Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.19
  3. UEM Overview and Architecture
  4. Data flows: Activating devices and BlackBerry Dynamics apps
  5. Data flow: Activating an Android Enterprise Work and personal - full control device using a managed Google Play account

Data flow: Activating an
Android Enterprise
Work and personal - full control
 device using a managed
Google Play
 account

Diagram showing the steps and components mentioned in the following data flow.
This data flow applies when you allow
BlackBerry UEM
 to manage
Google Play
 accounts.
  1. You perform the following actions:
    1. Add a user to
      BlackBerry UEM
       as a local user account or using the account information retrieved from your company directory
    2. Make sure that the "
      Work and personal - full control
      ” activation type is assigned to the user
    3. Allow activation QR codes to include the activation password and the location to download the
      BlackBerry UEM Client
      .
  2. The user resets their device to the factory default settings.
  3. The device restarts and displays a Welcome or Start screen.
  4. The user performs the following actions:
    1. Opens the activation email they received on their computer or another device
    2. Taps the device screen seven times to open a QR code reader
    3. Connects the device to a
      Wi-Fi
       network
    4. Scans the QR code in the activation email
  5. The device performs the following actions:
    1. Prompts the user to encrypt the device and restarts
    2. Downloads the
      UEM Client
       from the download location specified by the QR code and installs it
  6. The
    UEM Client
     performs the following actions:
    1. Establishes a connection to the
      BlackBerry Infrastructure
    2. Sends a request for activation information to the
      BlackBerry Infrastructure
  7. The
    BlackBerry Infrastructure
     performs the following actions:
    1. Verifies that the user is a valid, registered user
    2. Retrieves the
      BlackBerry UEM
       server address for the user
    3. Sends the server address to the
      UEM Client
  8. The
    UEM Client
     establishes a connection with
    BlackBerry UEM
     using an HTTP CONNECT call over port 443 and sends an activation request to
    BlackBerry UEM
    . The activation request includes the username, password, device operating system, and unique device identifier.
  9. BlackBerry UEM
     performs the following actions:
    1. Determines the activation type assigned to the user account
    2. Connects to
      Google
       and creates a managed
      Google Play
       user
    3. Creates a device instance
    4. Associates the device instance with the specified user account
    5. Adds the enrollment session ID to an HTTP session
    6. Sends the user's managed
      Google Play
       account information and a successful authentication message to the device
  10. The
    UEM Client
     performs the following actions:
    1. Connects to
      Google
       to verify the user
    2. Creates the work profile on the device
    3. Creates a CSR using the information received from
      BlackBerry UEM
       and sends a client certificate request to
      BlackBerry UEM
       over HTTPS
  11. BlackBerry UEM
     performs the following actions:
    1. Validates the client certificate request against the enrollment session ID in the HTTP session
    2. Signs the client certificate request with the root certificate
    3. Sends the signed client certificate and root certificate back to the
      UEM Client
    A mutually authenticated TLS session is established between the
    UEM Client
     and
    BlackBerry UEM
    .
  12. The
    UEM Client
     requests all configuration information and sends the device and software information to
    BlackBerry UEM
    .
  13. BlackBerry UEM
     stores the device information in the database and sends the requested configuration information to the device.
  14. The device sends an acknowledgment to
    BlackBerry UEM
     that it received and applied the configuration information. The activation process is complete.