Skip Navigation

Data flow: Activating a 

Diagram showing the steps and components mentioned in the following data flow.
  1.  You make sure that the user has a 
    BlackBerry UEM
     user account and the login information for 
    BlackBerry UEM Self-Service
    , including:
    • Web address for 
      BlackBerry UEM Self-Service
    • Username and password
    • Domain name
  2. The user logs in to 
    BlackBerry UEM Self-Service
     on their 
     device and activates the device.
  3. The device sends an activation request to 
    BlackBerry UEM
     on port 443.
  4. BlackBerry UEM
     provides the MDM profile to the device. This profile contains the MDM activation URL and the challenge. The MDM profile is wrapped as a PKCS#7 signed message that includes the full certificate chain of the signer, which allows the device to validate the profile. This triggers the enrollment process.
  5. The native MDM Daemon on the device sends the device profile, including the customer ID, language, and OS version, to 
    BlackBerry UEM
  6. BlackBerry UEM
     validates that the request is signed by a CA and responds to the native MDM Daemon with a successful authentication notification.
  7. The native MDM Daemon sends a request to 
    BlackBerry UEM
     asking for the CA certificate, CA capabilities information, and a device issued certificate.
  8. BlackBerry UEM
     sends the CA certificate, CA capabilities information, and the device issued certificate to the native MDM Daemon.
  9. The native MDM Daemon installs the MDM profile on the device.
  10. BlackBerry UEM
     acknowledges that the MDM activation is complete.
  11. The device requests all configuration information.
  12. BlackBerry UEM
     stores the device information in the database and sends configuration information to the device.
  13. The device sends an acknowledgment to 
    BlackBerry UEM
     that it received and applied the configuration information. The activation process is complete.