Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Reverted from v. 3

In this tutorial, you are enrolling your Android device also known as Bring Your Own Device (BYOD) with WSO2 IoT Server. WSO2 IoTS supports devices on Android version 4.2.x to 7.0 (Android Jelly Beans to Nougat). If you want to enroll a Corporate-Owned, Personally Enabled (COPE) device, you need to configure WSO2 IoT Server is the system service application and install the configured Android agent on the device.

...

Excerpt
Localtabgroup
Localtab
titleUsing the QR code
Panel
borderColor#11375B
bgColor#ffffff
borderWidth2
  1. Access the WSO2 device management console by navigating to https://<IoT_HOST>:9443/devicemgt and sign in.

    Expand
    titleClick here for more information.
    Panel
    borderColor#11375B
    bgColor#ffffff
    borderWidth2
    Insert excerpt
    Accessing the WSO2 IoT Server Consoles
    Accessing the WSO2 IoT Server Consoles
    nopaneltrue
  2. Click Enroll New Device.
  3. Click Android to enroll your device with WSO2 IoTS.
  4. Enroll the device.
    1. Click Enroll Device.
    2. Scan the QR code to download the Android agent onto your Android device.

      Info

      You need to make sure that your Android device and the IoT Server are on the same network, else you will not be able to download the Android agent.

      After scanning the QR code you will be directed to a web page. When this page appears, the web browser will typically display an "insecure connection" message, which requires your confirmation before you can continue.

      Info
      Expand
      titleClick here for more information.

      The WSO2 IoT Server IoTS consoles are based on the HTTPS protocol, which is a combination of HTTP and SSL protocols. This protocol is generally used to encrypt the traffic from the client to server for security reasons. The certificate it works with is usedforencryptiononly,anddoesnot prove the server identity, so when you try to access these consoles, a warning of untrusted connection is usually displayed. To continue working with this certificate, some steps should be taken to "accept" the certificate before access to the site is permitted. If you are using the Mozilla Firefox browser, this usually occurs only on the first access to the server, after which the certificate is stored in the browser database and marked as trusted. However, with other browsers, the insecure connection warning might be displayed every time you access the server.

      This scenario is suitable for testing purposes, or for running the program on the company's internal networks. If you want to make these consoles available to external users, your organization should obtain a certificate signed by a well-known certificate authority, which verifies that the server actually has the name it is accessed by and that this server belongs to the given organization.

  5. Click Download IoT Server Agent.

Localtab
titleInviting via email
  • Click Invite by Email.
  • Enter the email address of the users who need to enroll their device with WSO2 IoTS, and click Send Invite(s).
    If you entered your email address, you will receive the registration email.
  • Click on the link in the email to download the Android agent.
  • Click Download IoT Server AgentTap INSTALL to start installing the Android agent.

    Image Added

  • Tap OPEN, once the WSO2 Android Agent is successfully installed.
  • You need to agree by clicking CONTINUE to share the device details listed in the following screen with WSO2 IoT Server when enrolling your Android device.

  • Panel
    bgColor#ffffff
    Panel
    titlePrerequsite

    Configure the email settings to send out an invitation for users to register their device with WSO2 IoT Server.

    Expand
    titleClick here for more information on configuring the email settings.
    Info

    In WSO2 EMM, user registration confirmation emails are disabled by default, and the admin needs to provide the required configuration details to enable it.

    1. Create an email account to send out emails to users that register with IoT Server (e.g., no-reply@foo.com).

    2. Open the <IOTS_HOME>/repository/conf/axis2/axis2.xml file, uncomment the mailto transportSender section, and configure the IoTS email account.

      Code Block
      <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender">
         <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
         <parameter name="mail.smtp.port">587</parameter>
         <parameter name="mail.smtp.starttls.enable">true</parameter>
         <parameter name="mail.smtp.auth">true</parameter>
         <parameter name="mail.smtp.user">synapse.demo.0</parameter>
         <parameter name="mail.smtp.password">mailpassword</parameter>
         <parameter name="mail.smtp.from">synapse.demo.0@gmail.com</parameter>
      </transportSender>
      Info

      For mail.smtp.frommail.smtp.user, and mail.smtp.password, use the email address, username, and password (respectively) from the mail account you set up.

      Example:

      Code Block
      <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender">
         <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
         <parameter name="mail.smtp.port">587</parameter>
         <parameter name="mail.smtp.starttls.enable">true</parameter>
         <parameter name="mail.smtp.auth">true</parameter>
         <parameter name="mail.smtp.user">foo</parameter>
         <parameter name="mail.smtp.password">$foo1234</parameter>
         <parameter name="mail.smtp.from">no-reply@foo.com</parameter>
      </transportSender>
    3. Optionally, configure the email sender thread pool.
      Navigate to the email-sender-config.xml file, which is in the <IOTS_HOME>/repository/conf/etc directory, and configure the following fields under <EmailSenderConfig>.

      • MinThreads: Defines the minimum number ofthreadsthatneeds to be available in the underlying thread pool when the email sender functionality is initialized.

      • MaxThreads: Defines the maximum number of threads that should serve email sending at any given time.

      • KeepAliveDuration: Defines the duration a connection should be kept alive. If the thread pool has initialized more connections than what was defined in MinThreads, and they have been idle for more than the KeepAliveDuration, those idle connections will be terminated

      • ThreadQueueCapacity: Defines the maximum concurrent email sending tasks that can be queued up.

      Example:

      Code Block
      <EmailSenderConfig>
         <MinThreads>8</MinThreads>
         <MaxThreads>100</MaxThreads>
         <KeepAliveDuration>20</KeepAliveDuration>
         <ThreadQueueCapacity>1000</ThreadQueueCapacity>
      </EmailSenderConfig>
    4. Optionally, customize the email templates that are in the <IOTS_HOME>/repository/resources/email-templates directory. 

      Info

      The email template functionality of WSO2 IoT Server is implemented on top of Apache Velocity, which is a free and open-source template engine.

      1. Open the email template that you wish to edit based on the requirement, such as the user-invitation.vm or user-registration.vm file.
      2. Edit the <Subject> and <Body>tosuite your requirement.
      3. Restart WSO2 IoT Server.

        Code Block
        cd <IOTS_HOME>/bin
        ./iot-server.sh
      Tip

      If you need to access HTTP or HTTPS base URLs of the server within your custom template configs, use the $base-url-http and $base-url-https variables, respectively

      Access the WSO2 device management console by navigating to  https://<IoT_HOST>:9443/devicemgt  and sign in.

    Expand
    titleClick here for more information.
    Panel
    borderColor#11375B
    bgColor#ffffff
    borderWidth2
    Insert excerpt
    Accessing the WSO2 IoT Server ConsolesAccessing the WSO2 IoT Server Consoles
    nopaneltrue
    Info

    If you click EXIT, you are not able to register your device with WSO2 IoT Server.

    Image Added

  • Tap Skip and go to Enrollment to proceed with the default Android enrollment process.
    If you want to set up the work profile and enable data containerization, click Setup Work-Profile. You will see the below screen only if your device is on the Lollipop OS version or above. Else, move to the next step.
    Image Added

  • Enter the server address based on your environment, in the text box provided. A confirmation message will appear.

    • Developer Environment - Enter the server IP as your server address.
      Example: 10.10.10.123:8280
    • Deployment Environment - Enter the domain as your server address.

      Note

      The Android Agent app's default port is 8280. If you are using any other port, the server address should state the new port in the following format: www.abc.com :<PORT>
      For example, if the port is 8289 the server IP is as follows: www.abc.com:8289

    Image Added
  • Enter your details and tap Register. A confirmation message will appear.
    • Organization - Enter the organization name only if the server is hosted with multi-tenant support or enter the default carbon.super, which is the default organization name on a non-multi-tenant environment.

    • Username - Enter your WSO2 IoT Server username.

    • Password - Enter your WSO2 IoT Server password. 

    Image Added

  • Read the tenant policy agreement, and tap Agree to accept the agreement.  
  • Tap ACTIVATE to enable the WSO2 agent administrator on your device. A confirmation message will appear after enabling the device admin.
    Image Added

  • Tap ALLOW to allow the WSO2 Android agent to make and manage phone calls, access photos, media and files, and access the device location respectively.

    Note

    You will get this message only if your Android OS is Marshmallow (6.0) or above.

    Example:

    Image Added

  • Allow WSO2 IoT Server to disable the do not disturb setting when it is enabled. This is required because having the do Not Disturb setting enabled will affect the ring, and mute operations. This settings is only shown for Android Nougat and above.

    1. Tap OK.
      Image Added

    2. Enable WSO2 Device Management for the Do Not Disturb setting.
      Image Added
    3. Click Allow.
      Image Added
  • Set a PIN code of your choice with a minimum of 4 digits. The PIN code will be used to secure your personal data. Thereby, the IoT server will not be able to carry out critical operations on your personal data without using this PIN. 
    Example: If the device management admin needs to wipe your device or remove data from the device, he/she can not directly wipe it without the PIN code. You have to provide the PIN code to get your device wiped or you can log into the device management console and wipe your device by entering the PIN code. A confirmation message will appear.

    Info

    You will be prompted to provide a PIN code only if your device is a BYOD device.

    Image Added

  • You have now successfully registered your Android device. Tap Device Information to get device specific information, and tap Unregister if you wish to unregister your device from WSO2 IoT Server.
    Image Added

    Expand
    titleClick here for more information on how to uninstall the Android agent.

    Follow the instructions below to uninstall the Android agent app:

    1. Open the Android agent application and click Unregister.

    2. Finally, go and uninstall the Android agent by tapping long on the device and then dragging it to UNINSTALL.
  • Localtab
    titleInviting via email
    Panel
    borderColor#11375B
    bgColor#ffffff
    borderWidth2
    Panel
    titlePrerequsite

    Configure the email settings to send out an invitation for users to register their device with WSO2 IoTS.

    Expand
    titleClick here for more information on configuring the email settings.
    Info

    In WSO2 IoTS, user registration confirmation emails are disabled by default, and the admin needs to provide the required configuration details to enable it.

    1. Create an email account to send out emails to users that register with IoT Server (e.g., no-reply@foo.com).

    2. Open the <IOTS_HOME>/repository/conf/axis2/axis2.xml file, uncomment the mailto transportSender section, and configure the IoTS email account.

      Code Block
      <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender">
         <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
         <parameter name="mail.smtp.port">587</parameter>
         <parameter name="mail.smtp.starttls.enable">true</parameter>
         <parameter name="mail.smtp.auth">true</parameter>
         <parameter name="mail.smtp.user">synapse.demo.0</parameter>
         <parameter name="mail.smtp.password">mailpassword</parameter>
         <parameter name="mail.smtp.from">synapse.demo.0@gmail.com</parameter>
      </transportSender>
      Info

      For mail.smtp.frommail.smtp.user, and mail.smtp.password, use the email address, username, and password (respectively) from the mail account you set up.

      Example:

      Code Block
      <transportSender name="mailto" class="org.apache.axis2.transport.mail.MailTransportSender">
         <parameter name="mail.smtp.host">smtp.gmail.com</parameter>
         <parameter name="mail.smtp.port">587</parameter>
         <parameter name="mail.smtp.starttls.enable">true</parameter>
         <parameter name="mail.smtp.auth">true</parameter>
         <parameter name="mail.smtp.user">foo</parameter>
         <parameter name="mail.smtp.password">$foo1234</parameter>
         <parameter name="mail.smtp.from">no-reply@foo.com</parameter>
      </transportSender>
    3. Optionally, configure the email sender thread pool.
      Navigate to the email-sender-config.xml file, which is in the <IOTS_HOME>/repository/conf/etc directory, and configure the following fields under <EmailSenderConfig>.

      • MinThreads: Defines the minimum number ofthreadsthatneeds to be available in the underlying thread pool when the email sender functionality is initialized.

      • MaxThreads: Defines the maximum number of threads that should serve email sending at any given time.

      • KeepAliveDuration: Defines the duration a connection should be kept alive. If the thread pool has initialized more connections than what was defined in MinThreads, and they have been idle for more than the KeepAliveDuration, those idle connections will be terminated

      • ThreadQueueCapacity: Defines the maximum concurrent email sending tasks that can be queued up.

      Example:

      Code Block
      <EmailSenderConfig>
         <MinThreads>8</MinThreads>
         <MaxThreads>100</MaxThreads>
         <KeepAliveDuration>20</KeepAliveDuration>
         <ThreadQueueCapacity>1000</ThreadQueueCapacity>
      </EmailSenderConfig>
    4. Optionally, customize the email templates that are in the <IOTS_HOME>/repository/resources/email-templates directory. 

      Info

      The email template functionality of WSO2 IoT Server is implemented on top of Apache Velocity, which is a free and open-source template engine.

      1. Open the email template that you wish to edit based on the requirement, such as the user-invitation.vm or user-registration.vm file.
      2. Edit the <Subject> and <Body>tosuite your requirement.
      3. Restart WSO2 IoT Server.
      Tip

      If you need to access HTTP or HTTPS base URLs of the server within your custom template configs, use the $base-url-http and $base-url-https variables, respectively

    1. Access the WSO2 device management console by navigating to https://<IoT_HOST>:9443/devicemgt and sign in.

      Expand
      titleClick here for more information.
      Panel
      borderColor#11375B
      bgColor#ffffff
      borderWidth2
      Insert excerpt
      Accessing the WSO2 IoT Server Consoles
      Accessing the WSO2 IoT Server Consoles
      nopaneltrue
    2. Click Invite by Email.
    3. Enter the email address of the users who need to enroll their device with WSO2 IoTS, and click Send Invite(s).
      If you entered your email address, you will receive the registration email.
    4. Click on the link in the email to download the Android agent.
    5. Click Download IoT Server Agent.

    6. Tap INSTALL to start installing the Android agent.
      Image Added

    7. Tap OPEN, once the WSO2 Android Agent is successfully installed.
    8. Tap Skip and go to Enrollment to proceed with the default Android enrollment process.
      If you want to set up the work profile and enable data containerization, click Setup Work-Profile. You will see the below screen only if your device is on the Lollipop OS version or above. Else, move to the next step.
      Image Added

    9. Enter the server address based on your environment, in the text box provided. A confirmation message will appear.

      • Developer Environment - Enter the server IP as your server address.
        Example: 10.10.10.123:8280 
      • Deployment Environment - Enter the domain as your server address.

        Note

        The Android Agent app's default port is 8280. If you are using any other port, the server address should state the new port in the following format: www.abc.com :<PORT>
        For example, if the port is 8289 the server IP is as follows: www.abc.com:8289

      Image Added

    10. Enter your details and tap SIGN IN. A confirmation message will appear.
      • Organization - Enter the organization name only if the server is hosted with multi-tenant support or enter the default carbon.super, which is the default organization name on a non-multi-tenant environment.

      • Username - Enter your WSO2 IoTS username.

      • Password - Enter your WSO2 IoTS password. 

      Image Added
    11. Read the tenant policy agreement, and tap Agree to accept the agreement.  
    12. Tap ALLOW to allow the WSO2 Android agent to make and manage phone calls, access photos, media,andfiles, and access the device location respectively.

      Note

      You will get this message only if your Android OS is Marshmallow (6.0) or above.

      Example:

      Image Added

    13. Set a PIN code of your choice with a minimum of 4 digits and tap SET PIN CODE. The PIN code will be used to secure your personal data. Thereby, the IoT server will not be able to carry out critical operations on your personal data without using this PIN. 
      Example: If the device management admin needs to wipe your device or remove data from the device, he/she can not directly wipe it without the PIN code. You have to provide the PIN code to get your device wiped or you can log into the device management console and wipe your device by entering the PIN code. A confirmation message will appear.

      Info

      You will be prompted to provide a PIN code only if your device is a BYOD device.

      Image Added

    14. Tap ACTIVATE to enable the WSO2 agent administrator on your device. A confirmation message will appear after enabling the device admin.
      Image Added
    15. You have now successfully registered your Android device. Tap Device Information to get device specific information, and tap Unregister if you wish to unregister your device from WSO2 IoT Server.
      Image Added

      Expand
      titleClick here for more information on how to uninstall the Android agent.

      Follow the instructions below to uninstall the Android agent app:

      1. Open the Android agent application and click Unregister.

      2. Finally, go and uninstall the Android agent by tapping long on the device and then dragging it to UNINSTALL.
    Localtab
    titleDownloading the APK
    Panel
    borderColor#11375B
    bgColor#ffffff
    borderWidth2
    1. Access the WSO2 device management console by navigating to https://<IoT_HOST>:9443/devicemgt and sign in.

      Expand
      titleClick here for more information.
      Panel
      borderColor#11375B
      bgColor#ffffff
      borderWidth2
      Insert excerpt
      Accessing the WSO2 IoT Server ConsolesAccessing the WSO2 IoT Server Consoles
      nopaneltrue
    2. Click Download APK.
    3. Copy the downloaded file to your mobile device.

  • Tap INSTALL to start installing the Android agent.

    Image Removed

  • Tap OPEN, once the WSO2 Android Agent is successfully installed.
  • You need to agree by clicking CONTINUE to share the device details listed in the following screen with WSO2 IoT Server when enrolling your Android device.

    Info

    If you click EXIT, you are not able to register your device with WSO2 IoT Server.

    Image Removed

  • Tap Skip and go to Enrollment to proceed with the default Android enrollment process.
    If you want to set up the work profile and enable data containerization, click Setup Work-Profile . You will see the below screen only if your device is on the Lollipop OS version or above. Else, move to the next step.
    Image Removed

  • Enter the server address based on your environment, in the text box provided. A confirmation message will appear.

    • Developer Environment - Enter the server IP as your server address.
      Example: 10.10.10.123:8280
    • Deployment Environment - Enter the domain as your server address.

      Note

      The Android Agent app's default port is 8280. If you are using any other port, the server address should state the new port in the following format: www.abc.com :<PORT>
      For example, if the port is 8289 the server IP is as follows: www.abc.com:8289

    Image Removed
  • Enter your details and tap Register
    1. bgColor#ffffff
      borderWidth2
      Insert excerpt
      Accessing the WSO2 IoT Server Consoles
      Accessing the WSO2 IoT Server Consoles
      nopaneltrue
    2. Click Download APK.
    3. Copy the downloaded file to your mobile device.
    4. Tap INSTALL to start installing the Android agent.

      Image Added

    5. Tap OPEN, once the WSO2 Android Agent is successfully installed.
    6. Tap Skip and go to Enrollment to proceed with the default Android enrollment process.
      If you want to set up the work profile and enable data containerization, click Setup Work-Profile. You will see the below screen only if your device is on the Lollipop OS version or above. Else, move to the next step.
      Image Added

    7. Enter the server address based on your environment, in the text box provided. A confirmation message will appear.

    Organization
      • Developer Environment - Enter the
    organization name only if the server is hosted with multi-tenant support or enter the default carbon.super, which is the default organization name on a non-multi-tenant environment.
  • Username - Enter your WSO2 IoT Server username.

  • Password - Enter your WSO2 IoT Server password. 

  • Image Removed

  • Read the tenant policy agreement, and tap Agree to accept the agreement.  
  • Tap ACTIVATE to enable the WSO2 agent administrator on your device. A confirmation message will appear after enabling the device admin.
    Image Removed

  • Tap ALLOW to allow the WSO2 Android agent to make and manage phone calls, access photos, media and files, and access the device location respectively.

    Note

    You will get this message only if your Android OS is Marshmallow (6.0) or above.

    Example:

    Image Removed

  • Allow WSO2 IoT Server to disable the do not disturb setting when it is enabled. This is required because having the do Not Disturb setting enabled will affect the ring, and mute operations. This settings is only shown for Android Nougat and above.

  • Tap OK.
    Image Removed

  • Enable WSO2 Device Management for the Do Not Disturb setting.
    Image Removed
  • Click Allow.
    Image Removed
      • server IP as your server address.
        Example: 10.10.10.123:8280 
      • Deployment Environment - Enter the domain as your server address.

        Note

        The Android Agent app's default port is 8280. If you are using any other port, the server address should state the new port in the following format: www.abc.com :<PORT>
        For example, if the port is 8289 the server IP is as follows: www.abc.com:8289

      Image Added

    1. Enter your details and tap Register. A confirmation message will appear.
      • Organization

      • Username - Enter your WSO2 IoTS username.

      • Password - Enter your WSO2 IoTS password. 

      Image Added
    2. Read the tenant policy agreement, and tap Agree to accept the agreement.  
    3. Tap ALLOW to allow the WSO2 Android agent to make and manage phone calls, access photos, media,andfiles, and access the device location respectively.

      Note

      You will get this message only if your Android OS is Marshmallow (6.0) or above.

      Example:

      Image Added

    4. Set a PIN code of your choice with a minimum of 4 digits and type SET PIN CODE. The PIN code will be used to secure your personal data. Thereby, the IoT server will not be able to carry out critical operations on your personal data without using this PIN. 
      Example: If the device management admin needs to wipe your device or remove data from the device, he/she can not directly wipe it without the PIN code. You have to provide the PIN code to get your device wiped or you can log into the device management console and wipe your device by entering the PIN code. A confirmation message will appear.

      Info

      You will be prompted to provide a PIN code only if your device is a BYOD device.

    Image Removed
    1. Image Added

    2. Tap ACTIVATE to enable the WSO2 agent administrator on your device. A confirmation message will appear after enabling the device admin.
      Image Added
    3. You have now successfully registered your Android device. Tap Device Information to get device specific information, and tap Unregister if you wish to unregister your device from WSO2 IoT Server.
      Image Modified

      Expand
      titleClick here for more information on how to uninstall the Android agent.

      Follow the instructions below to uninstall the Android agent app:

      1. Open the Android agent application and click Unregister.

      2. Finally, go and uninstall the Android agent by tapping long on the device and then dragging it to UNINSTALL.


    Try it out

    You can view device details and carry out operations on your device, after successfully enrolling it with WSO2 IoTS. Let's take a look at how you can do it:

    ...