To integrate Workspace ONE UEM and Microsoft Intune® App Protection Policies DLP, ensure to set admin permissions, add the Workspace ONE UEM app to Azure, and use the listed Microsoft licenses.

  • Ensure that the admin for this integration has the listed permissions.
    • The admin has access to Azure Active Directory with permissions to add enterprise applications and with the Group.Read.All and Group.ReadWrite.All permissions.
    • The admin has MFA (Azure Multi-Factor Authentication) disabled.
  • Add AirWatch by VMware in Azure Active Directory as an Azure Enterprise MDM application. Find this configuration in Azure Active Directory in Azure Active Directory > Mobility Apps > Add Application > AirWatch by VMware.

    If you already have OOB enrollment set up, add AirWatch by VMware and do not enter or edit any other settings. If you do enter or edit configurations, you risk breaking the OOB enrollment process.

  • Use licenses from Microsoft for the following components.
    • Microsoft Intune App Protection Policies
    • Microsoft Enterprise Mobility + Security E3 or E5

Most Microsoft Intune App Protection Policies are available for Android and iOS platforms.