Skip to content

System Configuration

System Configuration page

Figure 1

Repository Configuration

  • the option "Autoclose running actions when a new distribution set is assigned" force-cancels an assigned distribution that is superseded by a newer one in a target device, instead of only cancelling it.
  • Multi-assignment: the option "Allow parallel execution of multiple distribution set assignments and rollouts" enables a beta feature that allows the assignment of multiple distributions to a target device at the same time. This relaxes the paradigm that "a device can have only one Distribution Set assigned/installed at a time". Once enabled, this option cannot be disabled anymore.
  • User consent flow: by enabling the option "Request confirmation for actions before proceeding with download/install process" it is possible to request confirmation to the end-user for download and installation when deploying an update. When enabled, a "Confirmation required" option appears in the Confirm assignment dialog.

    Difference with soft updates

    The difference between a soft update and the user consent flow feature mainly revolves around the legal aspects of providing digital content to end-user consumers:

    • The user consent flow feature allows the end-user to explicitly decide whether they want the current deployed distribution from the server to be installed on their behalf in their device. The end-user can also decide to consent to any future updates by enabling autoConfirmation. These authorizations are primarily handled on the server side using Management API and require explicit permission from the end-user.
    • In contrast, soft updates are managed entirely on the device level through the third-party integration API and require authorization for each soft-deployed distribution. These authorizations are handled by the third-party applications and may not involve a request to the end-user.
  • the option "Automatically delete terminated actions" periodically removes from the target Action history distributions that have been cancelled or are in error.

Warning

At the moment the UF Android Service does not support the Multi-assignment and User consent flow features. We recommend using these feature only after carefully evaluating all the implications.

Rollout Configuration

The "Approve rollout before it can be started" option ensures that no rollout will begin without a confirmation.

Authentication Configuration

Note

To allow devices to communicate with the server at least one type of device authentication should be selected.

  • Target Token authentication: the "Allow targets to authenticate directly with their target security token" option allows devices to authenticate providing an HTTP-Authorization header with the custom scheme TargetToken. Any device has its own Target Token, visible in the "Security token" property in the detail section of a Target. This mode doesn't allow a device to register "plug-and-play" to the server; it should either have previously registered with a different authentication (e.g. Gateway Token) or the target should be created in advance.

  • Gateway Token authentication: the "Allow a gateway to authenticate and manage multiple targets through a gateway security token" options allows devices to authenticate providing an HTTP-Authorization header with the custom scheme GatewayToken. The value of the Gateway Token is provided just below the option when selected and it is one for all the devices of a given tenant. This mode allows a device to register "plug-and-play" to the server. Gateway Token can be changed to a new random value by pressing the "Regenerate key" button, but the change isn't persisted until the Save button is pressed.

  • Download without security credentials: the "Allow targets to download artifacts without security credentials" option still requires devices to authenticate with security credentials, but allows devices to download artifacts without providing security credentials.

Authentication type priority

Here are the rules to keep in mind when multiple Authentication options are enabled.

If GatewayToken and TargetToken authentication types are enabled at the same time:

  1. if the client provides just one token type, then that one is checked by the server;
  2. if the client provides both token types, then TargetToken is checked by the server.

Polling Configuration

  • Polling Time: the period of time that target devices will check in with the Update Factory Service.
  • Polling Overdue Time: the period of time that a target device must not check in for, to then have an Overdue status.

Artifact Download Lifetime

To improve the security of your update artifacts, lifetime for the download URL is configurable. To understand better the importance of this configuration parameter let's do a practical example. Update Factory can handle Soft Updates which require user interaction to authorize the download of an artifact on the target. However, having a URL hanging there for a long time (in the case the user does not authorize the download for whatever reason) is not secure. You can set the Artifact URL lifetime at your convenience between 5 min to a max of 180 days.

Usage Limit Threshold Configuration

With this simple settings you can tune your threshold for the metrics in the Usage View which will affect the current state of each metric.