Recent discussions
Need Help with QR Enrollment for Multiple Devices in Educational Environment – Is External MDM Required?
Hi everyone, I'm managing a large number of Android tablets in an educational environment. I'm trying to enroll the devices using Android Enterprise with QR code enrollment, but I'm having trouble getting the QR method to appear. So far, only Zero-Touch shows as an option, but most of our devices were not purchased through Zero-Touch resellers, so we can't use that method. My main question is: Is it strictly necessary to use an external MDM (like Miradore, Intune, etc.) to generate the QR code, or is there a way to create and use it directly from the Google Admin console or natively through Android Enterprise? We want to deploy the tablets efficiently and avoid entering accounts manually. Ideally, each device would automatically enroll with our managed Google Play account by scanning a QR code after a factory reset. This is especially important in a school context, where we have many students and limited time for configuration. We are already registered in Google Workspace, and the tablets are in a dedicated organizational unit for students. The admin account is managed, and we are using the Android Enterprise platform linked to our domain. For reference, here are two YouTube videos showing the configuration steps I followed (which reflect our current setup): https://www.youtube.com/watch?v=jI-C_y1u8jE https://www.youtube.com/watch?v=h__pvfp559Q Any advice or clarification would be greatly appreciated. Especially if there’s a native way to enable QR enrollment without needing a full external MDM platform. Thanks in advance!OTA cache host is down
Hello peeps I fancied running automated network connectivity checks in one of my apps. Pulled in the list from the Devices category of network requirements and it looks like one of the OTA cache servers has been down for at least a week. ota-cache2.googlezip.net I raised it quietly but figured it was worth calling out here also.
getting ready for work setup get the issue of something went wrong your app cannot become device owner by the qr code provisison by json in android
i am facing the issue in android 14 or 15 when ever i build the unsigned build it work fine for the android 13 after that it give the error like something went wrong please contact to the it admin and i am build the singed build it give error for the checksum error cannot setup but same thing if i make my app as a device owner by adb command it work fine for me let me know how to fix this issue? i try to replace the checksum and i match both checksum both are same it getting error for me why? below is my mention qr code json, {"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME": "com.abc.abc/com.abc.abc.utils.receiver.MyDeviceAdminReceiver", "android.app.extra.PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM": "F-EJlegNKdVupdJupPmWz34s2INjWVUDS5ErL-DuETc=", "android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION": "https://downloadapk", "android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED": true}
QR code provisioning - Run OEM Wizard
Hi, I've got a device owner app I've written, it's working well when I install it via a QR code, but I want the stock Pixel / Moto setup wizard to run during / after the device owner setup wizard. I've done quite a lot of research, this doesn't appear to be easy! Any pointers / leads in the right direction to how I might achieve this would be greatly appreciated. Methods, source code to read, etc. Thanks, Richard
Getting DEVICE_POLICY_MANAGEMENT role
I'm stuck with getting DEVICE_POLICY_MANAGEMENT role for my application. DevicePolicyManager reports that my application is active admin (isAdminActive() returns 'true') and device owner (isDeviceOwnerApp() returns 'true'). But role is not assigned ('dumpsys role' reports no holders for android.app.role.DEVICE_POLICY_MANAGEMENT). Pre-requisites for getting this role seem to be fulfilled (like required-components from roles.xml) Found this article from @jasonbayton saying "Only an OEM can grant this permission to an application". Does this mean there's no way for downloaded application to get DEVICE_POLICY_MANAGEMENT role and device's configuration files to be modified for granting this role (config_devicePolicyManagement)? Thank you!
Zero Touch Customer API Feature Request
{written in Gemini ;) who literally wrote this out perfectly} I'm requesting an enhancement to the Android Device Provisioning API (Zero Touch) to include filtering capabilities, specifically the ability to filter devices by serial number (and other relevant fields) in the initial API call. Current Situation: Currently, the API lacks direct filtering. As demonstrated in the code below, to find a device by its serial number, we must: Make a call to list all devices for a customer. Iterate through the entire list of devices in the response to find the specific device. Iterate through any following pages if not found on the first page. This is inefficient, especially for customers with a large number of provisioned devices. const listDevicesUrl = `https://androidprovisioning.googleapis.com/v1/customers/${customerId}/devices`; // ... const listResponse = await fetch(listDevicesUrl, { ... }); const listData = await listResponse.json(); let foundDevice = null; if (listData && listData.devices) { foundDevice = listData.devices.find(device => device.deviceMetadata && device.deviceMetadata.serialNumber === serialNumber); } Desired Feature: I propose adding a filter parameter to the device listing API, allowing us to directly query for devices based on specific criteria, such as serial number, manufacturer, model, and IMEI. For example, the API call could look like this: https://androidprovisioning.googleapis.com/v1/customers/{customerId}/devices?filter=serialNumber={serialNumber} This would significantly improve the efficiency of device management and reduce the amount of data that needs to be transferred and processed. Benefits: Improved Efficiency: Reduces the number of API calls and the amount of data transferred. Faster Processing: Speeds up device identification and management operations. Reduced Load: Decreases the load on Google's API servers and client applications. Simplified Development: Makes it easier for developers to integrate with the API. I believe that adding filtering capabilities to the Android Device Provisioning API would be a valuable improvement and would greatly benefit the Android Enterprise community. Thank you for considering our request.
AE managed apps are not auto installed on devices after device enrollment
Hello, We manage Android mobile devices with an Ivanti MobileIron MDM. For the past few days, we have been experiencing issues with forced installations—they are no longer being pushed to our devices (silent install). Ivanti has indicated that Google support tickets have been opened. Bug referenced at Ivanti: It shows gms complaining about bad authentication in bugreport: [RequestTokenManager] getToken() -> BAD_AUTHENTICATION. App: com.google.android.gms, Service: oauth2:https://www.googleapis.com/auth/experimentsandconfigs Current understand of possible cause is that when issue occurs, google play account failed to got authenticated and re-auth could not recover it properly in time. Resolution We have several tickets open with google for now, and working with google on this issue. Google ticket number: 399818918 398768257 395681748 393388830 Google is rolling out a backend fix. Do you perhaps have more information about the issue and/or its resolution ? Are other people affected ? Thank you in advance for your help :) Adam
Unable to connect an external fingerprint scanner on KIOSK mode while scanner is working fine in non-kiosk mode
Issue: We are unable to connect an external fingerprint scanner on KIOSK mode while scanner is working fine in non-kiosk mode. Below is the policy. With this same policy we are able to connect to external scanner when we just change from KIOSK to Force_Installed. https://api.npoint.io/15f073eed7df2239c25aThe Ongoing Evolution of Android: Where Do We Go From Here?
Android has come a long way since its early days, evolving from a basic smartphone OS to a powerful platform that powers billions of devices worldwide. With every major release, we see improvements in performance, security, design, and user experience. From Android’s open-source flexibility to the introduction of Material You and AI-driven features, the platform keeps pushing the boundaries. One of the strengths of Android has always been its customization. Users love being able to tweak their device—from launchers and widgets to ROMs and root access. However, as Android becomes more polished and secure, some of these freedoms have become more limited. Is the trade-off worth it? Another topic worth exploring is Android’s fragmentation. While it gives manufacturers flexibility, it also creates inconsistency in updates and app performance. With initiatives like Project Treble and Android One, Google has made strides, but are we seeing real results? And now with AI integration, foldable phones, and powerful chipsets becoming the norm, it’s exciting to think about where Android is headed next. What are your thoughts on the current state of Android? Are you satisfied with the direction it’s going, or do you miss the old Android freedom? What improvements would you like to see in the next version? Looking forward to hearing everyone’s thoughts!
Can we set beta channel of public app in policy?
We have an application published on the play store that is used as require for setup app, I have different channels in play console, production and beta/closed. In AMAPI policy, we can set "accessibleTrackIds": [ string ] so that a particular channel is used to download the application. Here is the issue, when we go to the advanced settings in the play console for the app and turn on Managed Google Play, it shows that the app will become private and this can not be undone. Is this the way or we can use the public application's testing channel by specifying its track id in the policy and it will download for eg. if beta is added then it will download the beta channel app and if there is no track id mentioned then it will default to the production application? Another thing is that, how to get the track id in case we can do this?
