisioning, but there will be use cases that require additional capabilities.</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">Product provisioning allows for actions to be defined in a product manifest, with actions being completed in a sequential order. These actions can be placed in the correct order to achieve the required outcome. If there is a failure in a step, the delivery will stop at the step that failed. The success or failure of each action can be logged for auditing or troubleshooting. Optionally, debug mode can be used to identify root causes remotely. Debug mode level can be turned on by organization group, allowing large groups of devices to have results recorded, or on individual endpoints. </span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">One action that I have become very familiar with is remotely delivering an intent to an activity in my Android application. The ability to review failures remotely with debug mode would be a huge help in this use case, as I could verify testing was completed with the updated version of the action. To achieve the successful delivery, I would modify each action as necessary and iteratively validate the actions success. Running the intent would remotely initiate startActivity with the action, package and class specified in Workspace ONE UEM. This would occur after APK installation is complete, and would allow for my use case to communicate with a service hosted in a virtual private cloud. Following this, my use case would rely on pub/sub messaging (Google FCM high priority message) to communicate. All of this was possible only after eliminating race conditions, applying appropriate managed configuration and permissions.</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">Workspace ONE UEM has made it easy to troubleshoot product provisioning with the use of debug mode. Before we dive in to product provisioning further, we will review methods to override debug mode.</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">Individual Device:</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">1. In the Workspace ONE UEM console, navigate to:</span><br />
<span style="font-family: Verdana, sans-serif;">Devices -> List View</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">2. Locate your device, and click on the device to review the device details</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">3. In the upper right corner, click 'More Actions', followed by 'Override Job Log Level'</span></div>
<div class="MsoNormal">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaMft2dL5cTkgvhhA31m6oZl0OtV8ab6jzdcoXepg8WdeUScIVW8-KBfRlXrIcHPE67Hz-lZdLShuFVNTwWdcjcqFbPZ3m29cPyuJRsKOKRIePDuyfXu1A9zzjC0WqWlVRLnfeumZXsBc/s1600/_01+-+Override.png" imageanchor="1"><span style="font-family: Verdana, sans-serif;"><img border="0" height="327" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeaMft2dL5cTkgvhhA31m6oZl0OtV8ab6jzdcoXepg8WdeUScIVW8-KBfRlXrIcHPE67Hz-lZdLShuFVNTwWdcjcqFbPZ3m29cPyuJRsKOKRIePDuyfXu1A9zzjC0WqWlVRLnfeumZXsBc/s640/_01+-+Override.png" width="640" /></span></a></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">4. In the window that appears, at the top there is a drop-down. I will use 'Verbose', in order to capture as much detail as possible. Enter your PIN to proceed<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyNVvsQG3GlZfM5I-cXtjZwpmX220nmRe9PTmPfiMVDu-xGOsF-g55VZZsPzf5lB5tAV4TrIaTW8w5D0eua8AZX8xffdwFk9tsPyutVsDo_vQ7yewlG8lVV3Ru8-vcXgmnIkA_QYRkGnE-/s1600/_02+-+Override.png" imageanchor="1"><img border="0" height="467" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyNVvsQG3GlZfM5I-cXtjZwpmX220nmRe9PTmPfiMVDu-xGOsF-g55VZZsPzf5lB5tAV4TrIaTW8w5D0eua8AZX8xffdwFk9tsPyutVsDo_vQ7yewlG8lVV3Ru8-vcXgmnIkA_QYRkGnE-/s640/_02+-+Override.png" width="640" /></a></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">5. Activate the product. Let the delivery occur.</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">6. Once delivery has completed, in the device details, click 'More' followed by 'Products'</span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmW_fz82kZcmVdul0OZz7lQqRxb6-yBOGi41j_sikACC_z9BRdMPRqEUob2gg151lJJI1JGzk2KJx_ZcWjoQq3VwMVPRDq_gkaas2psDn4t8UjDsKQDguz0W3oeFaKSNX3znueUcW0ehkK/s1600/DeviceProd-Jobs+02.png" imageanchor="1"><span style="font-family: Verdana, sans-serif;"><img border="0" height="313" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgmW_fz82kZcmVdul0OZz7lQqRxb6-yBOGi41j_sikACC_z9BRdMPRqEUob2gg151lJJI1JGzk2KJx_ZcWjoQq3VwMVPRDq_gkaas2psDn4t8UjDsKQDguz0W3oeFaKSNX3znueUcW0ehkK/s640/DeviceProd-Jobs+02.png" width="640" /></span></a><br />
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">6. In the next window that opens, click magnifying glass to review the job history</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_y0osgJL3PFLJWqnmgEQe1Nrd-eX7fed9vg9180A-8YOzG9yBXg6s4TmxxYMTMRppuIJnARIfY2ipwfIlde0ja5yGjOMr17NPoN8PgIpFLZRS8kI1rHBvFwETlBEfKDnIBNiiojIykdoV/s1600/_03+-+Override_Product.png" imageanchor="1"><span style="font-family: Verdana, sans-serif;"><img border="0" height="208" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_y0osgJL3PFLJWqnmgEQe1Nrd-eX7fed9vg9180A-8YOzG9yBXg6s4TmxxYMTMRppuIJnARIfY2ipwfIlde0ja5yGjOMr17NPoN8PgIpFLZRS8kI1rHBvFwETlBEfKDnIBNiiojIykdoV/s640/_03+-+Override_Product.png" width="640" /></span></a><br />
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">7. Click the magnifying glass to review the debug logs remotely</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwlaxlaGSVkY4HUveC7F1JqPK3oS2hjACrEUy9ZQh6LnIaQG6cTWDc8RWZwLOZwLHp5g4voIkDqt7rX3g3O-fy9N-1R7viVRJeeSUkNoouaOaTyX50a9fkBt0o6kDS0PIQTYWUgNcRsFDB/s1600/DeviceProd-Jobs+03.png" imageanchor="1"><img border="0" height="32" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwlaxlaGSVkY4HUveC7F1JqPK3oS2hjACrEUy9ZQh6LnIaQG6cTWDc8RWZwLOZwLHp5g4voIkDqt7rX3g3O-fy9N-1R7viVRJeeSUkNoouaOaTyX50a9fkBt0o6kDS0PIQTYWUgNcRsFDB/s640/DeviceProd-Jobs+03.png" width="640" /></a></span><br />
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">8. Verbose logs are displayed. At this time you are able to validate the version of each action delivered, and failure that would occur</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">Example: Successful deployment with verbose mode enabled</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi76BLhbBJukmxjV5D2HeunspXEEW1j_evz8OFSNqyc0X0jhUP1KRAf6U5l_9gMp3jVLrbM1BmuUFsV84vPD6pM1N70Mb4CBaiD0GT9DawTYRSpQDsAT2sc91a10n5bH9T4vgKBA4UbOjvz/s1600/DeviceProd-Jobs+04.png" imageanchor="1"><img border="0" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi76BLhbBJukmxjV5D2HeunspXEEW1j_evz8OFSNqyc0X0jhUP1KRAf6U5l_9gMp3jVLrbM1BmuUFsV84vPD6pM1N70Mb4CBaiD0GT9DawTYRSpQDsAT2sc91a10n5bH9T4vgKBA4UbOjvz/s640/DeviceProd-Jobs+04.png" width="568" /></a></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">Example: Successful deployment with log level left at default. Note the lack of ability to review logs or click the magnifying glass.</span></div>
<div class="MsoNormal">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3SfROs1U8kk4DNmN26W12_PAX7FHpVyCZIXGDPJTwNMwXxxwoOP2TvAAoU2B_KKGHMyumA4OAIDqIJcH1jsBLSsgn3SK7XbdBHRCLI_xm6L4V_fCyg4KVnpiO7WTrBllADuLKVlFF_qFU/s1600/DeviceProd-Jobs+05.png" imageanchor="1"><span style="font-family: Verdana, sans-serif;"><img border="0" height="88" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3SfROs1U8kk4DNmN26W12_PAX7FHpVyCZIXGDPJTwNMwXxxwoOP2TvAAoU2B_KKGHMyumA4OAIDqIJcH1jsBLSsgn3SK7XbdBHRCLI_xm6L4V_fCyg4KVnpiO7WTrBllADuLKVlFF_qFU/s640/DeviceProd-Jobs+05.png" width="640" /></span></a></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">To modify the Job Log Level for all devices in an organization group; navigate in the Workspace ONE UEM console to Intelligent Hub Settings and select the appropriate logging level. To access Intelligent Hub Settings, navigate to:</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">Groups & Settings -> Devices & Users -> Android -> Intelligent Hub Settings</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0zPKsFKr8evft9CTP-63hQ6pbIG3WIay2luCifvtXabQywo350f8sciq4-VRvaN71Uzf74A0mRVb9xX9Ucb9Ba0kNrpFST768rpUEqeg_SB4kTeDH6ijJUfK4DWmwwd4ER37wnSIPaLEK/s1600/DeviceProd-Jobs+06.png" imageanchor="1"><span style="font-family: Verdana, sans-serif;"><img border="0" height="403" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0zPKsFKr8evft9CTP-63hQ6pbIG3WIay2luCifvtXabQywo350f8sciq4-VRvaN71Uzf74A0mRVb9xX9Ucb9Ba0kNrpFST768rpUEqeg_SB4kTeDH6ijJUfK4DWmwwd4ER37wnSIPaLEK/s640/DeviceProd-Jobs+06.png" width="640" /></span></a></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;">If you have access to the device itself, you can open Hub and review the product delivery. The video below captures the device receiving the product. You can see when the activity is started in the video, as the activity tries to appear in the foreground, while VMware Launcher is in the foreground. VMware Launcher in this use case remains in the foreground, with the activity starting services required to operate in the background.</span></div>
<div class="MsoNormal">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Verdana, sans-serif;"><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='320' height='266' src='https://www.blogger.com/video.g?token=AD6v5dwiv28rOCEGYA3mfzIy7r_Dv-UE9zaesc1MNMDpZ3Ygiw3I7fGKqv9jOqq67pZpo3wrkXPvV3-VTY1J0Z0mOw' class='b-hbp-video b-uploaded' frameborder='0'></iframe></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Verdana, sans-serif;">Mahalo,</span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Verdana, sans-serif;">Ryan Pringnitz</span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="font-family: Verdana, sans-serif;"><br /></span></div>
<div class="separator" style="clear: both; text-align: left;">
<span style="font-family: Verdana, sans-serif;">References:</span></div>
<a href="https://developer.android.com/guide/components/intents-common" target="_blank"><span style="font-family: Verdana, sans-serif;">Android Developers - Common Intents</span></a><br />
<a href="https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/1903/WS1_ProdProv_for_Android.pdf" target="_blank"><span style="font-family: Verdana, sans-serif;">VMware Workspace ONE UEM 1903 - Product Provisioning for Android</span></a>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0Hanalei, HI, USA22.2033221 -159.497745522.1739211 -159.53808600000002 22.2327231 -159.457405tag:blogger.com,1999:blog-3792012736265800115.post-38790011363946801232020-01-03T11:43:00.000-05:002020-06-23T16:12:38.024-04:00The beginning...<span style="font-family: "verdana" , sans-serif;">Ad revenue from this blog will be donated to <a href="http://kzoolf.org/about-klf">Kalamazoo Loaves and Fishes</a>, a non-profit in Kalamazoo, MI. This blog is to share lessons learned along the digital workspace journey. Disclaimer: To avoid potential liability, there is no guarantee in the methods documented. Each use case is unique to its design, architecture, and configuration. </span><span style="font-family: "verdana" , sans-serif;">You must always test and validate.</span><span style="font-family: "verdana" , sans-serif;"> Posts and viewpoints are my own, and do not represent the views of any company.</span><br />
<span style="font-family: "verdana" , sans-serif;"><br /></span>
<span style="font-family: "verdana" , sans-serif;">Mahalo,</span><br />
<span style="font-family: "verdana" , sans-serif;">Ryan Pringnitz</span>Ryan Pringnitzhttp://www.blogger.com/profile/14434653632223655639noreply@blogger.com0