Barcode setup without ENROLLMENT_TOKEN
Hi We are preparing to enroll over 600 Zebra and Honeywell barcode scanners into Microsoft Intune. These devices are distributed across more than 250 locations and span over 35 distinct configuration profiles. To ensure a smooth rollout, especially for our non-technical users, we aim to automate the enrollment process as much as possible—minimizing manual input and reducing the risk of user errors, including Wi-Fi setup. Our intended workflow is for users to simply scan a QR code at the initial "Hi there" screen. This QR code should contain the necessary Wi-Fi configuration and trigger device provisioning via the Google Zero-Touch portal, bypassing the setup wizard entirely. However, when we generate a QR code using the following JSON configuration, the Wi-Fi settings are not being applied as expected. After the QR code is scanned, the device proceeds to the Wi-Fi setup screen, where users are required to manually enter the network configuration. According to Google’s documentation, the EXTRA_ENROLLMENT_TOKEN is optional. Is it possible to fully automate this step without including the token, or is it required in practice for the Wi-Fi configuration to be applied correctly? Any help would be much appreciated—thank you! { "android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "I5YvS0O5hXY46mb01BlRjq4oJJGs2kuUcHvVkAPEXlg", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://play.google.com/managed/downloadManagingApp?identifier=setup", "android.app.extra.PROVISIONING_ADMIN_EXTRAS_BUNDLE": { "android.app.extra.EXTRA_PROVISIONING_WIFI_SSID": "**SSID**", "android.app.extra.EXTRA_PROVISIONING_WIFI_PASSWORD": "**PASSWORD**", "android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE": "WPA", "com.google.android.apps.work.clouddpc.extra.EXTRA_PROVISIONING_SKIP_USER_CONSENT": true, "com.google.android.apps.work.clouddpc.extra.EXTRA_PROVISIONING_SKIP_USER_SETUP": true, "com.google.android.apps.work.clouddpc.extra.EXTRA_PROVISIONING_SKIP_ACCOUNT_SETUP": true, "com.google.android.apps.work.clouddpc.extra.PROVISIONING_SKIP_EDUCATION_SCREENS": true } }
Link Android Zero Touch Portal with Access Management Tool
Hello Team Is there any possibility to link Android Zero touch portal with an Access Management tool with the APIs? We have our internal access management tool of our organization. We want to link the ZTE portal so that the request and permission for adding and deleting admins can be managed by Access management tool. Is there any API for that?Android zero-touch customer portal
Learn more about the changes to the new zero-touch customer portal The new zero-touch customer portal has been designed to make it easier for you to manage your account. Here are some of the key changes: New look and feel: The portal has been redesigned with a modern look and feel, making it easier to navigate and find the information you need. Improved navigation: The navigation menu has been simplified and reorganized, making it easier to find the pages you're looking for. Updated Terms of service: Updated the zero-touch customer terms of service and customers will be prompted to accept the terms of service upon next login to the zero-touch customer portal. The terms of service need to be accepted once by an admin or owner of the customer account. If you own multiple accounts, you might need to accept the terms of service for each one. Note: when attempting to access the zero-touch customer API. Any existing solutions leveraging the zero-touch customer APIs to access an account that has not yet accepted the new terms of service will receive a TosError response. Users will need to accept the terms of service by signing in to the zero-touch enrolment portal. New features/changes: The portal now includes a number of new features, such as: Improved search: search for specific device(s) by the fields below, without specifying which identifier(ie. IMEI, MEID, serial number). Additional fields on device CSV download: You can download a CSV of existing devices assigned to your organization, which contain all data seen on the device management page with additional field(ie. Reseller name and reseller ID). Additionally, unified the formats so the customer can download a CSV, make changes to the profiles, and upload it. Undelete account: You can no longer undelete the account once deleted, alternatively you can reach out to your reseller who can then reach out to us to recover your account with valid reason. To access the new customer portal, simply go to link. You will need to log in with your existing username and password To help you navigate the changes, please refer to the customer portal guide. We value your feedback, please use the feedback button as shown in the attached GIF to share your insights: If you have any questions about the new customer portal, please create a new community conversation in the General Discussion board. Thank you.
Zero Touch MDM Phones Randomly Factory Resetting
Hello We have been having an issue over the past few weeks/months where Android devices are randomly resetting. The phones are zero touch enrolled and managed by Intune via COPE, we apply configuration and compliance policies to these devices. One of these configurations enforces a device wipe after so many failed pin code failures. This is the only known wipe configuration set on the devices. We have exhausted the configuration side and do not see a root cause other than user error, however this is not really likely given it takes some effort to actually do this. From googling online, we can see that this may be an issue relating to the play version not updating correctly, is this still an issue? Random factory resets after devices complete GZT configuration. | Android Enterprise Customer Community - 2236 These devices are a mix of newly enrolled and also old enrolled devices. They have also been setup with Wi-Fi. Thanks
Zero Touch Portal Setup - Error 403 on login
Hi, My reseller has set-up an account linked to a corporate Google account. When I try to login to https://partner.android.com/zerotouch using that account I get a "403, The account doesn't have permission to see this page. Contact your admin for access or use a different account." error. My reseller has confirmed the account is set up and is using the correct email address. Who do I need to contact to get this resolved? Thanks
Zero Touch Portal - Error Message
Hi Team, I have created a new configuration item and linked it to Microsoft Intune token. Then I have decided to remove the Intune token configuration before removing the configuration file from Zero touch (which I dont think it should matter). Then I went to remove the configuration item from Zero touch and was getting a strange error message, see below. Now I'm left with a configuration item in Zero touch that I can't remove. Can someone please help or reach out, that would be great. Also, let me know if there is anything else you require from my end.ZTE - Unable to Bulk deregister devices
Hi Team, Im having issues when trying to do a bulk device deregister. Getting an error message "Something went wrong - Try uploading your file again" and its not telling me what the issue is. My current file format is .CSV and the table is as follow: modemtype modemid manufacturer profiletype owner IMEI 123456789012345 Motorola ZERO_TOUCH 0 Can you tell me what I'm doing wrong? Thanks ----------------- I'm following the below instructions: https://support.google.com/work/android/answer/7514005#csv&zippy=%2Cdevice-configuration-csv-file-format%2Cdevices%2Capply-a-configuration-to-many-devices%2Cderegister-a-device Bulk deregister devices Deregistering multiple devices in bulk can be done using a device configuration CSV file. To do this: Create a device configuration CSV file including every device you wish to deregister. Replace the 'profileid' column in this CSV file with a column titled 'owner', and set the values in this column to 0. Re-upload the CSV to your portal.
Need Help with QR Enrollment for Multiple Devices in Educational Environment – Is External MDM Required?
Hi everyone, I'm managing a large number of Android tablets in an educational environment. I'm trying to enroll the devices using Android Enterprise with QR code enrollment, but I'm having trouble getting the QR method to appear. So far, only Zero-Touch shows as an option, but most of our devices were not purchased through Zero-Touch resellers, so we can't use that method. My main question is: Is it strictly necessary to use an external MDM (like Miradore, Intune, etc.) to generate the QR code, or is there a way to create and use it directly from the Google Admin console or natively through Android Enterprise? We want to deploy the tablets efficiently and avoid entering accounts manually. Ideally, each device would automatically enroll with our managed Google Play account by scanning a QR code after a factory reset. This is especially important in a school context, where we have many students and limited time for configuration. We are already registered in Google Workspace, and the tablets are in a dedicated organizational unit for students. The admin account is managed, and we are using the Android Enterprise platform linked to our domain. For reference, here are two YouTube videos showing the configuration steps I followed (which reflect our current setup): https://www.youtube.com/watch?v=jI-C_y1u8jE https://www.youtube.com/watch?v=h__pvfp559Q Any advice or clarification would be greatly appreciated. Especially if there’s a native way to enable QR enrollment without needing a full external MDM platform. Thanks in advance!
Default configuration not apply
Hello, We're having trouble assigning the default configuration when resellers add phones to our Zero-Touch account. We've successfully linked Intune to the Zero-Touch account. In Intune, there is a fully managed profile. I used this token to create a profile that works, no problem. However, when resellers add new devices, they don't retrieve our default configuration, which is called PROD_INTUNE_FullyManaged, but retrieve a default profile that we haven't configured. It's quite annoying to have to systematically reassign the correct default profile. Thank you for your help on this issue. *Post updated 27 May, 2025 - translated from French to English
