Enable multi-tenancy in VMware Workspace ONE Access using the VMware Aria Suite Lifecycle APIs

Multi-tenancy is not automatically enabled in VMware Workspace ONE Access. You use VMware Aria Suite Lifecycle to enable multi-tenancy, so that multiple tenants can interact directly with VMware Aria Suite products.

To enable multi-tenancy, you create an alias name for the primary tenant that is in VMware Workspace ONE Access. Before creating the alias name, you find the environment IDs for the the products that you know are using VMware Workspace ONE Access. Then you create the alias name with the environmentId and productId for those products.
Note: The alias name that you create must have a DNS record with the same name.

Prerequisites

  • Verify that all general prerequisites have been satisfied. See Tenant management using VMware Aria Suite Lifecycle APIs.
  • Verify that all prerequisites for enabling multi-tenancy by using the VMware Aria Suite Lifecycle UI have been satisfied. See Enable Multi-Tenancy.
  • Verify that you know the products such as VMware Aria Automation, that are using VMware Workspace ONE Access.

Procedure

  1. List the environments for all installed products. 
    curl -X GET \
  '$url/lcm/lcops/api/v2/environments' \
  -H 'Authorization: Basic YWRtaW5AbG9jYWw6VGhpc0lzUGFzc3dvcmQ=' \
  -H 'Content-Type: application/json' \
}' | jq "."
  2. Examine the response to locate the environment ID with the product that you know is using VMware Workspace ONE Access, for example, VMware Aria Automation. 
    ...  
  {    
    "environmentId": "vRSSmallImportEnvironment1595601218016",
    "environmentName": "vRS Small Import Environment",
    ...
    },
    "products": [
      {
        "id": "vra",
        "version": "8.0.1",
        "patchHistory": null,
        "snapshotHistory": null,
        "logHistory": null,
        "clusterVIP": null,
...
  3. Create an alias name for the primary tenant in VMware Workspace ONE Access. 
    curl -X POST \
  '$url/lcm/authzn/api/v2/idp/tenants/multitenancy/enable' \
  -H 'Authorization: Basic YWRtaW5AbG9jYWw6VGhpc0lzUGFzc3dvcmQ=' \
  -H 'Content-Type: application/json' \
  -d '{
    "masterAlias": "Newmaster56-157",
    "productsToRegister": [
        {
          "environmentId": "vRSSmallImportEnvironment1595601218016",
          "productId": "vra"
        }
      ]
}' | jq "."
    A snippet of the response provides a request ID that you can use to check the status of the request. 
    {
  "requestId": "a0d8d8cd-ac87-4b5c-ba8b-7a0173c56b55"
}
  4. Assign the variable for the requestId. 
    requestId = "a0d8d8cd-ac87-4b5c-ba8b-7a0173c56b55"
  5. Use the requestID to track your request. 
    curl -X GET '$url/lcm/authzn/api/v2/idp/tenants/requests/$requestId' -H 'Authorization: Basic YWRtaW5AbG9jYWw6VGhpc0lzUGFzc3dvcmQ=' | jq "."
    After the request succeeds, multi-tenancy is enabled.

What to do next

Create a tenant. See Add a tenant.