/
Enrollment of Mobile App Using VMWare Workspace One (Airwatch)
Document toolboxDocument toolbox

Enrollment of Mobile App Using VMWare Workspace One (Airwatch)

Owned by Gary Leicht
Last updated: Jan 29, 2025
8 min read

This guide outlines the steps to install and configure Infoblox Mobile Endpoint (EP) for iOS and Android devices using VMware Workspace ONE UEM. Follow the steps below to ensure seamless deployment and provisioning of the Mobile Endpoint application.

Important Notes

  • Authorization Changes:

    • Infoblox Endpoint iOS version 2.0.7 and above and Android version 1.0.10 and above use joinToken instead of customerId for authorization.

    • Infoblox Endpoint Android version 1.0.9 and below requires the customerId attribute value in the app configuration.

    • Older app versions will automatically update to the latest version, while new installations require updating the joinToken in the app configuration.

    • For existing devices with older version of the app, the update to latest version is automatic. For fresh installations on new devices, the joinToken should be updated in the app configuration settings.

    • Maintain both customerId and joinToken during the transition period until all devices are updated to 1.0.10 or above.

  • Proxy Settings:

    • The extensionType parameter for iOS devices defaults to "vpn." Change it to "dnsproxy" to intercept DNS traffic via the DNS Proxy Provider.

Step 1: Download the MDM Config File from the Infoblox Portal

An app-config file is required to update an app’s configuration in MDM. To download the file, do the following:

  1. Log in to the Infoblox Portal.  

  2. Navigate to Manage > Endpoints > Endpoint Groups.

  3. Click Download MDM Configuration, and select iOS Config File or Android Config File, depending on the device.

    Image: The Download MDM Configuration drop-down options for handling endpoint configurations within a network. The configuration options include Android Config File, iOS Config File, and Chrome Config File.

     

    To assign an endpoint to a specific endpoint group, click the three horizontal bar icon next to the name of endpoint group name and select Download MDM Configuration > Android Config File or iOS Config File.

     

    Image: The download MDM configuration options when applying a configuration option to an existing endpoint group. The configuration options include Android Config File, iOS Config File, and Chrome Config File.

  4. Save the downloaded configuration file to an easily accessible directory.

The app config contains the following parameters:

  • joinToken: The value in the XML file.

  • groupName: In the Infoblox Portal, the name of the group to which the endpoint will be moved. If the name is not present in the Infoblox Portal, it will be added to the All Infoblox Endpoints group.

  • userId: The unique name that identifies a mobile device. The configured name is displayed in the Infoblox Portal, on the Manage Endpoints page.

  • allowServiceControl: By default, this value will be True. To disallow and hide service control, use the toggle switch to change this value to False

  • extensionType (only for iOS): By default, this value is “vpn”, we can also set to “dnsproxy” to intercept the DNS traffic using DNS Proxy Provider.

The proxy mode was never tested and may not work. 

Step 2: Register a Mobile Endpoint with Workspace ONE

  1. Download and install the Intelligent Hub app from the Apple App Store or Google Play Store, depending on your device.

  2. Log in to the Intelligent Hub using the credentials provided by your administrator.

  3. Follow the instructions to register the device with the Workspace ONE server.

Step 3: Install and Configure the Infoblox Mobile Endpoint App

For iOS Devices

  1. Log in to the Workspace ONE UEM console.

  2. Navigate to Apps & Books > Applications > Native > Public.

  3. Click + Add Application.

     

  4. For the platform, select Apple iOS as the platform and search for Infoblox EP.

  5. Search for Infoblox EP, and then click Next.

  6. When the Infoblox EP app appears in the search results, Select when the app appears in the search results

  7. Click Save and Assign.

  8. In the app assignment window, configure the details and select the appropriate App Delivery Method.

  9. In the Application Configuration tab, toggle the Send Configuration switch to ON.

     

  10. Upload the app-config file downloaded from the Infoblox Portal.

  11. Click UPLOAD XML, and select the file.

  12. Modify userId and groupName parameters if required.


  13. Click Create, then Save.

  14. Click Publish to assign the app configuration to devices.

     


    The assignment will be pushed to the device. If it is not pushed in the same screen, then select Devices > select the device > Install.


    After a few minutes, the endpoint will be automatically installed on the client devices.

  15. Open the Infoblox Endpoint app on the iOS device. After a few seconds, the app will display its protected status.

     

For Android Devices

  1. Log in to the Workspace ONE UEM console.

  2. Navigate to Apps & Books > Applications > Native > Public.

  3. Click + Add Application.

  4.  For the platform, select Android as the platform and search for BloxOne EP.

  5. Search for BloxOne EP, then click Next.

  6. Click Approve > Select.

  7. Click Save > Assign.

  8. In the app assignment window, configure the details and select the appropriate App Delivery Method.

  9. In the Application Configuration tab, toggle the Send Configuration switch to ON.

    •  

  10. In the information fields, enter the configuration data from the app-config file downloaded from the Infoblox Portal.

     

  11. Click Create, then click Save.

     

  12. Click Publish to push the assignment to devices.


    After a few minutes, the endpoint will automatically install on client devices. If it is not pushed in the same screen, then it can be pushed from Devices > (select the device) > Install.

     

  13. Open the Infoblox Endpoint app from the work profile on the Android device. Accept the VPN acknowledgment.

  14. After a few seconds, the app will be in a protected state.