Forum Discussion
Solved
Device Owner Provisioning
Hi Team,
I am trying to make my application as device owner app, I am trying to use QR code for provisioning. I am unable to acheive the result. When I scan the QR code which I have generated (Generated QR code without enrollment token) in a factory reset device I am getting an error stating " Couldn't set up your device, for help contact your IT admin. Could you please help me where I am going wrong.
when I tried getting Enrollment Token using AMAPI I am getting the following error
com.google.api.client.googleapis.json.GoogleJsonResponseException: 400 Bad Request
POST https://androidmanagement.googleapis.com/v1/enterprises/%7B573991258109%7D/enrollmentTokens
{
"code" : 400,
"errors" : [ {
"domain" : "global",
"message" : "Invalid enterprise id. Provide a valid id.",
"reason" : "badRequest"
} ],
"message" : "Invalid enterprise id. Provide a valid id.",
"status" : "INVALID_ARGUMENT"
}
Not as far as i know of as the enrollment token/id/url or whatever the MDM expects is pointing to the relvant enrollment rule to be used (because in each MDM you can have several).
Otherwise the MDM doesn't know how to proceed forward with the device (which settings to deploy, is it COPE, fully managed or just BYOD, and so on).
Please provide an example QR code you used, it should look like this (example using Soti Mobicontrol as MDM, providing a Wifi):
{"android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM":"hn8mSNJMPcovWbnnWrb-uMpWZjNlNp-jyV_2A-Whumc=",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME":"net.soti.mobicontrol.androidwork/net.soti.mobicontrol.admin.DeviceAdminAdapter",
"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION":"http://soti.net/apk/ae2",
"android.app.extra.PROVISIONING_WIFI_SSID":"AnySSID",
"android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE":"WPA",
"android.app.extra.PROVISIONING_WIFI_PASSWORD":"password",
"android.app.extra.PROVISIONING_USE_MOBILE_DATA":true,
"android.app.extra.PROVISIONING_SKIP_ENCRYPTION":true,
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"enrollmentId":"IDorURL_used_for_enrollment",
"PROVISIONING_MODE":"MANAGED_PROFILE"
}
}
Hello,
This is the sample Json format which Iam using to generate QR code
{
"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.android.client/com.android.utils.AdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "8:F9:D0:08:D9:82:B7:29:E2:7E:47:BB:BD:C2:EB:8D:BE:04:0F:C0:05", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "
https://android.eu-1.amazonaws.com/Android-V71-1623538246-024-aHR0cHM6C5hcHAvRGFzaGJvYXJkLw%3D%3D.apk",}
You need this always:
"android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE":{
"enrollmentId":"IDorURL_used_for_enrollment",
"PROVISIONING_MODE":"MANAGED_PROFILE"
}
Your enterprise ID is incorrect, you should first use the enterprise endpoint to enroll your enterprise and create your enterprise on Google servers.
Then you use the ID of the enterprise returned by Google to use the other API endpoint to create your enrollment token and manage your devices.
Could you please share me any code snippet or relevant document for the same. It will really help me.
Thanks in Advance
You can use this https://github.com/codybrookshear/android-deviceowner-kotlin to create your own device owner without using the Google Management API
I tried this, but it is not working.
The enrollement token provided but the Google API are only valid when used with the Google Android Management API. If you plan to create your own device owner you don't need these token, just create your own app by following this guide https://developer.android.com/reference/android/app/admin/DevicePolicyManager and this blog article which details the process:
https://medium.com/@codybrookshear/creating-an-android-device-owner-app-in-2023-b7e7b9fb3aca
