OAuth 2.0 Device Authorization Grant Support

Workcloud Communication PTT Pro for Android Configuration Guide

Input-constrained devices that connect to the internet, rather than authenticate the user directly, ask users to go to a link on their computer or smartphone to authorize the device. This avoids a poor user experience for devices that do not have an easy way to enter text.

PTT Pro for Android

supports OAuth 2.0 Device Authorization Grant (Flow) with supported Identity Providers (IdP). To enable this support, configure the following parameters in

PTT Pro for Android

A Zebra administrator will configure the appropriate OAuth parameters, including the client secret and the authorization URL when creating the customer in

Workcloud Communication Provisioning Manager

Prerequisites

ESN/AID of the device must be added to the

Devices

tab in the

Workcloud Communication PTT Pro Management Portal

must be configured to use OAuth under the

Users

tab in the

Workcloud Communication PTT Pro Management Portal

Requires PTT Pro 3.3.10223 or later.

OAuth Parameters for Device Authorization Grant Support
Parameter	Description	Type	Default Value	Configurable Values
enableDeviceAuth	Uses the OAuth device authorization grant.	Boolean	false	true false
enableTokenValidation	PTT Pro client signs out when the refresh token expires, regardless of the client's status. This parameter requires that enableDeviceAuth is true.	Boolean	false	true enables token validation false turn off token validation

These parameters are only supported for the standalone PTT Pro client. A

Profile Manager

deployment is not supported.

Sign In Using Device as Code

Starting with

PTT Pro for Android

3.3.10256, the

enableDeviceAuth

parameter displays a QR code to provision a device.

UI Examples

WS50 screen with scannable code to provision PTT Pro — WS50 with Scannable Code

TC78 screen with scannable code to provision PTT Pro. — TC78 with Scannable Code