OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 syntax = "proto2"; | |
6 | |
7 option optimize_for = LITE_RUNTIME; | |
8 | |
9 package enterprise_management; | |
10 | |
11 // Request from device to server to register device. | |
12 message DeviceRegisterRequest { | |
13 // Reregister device without erasing server state. It can be used | |
14 // to refresh dmtoken etc. Client MUST set this value to true if it | |
15 // reuses an existing device id. | |
16 optional bool reregister = 1; | |
17 | |
18 // Device register type. This field does not exist for TT release. | |
19 // When a client requests for policies, server should verify the | |
20 // client has been registered properly. For example, a client must | |
21 // register with type DEVICE in order to retrieve device policies. | |
22 enum Type { | |
23 TT = 0; // Register for TT release. | |
24 USER = 1; // Register for Chrome OS user polices. | |
25 DEVICE = 2; // Register for device policies. | |
26 BROWSER = 3; // Register for Chrome user policies. | |
27 ANDROID_BROWSER = 4; // Register for Android Chrome browser user policies. | |
28 IOS_BROWSER = 5; // Register for iOS Chrome browser user policies. | |
29 } | |
30 // NOTE: we also use this field to detect client version. If this | |
31 // field is missing, then the request comes from TT. We will remove | |
32 // Chrome OS TT support once it is over. | |
33 optional Type type = 2 [default = TT]; | |
34 | |
35 // Machine hardware id, such as serial number. | |
36 // This field is required if register type == DEVICE. | |
37 optional string machine_id = 3; | |
38 | |
39 // Machine model name, such as "ZGA", "Cr-48", "Nexus One". If the | |
40 // model name is not available, client SHOULD send generic name like | |
41 // "Android", or "Chrome OS". | |
42 optional string machine_model = 4; | |
43 | |
44 // When true, indicates that the |machine_id| has been identified as auto- | |
45 // enrollment candidate on the client and the server can use it to verify | |
46 // that the client is to be enrolled in the correct mode. | |
47 // Defaults to false when not present. | |
48 optional bool auto_enrolled = 5; | |
49 | |
50 // Indicates a requisition of the registering entity that the server can act | |
51 // upon. This allows clients to pass hints e.g. at device enrollment time | |
52 // about the intended use of the device. | |
53 optional string requisition = 6; | |
54 } | |
55 | |
56 // Response from server to device register request. | |
57 message DeviceRegisterResponse { | |
58 // Device management token for this registration. This token MUST be | |
59 // part of HTTP Authorization header for all future requests from | |
60 // device to server. | |
61 required string device_management_token = 1; | |
62 | |
63 // Device display name. By default, server generates the name in | |
64 // the format of "Machine Model - Machine Id". However, domain | |
65 // admin can update it using CPanel, so do NOT treat it as constant. | |
66 optional string machine_name = 2; | |
67 | |
68 // Enum listing the possible modes the device should be locked into when the | |
69 // registration is finished. | |
70 enum DeviceMode { | |
71 // In ENTERPRISE mode the device has no local owner and device settings are | |
72 // controlled through the cloud policy infrastructure. Auto-enrollment is | |
73 // supported in that mode. | |
74 ENTERPRISE = 0; | |
75 // Devices in RETAIL mode also have no local owner and get their device | |
76 // settings from the cloud, but additionally this mode enables the demo | |
77 // account on the device. | |
78 RETAIL = 1; | |
79 } | |
80 optional DeviceMode enrollment_type = 3 [default = ENTERPRISE]; | |
81 } | |
82 | |
83 // Request from device to server to unregister device. | |
84 // GoogleDMToken MUST be in HTTP Authorization header. | |
85 message DeviceUnregisterRequest { | |
86 } | |
87 | |
88 // Response from server to device for unregister request. | |
89 message DeviceUnregisterResponse { | |
90 } | |
91 | |
92 // Request from device to server to upload device EMCert | |
93 // (enteprise machine cert used for remote attestation). | |
94 // GoogleDMToken MUST be in HTTP Authorization header. | |
95 message DeviceCertUploadRequest { | |
96 // EMCert in X.509 format. | |
97 optional bytes device_certificate = 1; | |
98 } | |
99 | |
100 // Response from server to device for cert upload request. | |
101 message DeviceCertUploadResponse { | |
102 } | |
103 | |
104 // Request to access a Google service with the given scope. | |
105 message DeviceServiceApiAccessRequest { | |
106 // The list of auth scopes the device requests from DMServer. | |
107 repeated string auth_scope = 1; | |
108 | |
109 // OAuth2 client ID to which the returned authorization code is bound. | |
110 optional string oauth2_client_id = 2; | |
111 } | |
112 | |
113 message DeviceServiceApiAccessResponse { | |
114 // The OAuth2 authorization code for the requested scope(s). | |
115 // This can be exchanged for a refresh token. | |
116 optional string auth_code = 1; | |
117 } | |
118 | |
119 message PolicyFetchRequest { | |
120 // This is the policy type, which maps to D3 policy type internally. | |
121 // By convention, we use "/" as separator to create policy namespace. | |
122 // The policy type names are case insensitive. | |
123 // | |
124 // Possible values for Chrome OS are: | |
125 // google/chromeos/device => ChromeDeviceSettingsProto | |
126 // google/chromeos/user => ChromeSettingsProto | |
127 // google/chromeos/publicaccount => ChromeSettingsProto | |
128 // google/chrome/extension => ExternalPolicyData | |
129 // google/android/user => ChromeSettingsProto | |
130 // google/ios/user => ChromeSettingsProto | |
131 optional string policy_type = 1; | |
132 | |
133 // This is the last policy timestamp that client received from server. | |
134 optional int64 timestamp = 2; | |
135 | |
136 // Tell server what kind of security signature is required. | |
137 enum SignatureType { | |
138 NONE = 0; | |
139 SHA1_RSA = 1; | |
140 } | |
141 optional SignatureType signature_type = 3 [default = NONE]; | |
142 | |
143 // The version number of the public key that is currently stored | |
144 // on the client. This should be the last number the server had | |
145 // supplied as new_public_key_version in PolicyData. | |
146 // This field is unspecified if the client does not yet have a | |
147 // public key. | |
148 optional int32 public_key_version = 4; | |
149 | |
150 // Machine hardware id, such as serial number. | |
151 // This field is should be set only if the serial number for the device is | |
152 // missing from the server, as indicated by the valid_serial_number_missing | |
153 // field in the last policy fetch response. | |
154 optional string machine_id = 5; | |
155 | |
156 // This field is used for devices to send the additional ID to fetch settings. | |
157 // Retrieving some settings requires more than just device or user ID. | |
158 // For example, to retrieve public account, devices need to pass in | |
159 // public account ID in addition to device ID. To retrieve extension or | |
160 // plug-in settings, devices need to pass in extension/plug-in ID in | |
161 // addition to user ID. | |
162 // policy_type represents the type of settings (e.g. public account, | |
163 // extension) devices request to fetch. | |
164 optional string settings_entity_id = 6; | |
165 | |
166 // If this fetch is due to a policy invalidation, this field contains the | |
167 // version provided with the invalidation. The server interprets this value | |
168 // and the value of invalidation_payload to fetch the up-to-date policy. | |
169 optional int64 invalidation_version = 7; | |
170 | |
171 // If this fetch is due to a policy invalidation, this field contains the | |
172 // payload delivered with the invalidation. The server interprets this value | |
173 // and the value of invalidation_version to fetch the up-to-date policy. | |
174 optional bytes invalidation_payload = 8; | |
175 } | |
176 | |
177 // This message is included in serialized form in PolicyFetchResponse | |
178 // below. It may also be signed, with the signature being created for | |
179 // the serialized form. | |
180 message PolicyData { | |
181 // See PolicyFetchRequest.policy_type. | |
182 optional string policy_type = 1; | |
183 | |
184 // [timestamp] is milliseconds since Epoch in UTC timezone. It is | |
185 // included here so that the time at which the server issued this | |
186 // response cannot be faked (as protection against replay attacks). | |
187 // It is the timestamp generated by DMServer, NOT the time admin | |
188 // last updated the policy or anything like that. | |
189 optional int64 timestamp = 2; | |
190 | |
191 // The DM token that was used by the client in the HTTP POST header | |
192 // for authenticating the request. It is included here again so that | |
193 // the client can verify that the response is meant for him (and not | |
194 // issued by a replay or man-in-the-middle attack). | |
195 optional string request_token = 3; | |
196 | |
197 // The serialized value of the actual policy protobuf. This can be | |
198 // deserialized to an instance of, for example, ChromeSettingsProto, | |
199 // ChromeDeviceSettingsProto, or ExternalPolicyData. | |
200 optional bytes policy_value = 4; | |
201 | |
202 // The device display name assigned by the server. It is only | |
203 // filled if the display name is available. | |
204 // | |
205 // The display name of the machine as generated by the server or set | |
206 // by the Administrator in the CPanel GUI. This is the same thing as | |
207 // |machine_name| in DeviceRegisterResponse but it might have | |
208 // changed since then. | |
209 optional string machine_name = 5; | |
210 | |
211 // Version number of the server's current public key. (The key that | |
212 // was used to sign this response. Numbering should start at 1 and be | |
213 // increased by 1 at each key rotation.) | |
214 optional int32 public_key_version = 6; | |
215 | |
216 // The user this policy is intended for. In case of device policy, the name | |
217 // of the owner (who registered the device). | |
218 optional string username = 7; | |
219 | |
220 // In this field the DMServer should echo back the "deviceid" HTTP parameter | |
221 // from the request. | |
222 optional string device_id = 8; | |
223 | |
224 // Indicates which state this association with DMServer is in. This can be | |
225 // used to tell the client that it is not receiving policy even though the | |
226 // registration with the server is kept active. | |
227 enum AssociationState { | |
228 // Association is active and policy is pushed. | |
229 ACTIVE = 0; | |
230 // Association is alive, but the corresponding domain is not managed. | |
231 UNMANAGED = 1; | |
232 // Client got dropped on the server side. | |
233 DEPROVISIONED = 2; | |
234 } | |
235 optional AssociationState state = 9 [default = ACTIVE]; | |
236 | |
237 // Indicates if the the server cannot find a valid serial number for the | |
238 // device. If this flag is set, the device should send the valid serial | |
239 // number with a device policy fetch request. Note that this only | |
240 // applies to device policy. | |
241 optional bool valid_serial_number_missing = 10; | |
242 | |
243 // Indicates which public account or extension/plug-in this policy data is | |
244 // for. See PolicyFetchRequest.settings_entity_id for more details. | |
245 optional string settings_entity_id = 11; | |
246 | |
247 // Indicates the identity the device service account is associated with. | |
248 // This is only sent as part of device policy fetch. | |
249 optional string service_account_identity = 12; | |
250 | |
251 // The object source which hosts policy objects within the invalidation | |
252 // service. This value is combined with invalidation_name to form the object | |
253 // id used to register for invalidations to this policy. | |
254 optional int32 invalidation_source = 13; | |
255 | |
256 // The name which uniquely identifies this policy within the invalidation | |
257 // service object source. This value is combined with invalidation_source to | |
258 // form the object id used to register for invalidations to this policy. | |
259 optional bytes invalidation_name = 14; | |
260 } | |
261 | |
262 message PolicyFetchResponse { | |
263 // Since a single policy request may ask for multiple policies, we | |
264 // provide separate error code for each individual policy fetch. | |
265 | |
266 // We will use standard HTTP Status Code as error code. | |
267 optional int32 error_code = 1; | |
268 | |
269 // Human readable error message for customer support purpose. | |
270 optional string error_message = 2; | |
271 | |
272 // This is a serialized |PolicyData| protobuf (defined above). | |
273 optional bytes policy_data = 3; | |
274 | |
275 // Signature of the policy data above. | |
276 optional bytes policy_data_signature = 4; | |
277 | |
278 // If the public key has been rotated on the server, the new public | |
279 // key is sent here. It is already used for |policy_data_signature| | |
280 // above, whereas |new_public_key_signature| is created using the | |
281 // old key (so the client can trust the new key). If this is the | |
282 // first time when the client requests policies (so it doesn't have | |
283 // on old public key), then |new_public_key_signature| is empty. | |
284 optional bytes new_public_key = 5; | |
285 optional bytes new_public_key_signature = 6; | |
286 } | |
287 | |
288 // Request from device to server for reading policies. | |
289 message DevicePolicyRequest { | |
290 // The policy fetch request. If this field exists, the request must | |
291 // comes from a non-TT client. The repeated field allows client to | |
292 // request multiple policies for better performance. | |
293 repeated PolicyFetchRequest request = 3; | |
294 } | |
295 | |
296 // Response from server to device for reading policies. | |
297 message DevicePolicyResponse { | |
298 // The policy fetch response. | |
299 repeated PolicyFetchResponse response = 3; | |
300 } | |
301 | |
302 message TimePeriod { | |
303 // [timestamp] is milli seconds since Epoch in UTC timezone. | |
304 optional int64 start_timestamp = 1; | |
305 optional int64 end_timestamp = 2; | |
306 } | |
307 | |
308 message ActiveTimePeriod { | |
309 optional TimePeriod time_period = 1; | |
310 | |
311 // The active duration during the above time period. | |
312 // The unit is milli-second. | |
313 optional int32 active_duration = 2; | |
314 } | |
315 | |
316 // This captures launch events for one app/extension or other installments. | |
317 message InstallableLaunch { | |
318 optional string install_id = 1; | |
319 | |
320 // Time duration where this report covers. These are required | |
321 // and the record will be ignored if not set. | |
322 optional TimePeriod duration = 2; | |
323 | |
324 // Client will send at most 50 timestamps to DM. All the rest | |
325 // launch activities will be summed into the total count. | |
326 // We will distribute the count evenly among the time span when | |
327 // doing time based aggregation. | |
328 repeated int64 timestamp = 3; | |
329 optional int64 total_count = 4; | |
330 } | |
331 | |
332 // Used to report the device location. | |
333 message DeviceLocation { | |
334 enum ErrorCode { | |
335 ERROR_CODE_NONE = 0; | |
336 ERROR_CODE_POSITION_UNAVAILABLE = 1; | |
337 } | |
338 | |
339 // Latitude in decimal degrees north (WGS84 coordinate frame). | |
340 optional double latitude = 1; | |
341 | |
342 // Longitude in decimal degrees west (WGS84 coordinate frame). | |
343 optional double longitude = 2; | |
344 | |
345 // Altitude in meters (above WGS84 datum). | |
346 optional double altitude = 3; | |
347 | |
348 // Accuracy of horizontal position in meters. | |
349 optional double accuracy = 4; | |
350 | |
351 // Accuracy of altitude in meters. | |
352 optional double altitude_accuracy = 5; | |
353 | |
354 // Heading in decimal degrees clockwise from true north. | |
355 optional double heading = 6; | |
356 | |
357 // Horizontal component of device velocity in meters per second. | |
358 optional double speed = 7; | |
359 | |
360 // Time of position measurement in milisecons since Epoch in UTC time. | |
361 optional int64 timestamp = 8; | |
362 | |
363 // Error code, see enum above. | |
364 optional ErrorCode error_code = 9; | |
365 | |
366 // Human-readable error message. | |
367 optional string error_message = 10; | |
368 } | |
369 | |
370 // Details about a network interface. | |
371 message NetworkInterface { | |
372 // Indicates the type of network device. | |
373 enum NetworkDeviceType { | |
374 TYPE_ETHERNET = 0; | |
375 TYPE_WIFI = 1; | |
376 TYPE_WIMAX = 2; | |
377 TYPE_BLUETOOTH = 3; | |
378 TYPE_CELLULAR = 4; | |
379 } | |
380 | |
381 // Network device type. | |
382 optional NetworkDeviceType type = 1; | |
383 | |
384 // MAC address (if applicable) of the corresponding network device. This is | |
385 // formatted as an ASCII string with 12 hex digits. Example: A0B1C2D3E4F5. | |
386 optional string mac_address = 2; | |
387 | |
388 // MEID (if applicable) of the corresponding network device. Formatted as | |
389 // ASCII string composed of 14 hex digits. Example: A10000009296F2. | |
390 optional string meid = 3; | |
391 | |
392 // IMEI (if applicable) of the corresponding network device. 15-16 decimal | |
393 // digits encoded as ASCII string. Example: 355402040158759. | |
394 optional string imei = 4; | |
395 } | |
396 | |
397 // Details about a device user. | |
398 message DeviceUser { | |
399 // Types of device users which can be reported. | |
400 enum UserType { | |
401 // A user managed by the same domain as the device. | |
402 USER_TYPE_MANAGED = 0; | |
403 | |
404 // A user not managed by the same domain as the device. | |
405 USER_TYPE_UNMANAGED = 1; | |
406 } | |
407 | |
408 // The type of the user. | |
409 required UserType type = 1; | |
410 | |
411 // Email address of the user. Present only if the user type is managed. | |
412 optional string email = 2; | |
413 } | |
414 | |
415 // Report device level status. | |
416 message DeviceStatusReportRequest { | |
417 // The OS version reported by the device is a platform version | |
418 // e.g. 1435.0.2011_12_16_1635. | |
419 optional string os_version = 1; | |
420 optional string firmware_version = 2; | |
421 | |
422 // "Verified", "Dev". Same as verified mode. | |
423 // If the mode is unknown, this field should not be set. | |
424 optional string boot_mode = 3; | |
425 | |
426 // Device active times collection since last report rpc call. | |
427 // No longer used -- use active_period instead. | |
428 repeated TimePeriod active_time = 4 [deprecated = true]; | |
429 | |
430 // The browser version string as shown in the About dialog. | |
431 // e.g. 17.0.963.18. | |
432 optional string browser_version = 5; | |
433 | |
434 // A list of periods when the device was active, aggregated by day. | |
435 repeated ActiveTimePeriod active_period = 6; | |
436 | |
437 // The device location. | |
438 optional DeviceLocation device_location = 7; | |
439 | |
440 // List of network interfaces. | |
441 repeated NetworkInterface network_interface = 8; | |
442 | |
443 // List of recent device users, in descending order by last login time. | |
444 repeated DeviceUser user = 9; | |
445 } | |
446 | |
447 // Report session (a user on one device) level status. | |
448 message SessionStatusReportRequest { | |
449 // Installed apps for this user on this device. | |
450 repeated string installed_app_id = 1; | |
451 | |
452 // Installed extensions for this user on this device. | |
453 repeated string installed_extension_id = 2; | |
454 | |
455 // One stat per app for top 30 apps. | |
456 repeated InstallableLaunch app_launch_stat = 3; | |
457 } | |
458 | |
459 // Response from DMServer to update devices' status. | |
460 // It is possible that status report fails but policy request succeed. In such | |
461 // case, the DeviceStatusReportResponse will contain an error code and the | |
462 // device should re-send status report data in the next policy request. The | |
463 // device should re-send report data if policy request fails, even if | |
464 // DeviceStatusReportResponse contains no error code. | |
465 message DeviceStatusReportResponse { | |
466 optional int32 error_code = 1; | |
467 | |
468 // Human readable error message for customer support purpose. | |
469 optional string error_message = 2; | |
470 } | |
471 | |
472 // Response from DMServer to update user devices' status. | |
473 // It is possible that status report fails but policy request succeed. In such | |
474 // case, the SessionStatusReportResponse will contain an error code and the | |
475 // device should re-send status report data in the next policy request. The | |
476 // device should re-send report data if policy request fails, even if | |
477 // SessionStatusReportResponse contains no error code. | |
478 message SessionStatusReportResponse { | |
479 optional int32 error_code = 1; | |
480 | |
481 // Human readable error message for customer support purpose. | |
482 optional string error_message = 2; | |
483 } | |
484 | |
485 // Request from device to server to determine whether the device should | |
486 // go through enterprise enrollment. Unlike the other requests, this request is | |
487 // not authenticated. | |
488 message DeviceAutoEnrollmentRequest { | |
489 // SHA-256 hash of the device's serial number, mod |modulus|. | |
490 // Should always be present. | |
491 optional int64 remainder = 1; | |
492 | |
493 // Modulus of the hash used by the client. Should always be present. This | |
494 // is the number of buckets the client thinks the server has. For now, | |
495 // it is a power of 2, but due to the strict constraint on how many serial | |
496 // numbers a bucket can contain, it may become non power of 2. If that | |
497 // happens, client-side needs to change its assumption. | |
498 optional int64 modulus = 2; | |
499 } | |
500 | |
501 // Response from server to auto-enrollment detection request. | |
502 message DeviceAutoEnrollmentResponse { | |
503 // If this field is present, the other fields are ignored and the client | |
504 // should send a new DeviceAutoEnrollmentRequest with a new |remainder| | |
505 // computed using this new |modulus|. If this field is empty, the client's | |
506 // request was accepted. | |
507 // DMServer guarantees that if the modulus sent by client in | |
508 // DeviceAutoEnrollmentRequest matches server's expectation, this field | |
509 // is unset. | |
510 optional int64 expected_modulus = 1; | |
511 | |
512 // List of hashes in the client's hash bucket. If the client's hash matches | |
513 // any in this list, the client device should do enterprise enrollment. | |
514 // If it matches none, enrollment should be optional. | |
515 // Each entry has exactly 256 bits (32 bytes). | |
516 repeated bytes hash = 2; | |
517 } | |
518 | |
519 // Request from the DMAgent on the device to the DMServer. This is | |
520 // container for all requests from device to server. The overall HTTP | |
521 // request MUST be in the following format: | |
522 // | |
523 // * HTTP method is POST | |
524 // * Data mime type is application/x-protobuffer | |
525 // * HTTP parameters are (all required, all case sensitive): | |
526 // * request: MUST BE one of | |
527 // * cert_upload | |
528 // * enterprise_check | |
529 // * ping | |
530 // * policy | |
531 // * register | |
532 // * status | |
533 // * unregister | |
534 // * api_authorization | |
535 // | |
536 // * devicetype: MUST BE "1" for Android or "2" for Chrome OS. | |
537 // * apptype: MUST BE Android or Chrome. | |
538 // * deviceid: MUST BE no more than 64-char in [\x21-\x7E]. | |
539 // * agent: MUST BE no more than 64-char long. | |
540 // * HTTP Authorization header MUST be in the following formats: | |
541 // * For register and ping requests | |
542 // Authorization: GoogleLogin auth=<auth cookie for Mobile Sync> | |
543 // | |
544 // * For unregister, policy, status, and cert_upload requests | |
545 // Authorization: GoogleDMToken token=<dm token from register> | |
546 // | |
547 // * The Authorization header isn't used for enterprise_check | |
548 // request, nor for register requests using OAuth. In the latter case, | |
549 // the OAuth token is passed in the "oauth" parameter. | |
550 // | |
551 // DeviceManagementRequest should only contain one request which matches the | |
552 // HTTP query parameter - request, as listed below. Other requests within the | |
553 // container will be ignored. | |
554 // cert_upload: cert_upload_request | |
555 // enterprise_check: auto_enrollment_request | |
556 // ping: policy_request | |
557 // policy: policy_request | |
558 // register: register_request | |
559 // status: device_status_report_request or session_status_report_request | |
560 // unregister: unregister_request | |
561 // | |
562 // | |
563 message DeviceManagementRequest { | |
564 // Register request. | |
565 optional DeviceRegisterRequest register_request = 1; | |
566 | |
567 // Unregister request. | |
568 optional DeviceUnregisterRequest unregister_request = 2; | |
569 | |
570 // Policy request. | |
571 optional DevicePolicyRequest policy_request = 3; | |
572 | |
573 // Update status. | |
574 optional DeviceStatusReportRequest device_status_report_request = 4; | |
575 optional SessionStatusReportRequest session_status_report_request = 5; | |
576 | |
577 // Auto-enrollment detection. | |
578 optional DeviceAutoEnrollmentRequest auto_enrollment_request = 6; | |
579 | |
580 // EMCert upload (for remote attestation) | |
581 optional DeviceCertUploadRequest cert_upload_request = 7; | |
582 | |
583 // Request for OAuth2 authorization codes to access Google services. | |
584 optional DeviceServiceApiAccessRequest service_api_access_request = 8; | |
585 } | |
586 | |
587 // Response from server to device. | |
588 // | |
589 // The server uses the following numbers as HTTP status codes | |
590 // to report top-level errors. | |
591 // | |
592 // 200 OK: valid response is returned to client. | |
593 // 400 Bad Request: invalid argument. | |
594 // 401 Unauthorized: invalid auth cookie or DM token. | |
595 // 403 Forbidden: device management is not allowed. | |
596 // 404 Not Found: the request URL is invalid. | |
597 // 410 Device Not Found: the device id is not found. | |
598 // 491 Request Pending: the request is pending approval. | |
599 // 500 Internal Server Error: most likely a bug in DM server. | |
600 // 503 Service Unavailable: most likely a backend error. | |
601 // 901 Device Not Found: the device id is not found. | |
602 // 902 Policy Not Found: the policy is not found. | |
603 message DeviceManagementResponse { | |
604 // Error message. | |
605 optional string error_message = 2; | |
606 | |
607 // Register response | |
608 optional DeviceRegisterResponse register_response = 3; | |
609 | |
610 // Unregister response | |
611 optional DeviceUnregisterResponse unregister_response = 4; | |
612 | |
613 // Policy response. | |
614 optional DevicePolicyResponse policy_response = 5; | |
615 | |
616 // Device status report response. | |
617 optional DeviceStatusReportResponse device_status_report_response = 6; | |
618 | |
619 // Session status report response. | |
620 optional SessionStatusReportResponse session_status_report_response = 7; | |
621 | |
622 // Auto-enrollment detection response. | |
623 optional DeviceAutoEnrollmentResponse auto_enrollment_response = 8; | |
624 | |
625 // EMCert upload response. | |
626 optional DeviceCertUploadResponse cert_upload_response = 9; | |
627 | |
628 // Response to OAuth2 authorization code request. | |
629 optional DeviceServiceApiAccessResponse service_api_access_response = 10; | |
630 } | |
OLD | NEW |