Overview
Torii integrates with your Workspace One UEM account and syncs the user's data:
| User Fields | License Types |
|---|---|
| Workspace One | |
| Status |
- You can constantly stay updated with application information from our Integrations Page
>> Integration Capabilities button >> Integration Capabilities table.
Requirements
Accounts & Permissions
To connect this integration in read-only mode, you need to enable REST API Access, create a role with minimal required credentials, and create an admin account assigned to that role.
If you wish to use actions in Torii, additional permissions are required. See the Actions section below.
Enable REST API Access
- Go to Groups & Settings > All Settings
- Navigate to System > Advanced > API > REST API
- In the General tab:
- Change “Current Settings” to Override
- Enable the API Access toggle
- Click ADD to generate a new key
- Set a name under Service (e.g., AirWatchAPI)
- Change AccountType to Admin
- Copy the API Key
- In the Authentication tab:
- Change “Current Settings” to Override
- Enable the Basic toggle
- You may enable or disable Certificate and Directory – they are not required
- Click Save
Create a Role with Minimal Required Credentials
- Go to Accounts > Administrators > Roles
- Click Add Role to open the Create Role window
- Navigate to API > REST
- Enable the Read checkbox for the following:
- Apps
- Devices
- Users
- Give the role a name (e.g., TORII API)
- Click Save
- If you plan to use actions in Torii, you must define a role with the appropriate permissions listed in the Actions section below. Make sure the role includes only the required scopes for the specific actions you intend to enable.
Create Admin Account with Role
- Go to Accounts > Administrators > List View
- Click ADD
- In the popup, select Basic and click NEXT
- Fill in the administrator's details and click NEXT
- You need to use the Username and Password to connect the integration.
- In the Roles section:
- Select the appropriate Organization Group
- Select the role you created in the previous step.
- Click NEXT and complete the rest of the details and settings
Actions
Torii supports the following Workspace One UEM actions:
- Add WorkspaceOne UEM user
- Delete WorkspaceOne UEM user
- Lock Workspace One UEM User Devices
- Wipe Workspace One UEM User Devices
To perform these actions through Torii, ensure the role assigned to the admin user includes the following permissions:
| Section | Category | Permission | Relevant Actions |
|---|---|---|---|
| Accounts > Users | Accounts | Add/Edit (Edit) | Add User, Delete User |
| Accounts > Users | Accounts | User Detail (Read) | All actions |
| Accounts > Users | Accounts | Edit (Edit) | Delete User |
| Accounts > Users | Enrollment Status | User Registration (Edit) | Add User |
| Accounts > Users | Roles | Add/Edit (Edit) | Add User |
| Accounts > User Groups | User Groups | Add/Edit (Edit) | Add User |
| API > REST | REST | Apps (Read) | All actions |
| API > REST | REST | Devices (Read and Edit) | Lock Device, Wipe Device |
| API > REST | REST | Users (Read and Edit) | Add User, Delete User |
| Device Management > Device Details | Device Details |
|
Lock Device, Wipe Device |
Note: You only need to enable the permissions relevant to the actions you plan to use.
Q&A
Q: What should I enter in the "Account Name" field?
A: The Account Name field lets you connect multiple Workspace ONE UEM accounts to Torii. The value can be anything you choose — it is only used to distinguish between your connected accounts. Make sure to use a unique Account Name for each account: connecting a different account with an Account Name that is already in use will overwrite the existing account's data, so choosing distinct names is your responsibility.