Data flow: Activating a BlackBerry
Dynamics app when one is already activated on the device
BlackBerry
Dynamics
app when one is already activated on the deviceThis data flow describes how data travels when a
BlackBerry
Dynamics
app (including the BlackBerry UEM Client
) is already activated on a device and is used as an easy activation delegate to activate subsequent BlackBerry
Dynamics
apps.
- An administrator assigns one or moreBlackBerry Dynamicsapps to a user.
- The user installs the app on the device.
- The app performs the following actions:
- Queries theBlackBerry Dynamics NOCand identifies that anotherBlackBerry Dynamicsapp has already been registered and activated on the device.
- Requests the activation credentials from the previously activatedBlackBerry Dynamicsapp.
- The user approves the activation request from the previously activated app on the device.
- The previously activated app sends the credentials through theBlackBerry InfrastructuretoUEM.
- UEMsends the credentials request and theUEMURL through theBlackBerry Infrastructureto the previously activated app.
- The previously activated app returns the credentials and the URL to the new app.
- The new app completes the following actions:
- The app registers itself with theBlackBerry Dynamics NOCand receives an ID thatUEMcan later use to confirm with theBlackBerry Dynamics NOCthat the app was successfully activated.
- Connects toUEMthrough theBlackBerry Infrastructureand establishes an end-to-end encrypted session withUEMusing the EC-SPEKE protocol.This session can be decrypted only by theUEMinstance that issued the activation credentials.
- Sends the activation request through the secured session.
- UEMverifies the activation request and sends an encrypted activation response to the app. The activation response includes data required by the app to communicate withUEM, including a client certificate, master session key, list ofBlackBerry Proxyinstances, and trusted certificate authorities.