Android

In this tutorial, you are enrolling your Android device also known as Bring Your Own Device (BYOD) with WSO2 IoT Server. WSO2 IoTS supports devices on Android version 4.2.x to 7.0 (Android Jelly Beans to Nougat). If you want to enroll a Corporate-Owned, Personally Enabled (COPE) device, you need to configure WSO2 IoT Server is the system service application and install the configured Android agent on the device.

The following subsections explain how you can work with the Android device type:

Enroll an Android device

Follow the instructions given below to enroll an Android device:

1. Tap INSTALL to start installing the Android agent.

   

2. Tap OPEN, once the WSO2 Android Agent is successfully installed.

3. You need to agree by clicking CONTINUE to share the device details listed in the following screen with WSO2 IoT Server when enrolling your Android device.

   If you click EXIT, you are not able to register your device with WSO2 IoT Server.

   

4. Tap Skip and go to Enrollment to proceed with the default Android enrollment process.
   If you want to set up the work profile and enable data containerization, click Setup Work-Profile . You will see the below screen only if your device is on the Lollipop OS version or above. Else, move to the next step.
   

5. Enter the server address based on your environment, in the text box provided. A confirmation message will appear.

   • Developer Environment - Enter the server IP as your server address.
     Example: 10.10.10.123:8280

   • Deployment Environment - Enter the domain as your server address.

     The Android Agent app's default port is 8280. If you are using any other port, the server address should state the new port in the following format: www.abc.com :<PORT>
     For example, if the port is 8289 the server IP is as follows: www.abc.com:8289

   
6. Enter your details and tap Register. A confirmation message will appear.
   

   • Organization - Enter the organization name only if the server is hosted with multi-tenant support or enter the default carbon.super, which is the default organization name on a non-multi-tenant environment.
     

   • Username - Enter your WSO2 IoT Server username.

   • Password - Enter your WSO2 IoT Server password. 

   

7. Read the tenant policy agreement, and tap Agree to accept the agreement.  

8. Tap ACTIVATE to enable the WSO2 agent administrator on your device. A confirmation message will appear after enabling the device admin.
   

9. Tap ALLOW to allow the WSO2 Android agent to make and manage phone calls, access photos, media and files, and access the device location respectively.

   You will get this message only if your Android OS is Marshmallow (6.0) or above.

   Example:

   

10. Allow WSO2 IoT Server to disable the do not disturb setting when it is enabled. This is required because having the do Not Disturb setting enabled will affect the ring, and mute operations. This settings is only shown for Android Nougat and above.

    1. Tap OK.
       

    2. Enable WSO2 Device Management for the Do Not Disturb setting.
       
    3. Click Allow.
       

11. Set a PIN code of your choice with a minimum of 4 digits. The PIN code will be used to secure your personal data. Thereby, the IoT server will not be able to carry out critical operations on your personal data without using this PIN. 
    Example: If the device management admin needs to wipe your device or remove data from the device, he/she can not directly wipe it without the PIN code. You have to provide the PIN code to get your device wiped or you can log into the device management console and wipe your device by entering the PIN code. A confirmation message will appear.

    You will be prompted to provide a PIN code only if your device is a BYOD device.

    

12. You have now successfully registered your Android device. Tap Device Information to get device specific information, and tap Unregister if you wish to unregister your device from WSO2 IoT Server.
    

     Click here for more information on how to uninstall the Android agent.

    Follow the instructions below to uninstall the Android agent app:

    1. Open the Android agent application and click Unregister.

    2. Finally, go and uninstall the Android agent by tapping long on the device and then dragging it to UNINSTALL.

Try it out

You can view device details and carry out operations on your device, after successfully enrolling it with WSO2 IoTS. Let's take a look at how you can do it:

1. Navigate to the Device Management page to view all the created devices.

    Click here for more information on navigating to the Device Management page.

   1. Sign in to the Device Management console.
   2. Click the icon.
   3. Click Device Management.
      

2. Click the view icon on the Android device you enrolled.
   Example:
   

3. You will be directed to the device details page where you can view the device information and try out operations on a device.
   Example:
   

    View device details

   The details of each registered devices will be shown on separate pages within the Device page.

   	Description
   Device Details	The following device information will be retrieved automatically when you register with IoTS. Device This shows the name the user has given his/her device (e.g., Kim's iPhone). Ownership Indicates if the device is your own device/Bring Your Own Device (BYOD) or if it's a Corporate-Owned, Personally Enabled (COPE) device. For the device to be a COPE device, WSO2 IoT Server must be configured to use the system server application. Status Indicates if the device is active, inactive or removed from WSO2 IoTS.
   Policy Compliance	If your device does not comply with certain criteria in the enforced policy, the aspects in which your device is none compliant will be highlighted under this section.
   Device Location	Provide the location of your device.
   Installed Application	A list of all the applications that have been installed on your device and the memory consumption by each application will be listed under this section.
   Operation Log	A list of all the operations that have been carried out by you and its current status. The operation logs shows the following statuses: IN-PROGRESS - The operation is processing on the IoT server side and has not yet been delivered to the device. PENDING - The operation is delivered to the device but the response from the device is pending. COMPLETED - The operation is delivered to the device and the server has received a response back from the device. ERROR - An error has occurred while carrying out the operation.

    Device operations

   The default operations that are available for Android devices are accessible for BYOD devices. The COPE devices can only carry out selected operations. If you want to enable the COPE devices to carry out more operations or if you want to limit BYOD devices from carrying out selected operations, you can do so via policies.

   Click on the operation you wish to carry out and provide the required details (if requested) to apply the selected operation on your device.

   Operation	Description
   Device Lock	Ability to lock a device via the IoT Server.
   Device Unlock	Ability to unlock the device via the IoT Server
   Location	Ability to receive the location of the device.
   Mute Device	Ability to enable the silent profile on a device via the IoT Server.
   Enterprise Wipe	Ability to unregister a device from IoTS.
   Clear Password	Ability to remove a device lock via the IoT Server. For Android 7.0 (API 24) and higher devices Clear password for device admins now apply to profile owners. Device admins can no longer clear passwords that are already set.
   Change Lock-Code	Ability to change the provided passcode or lock-code. For Android 7.0 (API 24) and higher devices Change lock code for device admins now apply to profile owners. Device admins can no longer change lock codes that are already set. Device admins can still set a lock code, but only when the device has no password, PIN, or pattern.
   Ring	Ability to ring the device via the IoT Server.
   Message	Ability to send a message to the device via the IoT Server. The IoTS admin can use this device operation to send group messages or even private messages to the IoTS users.
   Wipe Data	Ability to carry out a factory reset operation on your own device via the IoT Server. The user will have to provide the PIN, which he/she entered when registering to IoTS, to be able to wipe his/her device.
   Reboot	Ability to reboot or restart your Android device.
   Upgrade Firmware	Ability to upgrade the firmware to a newer version, over-the-air (OTA) For more information, see Upgrading Firmware of an Android Device.
   Logcat	Ability to push logcat of the device to the analytics server. Logcat displays messages in real time and keeps a history so you can view the old messages.

   System service application operations

   WSO2 IoT Server provides a separate service application that can be signed by a firmware signing key and installed on the devices as a system application alongside the Android agent application. This enables you to have better control over the devices registered with WSO2 IoT Server. to install the system service application on the devices, you need to integrate it with WSO2 IoT Server. For more information, see Integrating the Android System Service Application.

   You can perform the following operations if you have the system service application installed on your Android device.

   • Schedule firmware upgrades on the device.
   • Reboot or restart your device.
   • Install and update applications in silent mode that is without the user's confirmation via the system service application.
   • Hard lock an Android device, where the Administrator permanently locks the device.
   • Unlock a device that was hard locked.