Skip to main content
G
gaoyu
New Member
February 2, 2026
Solved

Sign_in url

  • February 2, 2026
  • 1 reply
  • 0 views


Regarding the function of configuring the login URL, I have configured the signUrl for the enterprise, and then obtained the signinEnrollmentToken of the enterprise through get, and placed its qrcode into the QR code. When I configure the device, my device redirects to the configured signUrl page, and then after successfully logging in by entering the account and password, I need to call enrollmentTokens.create. However, how can I obtain my enterprise id? Is there any good suggestion

Best answer by BlueJay1


It sounds like you are navigating the custom enrollment flow for Android Enterprise.  This is often referred to as the Zero touch or QR enrollment with a custom style login.

The short answer is: you generally shouldn't need to "find" the Enterprise ID dynamically during the login process because the sign in Enrollment Token is already bound to a specific enterprise.

Here is the breakdown of how to handle the Enterprise ID and the token creation process efficiently.

1. The Relationship Hierarchy

When you generate the sign in Enrollment Token, it is generated under a specific enterprise resource. The flow usually looks like this:

Admin Portal: You (the developer/admin) already know the Enterprise ID (e.g., enterprises/LC0xxxxxx).
Token Generation: You call ('enterprises. sign in Enrollment Tokens. create') using that ID.
Device Side: The device scans the QR code containing that specific token.
Redirect: The device hits your sign Url.
2. How to "Get" the Enterprise ID at Login

Since your sign Url page is where the user logs in, you have two primary ways to ensure you have the Enterprise ID ready for the enrollment Tokens .create call:

The URL Parameter Strategy (Recommended): When you configure your sign Url in the enterprise settings, don't just put https://yourdomain.com/login. Instead, use a placeholder or hardcode the ID: https://yourdomain.com/login?enterpriseId=LC0 xxxxxx. When the device redirects to your page, your web app can grab that ID from the query string.
The Backend Mapping: If you are a multi-tenant EMM (Enterprise Mobility Management) provider, you likely have a database mapping your internal "User Accounts" to "Android Enterprise IDs." Once the user logs in with their email/password on your sign Url, your backend should look up which enterprise-Id is associated with that user's domain or organization.
3. The Custom Enrollment Flow

Once the user is authenticated on your page, you need to pass the new enrollment token back to the device.

Auth Success: User enters credentials on your sign Url.
Token Creation: Your server calls the Google Play EMM API: POST https:// androidmanagement.googleapis.com/v1/{parent=enterprises/*}/enrollment Tokens
The Callback: Your sign Url page must then communicate this new enrollment Token back to the device (usually via a JavaScript bridge or by redirecting to a specific callback URL provided by the setup wizard).

Hope this helps you out.

 

BlueJay~1

1 reply

B
BlueJay1Answer
New Member
February 2, 2026


It sounds like you are navigating the custom enrollment flow for Android Enterprise.  This is often referred to as the Zero touch or QR enrollment with a custom style login.

The short answer is: you generally shouldn't need to "find" the Enterprise ID dynamically during the login process because the sign in Enrollment Token is already bound to a specific enterprise.

Here is the breakdown of how to handle the Enterprise ID and the token creation process efficiently.

1. The Relationship Hierarchy

When you generate the sign in Enrollment Token, it is generated under a specific enterprise resource. The flow usually looks like this:

Admin Portal: You (the developer/admin) already know the Enterprise ID (e.g., enterprises/LC0xxxxxx).
Token Generation: You call ('enterprises. sign in Enrollment Tokens. create') using that ID.
Device Side: The device scans the QR code containing that specific token.
Redirect: The device hits your sign Url.
2. How to "Get" the Enterprise ID at Login

Since your sign Url page is where the user logs in, you have two primary ways to ensure you have the Enterprise ID ready for the enrollment Tokens .create call:

The URL Parameter Strategy (Recommended): When you configure your sign Url in the enterprise settings, don't just put https://yourdomain.com/login. Instead, use a placeholder or hardcode the ID: https://yourdomain.com/login?enterpriseId=LC0 xxxxxx. When the device redirects to your page, your web app can grab that ID from the query string.
The Backend Mapping: If you are a multi-tenant EMM (Enterprise Mobility Management) provider, you likely have a database mapping your internal "User Accounts" to "Android Enterprise IDs." Once the user logs in with their email/password on your sign Url, your backend should look up which enterprise-Id is associated with that user's domain or organization.
3. The Custom Enrollment Flow

Once the user is authenticated on your page, you need to pass the new enrollment token back to the device.

Auth Success: User enters credentials on your sign Url.
Token Creation: Your server calls the Google Play EMM API: POST https:// androidmanagement.googleapis.com/v1/{parent=enterprises/*}/enrollment Tokens
The Callback: Your sign Url page must then communicate this new enrollment Token back to the device (usually via a JavaScript bridge or by redirecting to a specific callback URL provided by the setup wizard).

Hope this helps you out.

 

BlueJay~1

G
gaoyuAuthor
New Member
February 5, 2026

Thank you very much for your reply. I have already solved it

Emilie_B
Emilie_B
Community Manager
February 5, 2026

Hi @gaoyu  - thank you for the update!

Could you let us know which process you've followed to resolve the issue? 

This way, other members that see this query in the future will know exactly how to solve it!

 

In the meantime, I'll mark @BlueJay1 's answer as solution. Thank you for your assistance on this one 🤩

Terms & ConditionsCookie settingsAccessibility statement