Posts

Delivering Managed Configurations (key/value pairs) to Android applications with Workspace ONE UEM profiles

Image
Applications often have secrets that should not be hardcoded in the source code. This poses a challenge for developers, as ProGuard can change classes and method names, it won't help with secrets. Examples of secrets that can be removed from application source code include an API key or a OAuth refresh token. Another capability is for the MDM to dynamically deliver values to the application, such as the current logged in user, device serial number, or organization group. Google has made it more challenging to access non-resettable device identifiers like the serial number in recent years, and this remains a viable solution to provide non-resettable device identifiers (and other values) to applications running on the device. So how do we do it? Workspace ONE UEM can deliver profiles to devices. Profiles can configure a number of settings, in addition to delivering key/value pairs to your applications.  Google refers to these key/value pairs as Managed Configurations, aka application

How to use Square's OkHttp Java library to access Workspace ONE UEM API's

Image
Digital workspace solutions often require consuming other services. When doing so, you may work with things like; REST API endpoints, Webhooks, gRPC, GraphQL - the list goes on. You can interact with these in a number of ways, but one way I've come to appreciate is with Java. It has been especially helpful when I've wanted to work with libraries like Appium, Selenium, OKHttp, or the Workspace ONE UEM SDK in a workflow. With that, I thought it would be helpful to share how to work with Workspace ONE UEM API's using Java. In this blog post, we will cover; Basics of JetBrain's IntelliJ IDE, touching on Apache Maven Using  Square's OkHttp   library  to call Workspace ONE UEM API's Why Java? Java is used by many and supported by most (Docker, Kubernetes, static code analysis tools, cloud service providers, Android, Windows, macOS, Tanzu Application Service, etc). Many languages compile to j ava

How to proxy your Workspace ONE UEM traffic to Fiddler, and retrieve the Android Enterprise access token

Image
Workspace ONE allows you to present the exact user experience your use case requires. One of the things that Workspace ONE UEM does a great job with is interacting with various API's across all the major operating systems. There can be times when you might wish to interact with those API's directly. Some examples of the types of API's that could be helpful would include: Google's  Play EMM API  or the  Android Management API . A scenario where this could be useful is when you want to retrieve a set of data that isn't currently captured by Workspace ONE UEM. If there is something you wish Workspace ONE captured, don't hesitate to submit a  Feature Request  on the crowdsourced portal. In the meantime, this blog will cover how to update the access token used with Android Enterprise, and how to retrieve the access token with Fiddler.  Configure on-premise environment to proxy traffic: Open Fiddler, and make sure it is capturing traffic. For reference on how to confi