This has been an issue for a while. Workspace ONE UEM (AirWatch) can get the correct MAC for a fully managed device (Work Managed) but for all other modes we can only get the randomized MAC. This is a restriction created by Google. I've heard that there are ways around this but I'm not aware of how they work. We are always working with Cisco ISE and Aruba Clearpass to try and make the integration as good as possible. Below is a link to a blog post that you may find helpful, I'm certainly going to read through it.
Hope that helps!
That means a feature request has to be raised.
There's nothing we can do from a Workspace ONE UEM standpoint. Google has decided to not allow access to the actual WiFi MAC address for any mode other then Work Managed. I have personally met with Google in Mountain View about this issue and they are very firm on their stance. We have been working with Cisco and other NAC providers to try and find a way to solve this problem but at this point we don't have a solution. The NAC knows the actual MAC from with WiFi networking hardware and not much else. We know most everything else about the device except the actual MAC so there isn't anything in common.
If anyone else in the community has any other feedback or a solution I would love to hear it.