A quickish one, hopefully.
You can use oAuth Client/Secret/Token malarky for your API calls. I like it as its not tied to an admin account, it does involve and extra API call to get your token.
Brooks Peppin from VMware has a good article on how to setup oAuth inside UEM, you can find that here: https://brookspeppin.com/2021/07/24/rest-api-in-workspace-one-uem/
BUT….. There is more to this puzzle. What if you aren’t using a SAAS instance in the US of A?
According to this article, there are multiple token endpoints to use.
I wrote a quick function to make life easier.
Function Get-APIBearerToken
{
param
(
$ClientID,
$ClientSecret,
[Parameter()][ValidateSet("UAT","US","Canada","UK","Germany","Australia","India","Japan","Singapore","HK")]$Region
)
Switch($region)
{
"UAT"
{
$URL="https://uat.uemauth.vmwservices.com/connect/token"
break;
}
{"US","Canada" -eq $_}
{
$url="https://na.uemauth.vmwservices.com/connect/token"
break;
}
{"UK","Germany" -eq $_}
{
$url="https://emea.uemauth.vmwservices.com/connect/token"
break;
}
{"Australia","India","Japan","Singapore","HK" -eq $_}
{
$url="https://apac.uemauth.vmwservices.com/connect/token"
break;
}
}
#Construct the Body to get Token
$body = @{
grant_type = "client_credentials"
client_id = $ClientID
client_secret = $ClientSecret
}
#Grab the token
Try{
$Token=(Invoke-RestMethod -Method POST -Uri $URL -Body $body).access_token
}
catch
{
return $_
break
}
return $Token
}
Feed it your Client ID and Secret as well as your region and it will spit out your token for consumption.