Data flow: Activating a BlackBerry
Dynamics app when one is already activated on the device
BlackBerry Dynamicsapp when one is already activated on the device
This data flow describes how data travels when a
BlackBerry Dynamicsapp is activated on a device and the
BlackBerry UEM Clientor another
BlackBerry Dynamicsapp is already activated and acts as an easy activation delegate.
- An administrator assigns one or moreBlackBerry Dynamicsapps to a user.
- The user installs the app on the device.
- The app performs the following actions:
- Queries theBlackBerry Dynamics NOCand identifies another app that is activated on the device
- Requests the activation credentials from the previously activated app
- The user approves the activation request from the previously activated app on the device.
- The previously activated app sends the credentials toBlackBerry UEM.
- BlackBerry UEMsends the credentials request andBlackBerry UEMURL to the existing app.
- The previously activated app returns the credentials and the URL to the new app.
- The new app completes the following actions:
- Activates with theBlackBerry Dynamics NOC
- Connects toBlackBerry UEMthrough theBlackBerry Infrastructureand establishes an end-to-end encrypted session withBlackBerry UEMusing the EC-SPEKE protocolThis session can only be decrypted by theBlackBerry UEMinstance that issued the activation credentials.
- Sends the activation request through the secured session
- BlackBerry UEMverifies the activation request and sends encrypted activation response to the app. The activation response includes data required by the app to communicate withBlackBerry UEM, including a client certificate, master session key, list ofBlackBerry Proxyinstances, and trusted certificate authorities.