Entitle the Local User to the Weblink App

Our created Weblink application currently has no entitled users, meaning no one can currently access our created application.  We can update the entitlement of this application to include our created local user from earlier, allowing them to access the application in Identity Manager.

1. Setup the Request Headers

  1. Select POST as the Verb.
  2. Enter https://{your_tenant_fqdn}/SAAS/jersey/manager/api/entitlements/definitions for the Request URL.
    NOTE - Remember to replace {your_tenant_fqdn} with your VMware Identity Manager Tenant Fully Qualified Domain name (FQDN).
  3. Click the Headers tab.
  4. For the Content-Type Header Value, enter application/vnd.vmware.horizon.manager.entitlements.definition.bulk+json.
  5. For the Accept Header Value, enter application/vnd.vmware.horizon.manager.bulk.sync.response+json.

2. Setup the Request Body

  1. Click the Body tab.
  2. Select Raw.
  3. Leave the Formatting as Text.  Same as before, we don't want to change this as Postman will automatically update the Content-Type Header to reflect this field, and changing this back to application/json will cause the request to fail.
  4. Enter the below JSON data for the Body.
    { "returnPayloadOnError" : true, "operations" : [ { "method" : "POST", "data" : { "catalogItemId" : "{YOUR_WEBLINK_UUID}", "subjectType" : "USERS", "subjectId" : "{YOUR_CREATED_USER_ID}", "activationPolicy" : "AUTOMATIC" } }], "_links" : { } }
  5. Replace the {YOUR_WEBLINK_UUID} text with the Created Application UUID value from your Notepad file.  DO NOT remove the surrounding quotation marks!
  6. Replace the {YOUR_CREATED_USER_ID} text with the Created User ID value from your Notepad file.  DO NOT remove the surrounding quotation marks!
  7. Click Send.

3. View the API Response

  1. Scroll down to view the API response.
  2. Ensure the Status shows 200 OK, confirming that the bulk operations request was completed successfully.
  3. Click the Body tab.
  4. Ensure the code field from the operations array shows 201.  This shows that our operation to update the catalogItemId with our subjectId was successful.  If we had included multiple operations in our JSON body, you would see a status response for each operation noting the result.

4. Confirm the Application Entitlement in the Identity Manager Administrator Console

Return to the Identity Manager Administrator Console.

  1. Click Catalog.
  2. Click the checkbox next to API Generated Weblink to select it.
  3. Click Assign.
  1. Confirm that the API User is already included in the list of Users and that the Deployment Type is set to Automatic.  This entitlement was added based on the specifications we included in our JSON Body with the API request.
  2. Click Close.

We will now login to the Workspace ONE portal as our created user to confirm that we see the created application and that it launches successfully.

6.1. Logout of the Identity Manager Administrator Account

  1. In the top-right corner of the Identity Manager Administrator Console, click the Tenant Admin dropdown.  
  2. Click Logout.

6.2. Go Back to the Login Page

Click Go back to the login page.

6.3. Login as the Created User

  1. Enter apiuser for the Username.
  2. Enter VMware1! for the Password.
  3. Click Sign in.

6.4. View the Application Catalog

  1. Click the Catalog tab if not already selected.
  2. Confirm the API Generated Weblink application exists.  Click Open.
  1. Confirm that the weblink opened https://www.vmware.com.
  2. Click the Close button to close the tab.

0 Comments

Add your comment

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.