Skip to main content
eSIM Activation Guide
Team Celona avatar
Written by Team Celona
Updated this week

Introduction

In addition to the physical SIM option, Celona also offers the eSIM (embedded subscriber identity module) capability for the devices to authenticate and authorize access to the Celona private cellular network. Celona eSIMs are compatible with both 4G and 5G networks.

There are two ways to onboard the eSIM onto the device

  1. Using an individual QR (quick-response) code for each eSIM. This process works well for onboarding individual devices. The self-service workflow for downloading eSIMs via QR code is available in Orchestrator UI.

  2. Via the MDM (Mobile Device Management) platform used by enterprises to manage corporate owned and BYOD (Bring Your Own Device) mobile devices. This option is ideal for enterprises managing large numbers of devices. Currently, MDM workflow is only available via APIs.

Detailed instructions for onboarding eSIMs with both options are provided in this article.

Note on re-using eSIMs:

  • Celona eSIMs can be re-used on a different device if needed. In order to re-assign the eSIM to a new device, an active eSIM would first need to be de-activated in Orchestrator and the SIM deleted from the existing device. Once these steps are completed, the eSIM will be ready for assignment to another device. It is not possible to re-assign the eSIM without first deleting it from the original device.

  • Celona Orchestrator UI provides details on the state of each eSIM onboarding states (Available, Downloaded, Installed, etc.) under the column, “eSIM Status“ on the devices table.

Activating eSIMs via QR Codes

Orchestrator Devices section provides information on the total number of provisioned eSIMs: i.e., the total number of eSIMs available for activation. The provisioned eSIMs quantity is calculated based on the number of AP subscriptions purchased by customer: by default each Indoor subscription includes 20 eSIMs, each Outdoor subscription includes 40 eSIMs. If needed, extra eSIMs outside of the default quantities included with AP subscriptions can be purchased separately.

To Activate the eSIMs via QR Code:

  1. Navigate to the SIMs & Devices page.

  2. Select the Config tab at the top of the page to view your full device inventory.

  3. Click the Activate button on the eSIMs card.

  4. Click Activate eSIMS via QR Code tab. Also, you can do bulk activation or single activation.

  5. To activate bulk, click BULK and upload a CSV file. Click the DOWNLOAD TEMPLATE button for an example template of the CSV file.

  6. Fill out the details on the template and upload the CSV file by clicking choose file.

  7. To activate a single eSIM, click the SINGLE button and enter the device details in the mandatory fields.

    1. * Device Name (Mandatory Field): Assign a unique, descriptive name to easily identify the device.

    2. * User Email (Mandatory Field): Enter the email address associated with the device user. The QR Code will be emailed to this user.

    3. * Device Profile (Mandatory field): Select the appropriate device profile to apply network policies and configurations (previously known as Device Groups). (Refer to the updated Device Profiles documentation.)

    4. * Authorized Sites (Mandatory Field): Select the sites where devices should be authorized from the dropdown list. There are three possible selections for a user to make -

      1. All sites in org: When the user selects this option, activation applies to all current sites (and by extension, all Edge Clusters) any future sites or edge clusters that the customer may add to the organization.
        Note: Please do not select this option if the user does not want the device activated in future sites/edge clusters.

      2. Specific Sites: This option allows the user to select targeted sites for activation.
        Note: If the user wants the device activated in all future sites, select the Select all option in Specific Sites.

      3. None: If the user selects None, the activation workflow cannot be completed.
        Note: Please note that if “None“ is selected for an activated device, the device will be deactivated.

    5. * PLMN ID (Mandatory Field): Enter the Public Land Mobile Network ID (PLMN) to specify the network identifier.

      1. 315010 (US)

      2. 999503 (Non-US)

    6. Static IP: Assign a static IP if needed to ensure a consistent address for the device.

    7. SIM Lock: Enable or disable SIM Lock to restrict the device’s SIM usage. Enabling SIM Lock can either lock to a specific IMEI or automatically lock to the first device it connects with.

Activating eSIMs via MDM (on the CSO UI)

Starting with Celona Orchestrator version 2406.1, users will be able to onboard eSIMs via MDM directly from the Orchestrator UI. This new feature simplifies the onboarding process for eSIMs, allowing organizations to integrate their devices more seamlessly into the Celona network.

Note that prior to following UI activation flow, MDM administrator would need to configure SM-DP+ URL https://sm-v4-072-d-gtm.pr.go-esim.com in the MDM system.

To Activate the eSIMs via MDM:

  1. Navigate to the SIMs & Devices.

  2. Select the Config tab at the top of the page to view your full device inventory.

  3. Click the Activate button on the eSIMs card.

  4. Click Activate eSIMS via MDM tab. You can also do bulk activation or single activation here.

  5. To activate bulk, click BULK and upload a CSV file. Click the DOWNLOAD TEMPLATE button for an example template of the CSV file.

  6. Fill out the details on the template and upload the CSV file by clicking choose file.

  7. To activate a single eSIM, click the SINGLE button and enter the device details in the mandatory fields.

    1. * Device Name (Mandatory Field): Assign a unique identifier for easy recognition within your inventory.

    2. * Device EID (Mandatory Field): Enter the device’s Embedded Identity Document (EID) for secure identification.

    3. * Device Profile (Mandatory Field): To apply the necessary configurations and policies, choose a device profile.

    4. * Authorized Sites (Mandatory Field): Select the sites where devices should be authorized from the dropdown list. There are three possible selections for a user to make -

      1. All sites in org: When the user selects this option, activation applies to all current sites (and by extension, all Edge Clusters) any future sites or edge clusters that the customer may add to the organization.
        Note: Please do not select this option if the user does not want the device activated in future sites/edge clusters.

      2. Specific Sites: This option allows the user to select targeted sites for activation.
        Note: If the user wants the device activated in all future sites, select the Select all option in Specific Sites.

      3. None: If the user selects None, the activation workflow cannot be completed.
        Note: Please note that if “None“ is selected for an activated device, the device will be deactivated.

    5. * PLMN ID (Mandatory Field): Enter the Public Land Mobile Network ID (PLMN) to specify the network identifier.

      1. 315010 (US)

      2. 999503 (Non-US)

    6. Static IP : Assign a static IP if needed to ensure a consistent address for the device.

    7. SIM Lock: Enabled by default, locking the eSIM to the device to ensure secure access.

Note: eSIMs onboarded via MDM will have SIM Lock enabled by default unlike physical SIM cards or eSIMs activated via QR Code. This lock cannot be disabled, ensuring that the eSIM is tied to a specific device and reducing the risk of unauthorized access.

Deactivate a Device

There are three ways to deactivate the device:

  1. Select devices using the checkboxes in the first column, and click the “Deactivate” button above the table.
    OR

  2. Click the kebab-menu at the end of the row, and choose “Deactivate” from the menu.
    OR

  3. Click the Edit (pencil) icon in the table header, update “Authorized Sites” to “None” for the devices to be deactivated, and click “Update.”

Reactivate a Device

There are three ways to reactivate a device:

  1. Select devices using the checkboxes in the first column, and click the “Reactivate” button above the table.
    OR

  2. Click the kebab-menu at the end of the row, and choose “Reactivate” from the menu.
    OR

  3. Click the Edit (pencil) icon in the table header, update “Authorized Sites” for the devices to be reactivated, and click “Update.”

Activating eSIMs via MDM (using APIs)

Celona has an integration capability with generally any MDM platform to manage Celona eSIMs for the fleet of enterprise devices. Following section describes the workflow on how an enterprise can onboard supported MDM devices with Celona eSIMs via APIs.

High-level Flow

The only input required to execute the flow is the list of device EIDs (Embedded Identity Document) downloaded from the MDM system, intended device names, and optionally - the list of eSIM ICCIDs (Integrated Circuit Card Identification Number) corresponding to each device (if no ICCIDs are provided, the mapping will be assigned automatically). Once the API flow is executed, Celona Orchestrator will update the mapping between eSIM ICCIDs and device EIDs and push configuration onto Celona Edge Cluster and Celona SM-DP+ (Subscription Manager Data Preparation) service.

The eSIM will get activated and named, the device will get authorized to enroll via eSIM using credentials, identifier and SM-DP+ URL given to the device. The device will then communicate with the SM-DP+ service for registration and authentication / authorization for connectivity.

Detailed eSIM Onboarding Process via MDM

Prior to eSIM onboarding, the Orchestrator account will be pre-populated with eSIMs identified by ICCID and Celona will have the eSIMs available for assignment on the SM-DP+. The number of available eSIMs depends on the number of purchased AP subscriptions.

  1. In the MDM, the Customer needs to manage for each device: EID, Device Name, SM-DP+ URL. The first step in the process requires enterprise IT team to export or generate a CSV (comma-separated values) list of devices from the MDM database, either from within the MDM or other automation / scripting. The CSV file needs to contain following columns

    • EID - Mandatory field. Required to create the mapping between the eSIMs and specific devices.

    • Name - Mandatory field. Provided names will be automatically assigned to the onboarded devices in Orchestrator.

    • ICCID - Optional field. If this field is provided, then device EIDs will map to requested ICCIDs (example: if an existing eSIM needs to be re-assigned from one device to another); otherwise, available eSIM ICCIDs will be assigned automatically in order.

      Sample CSV data with one device entry

      % cat eid_upload_noiccid.csv 
      EID,Name
      890<redacted>,iphone11SE

  2. Celona API call needs to be performed with the CSV file as a parameter.

    Syntax for the API call

    curl --location 'https://cso.celona.io/v1/api/rsp/esims/assign-eid?customer_id=<customer_id>' \ 
    --header 'X-API-Key: <API_KEY>' \
    --form 'eidFile=@"/path_to_file/eid_upload_noiccid.csv"' \
    --form 'customer_id="<customer_id>"'

    Sample run

    curl --location 'https://cso.celona.io/v1/api/rsp/esims/assign-eid?customer_id=10<REDACTED>' \ 
    --header 'X-API-Key: $2a$04$xyl<REDACTED>' \
    --form 'eidFile=@"./eid_upload_noiccid.csv"' \
    --form 'customer_id="10<REDACTED>"'

    {"code":202,"data":{"request_id":"d3de3a94-5107-4c9e-a2e7-<REDACTED>7","server_url":"https://sm-v4-072-d-gtm.pr.go-esim.com"},"error":"","success":true}

    Required parameters

    • X-API-Key: this is your Celona API key

    • eidFile: this is the CSV file generated from the MDM

    • customer_id: this is your Celona customer ID

    • The SM-DP+ URL is https://sm-v4-072-d-gtm.pr.go-esim.com

  3. Once the device is powered up and has its' MDM profile updated, it will automatically connect to the Celona SM-DP+ server to authenticate the eSIM to the device.

  4. After onboarding, the customer is expected to activate and set the Device Group, if needed. On the device itself, especially for Apple devices, the customer will have to manage setting cellular priority, per app settings, etc. More details on the Device Group management are available in this article.

Note that the API call with CSV is asynchronous. A “success” simply means that the request was accepted, but for many devices it may take some time to process. The request_id in the API call response can be used in a future request for status:

% curl --location 'https://cso.celona.io/v1/api/rsp/esims/eid-status?request_id=d3de3a94-5107-4c9e-a2e7-<REDACTED>7' \ 
--header 'X-API-Key: $2a$04$xyl<REDACTED>'
{"code":200,"data":{"configs":[{"eid":"890<REDACTED>","iccid":"8910<REDACTED>","name":"iphone11SE","status":"SUCCESS"}]},"error":"","success":true}

The SM-DP+ URL should be pushed to each device from within the MDM.

With the CSV data above, Celona will automatically select an available eSIM and assign provided Device Name.

JAMF MDM Profile on Apple iPhone 11 SE

Celona eSIM activated on Apple iPhone 11 SE, as “Personal”. The name of the cellular network can be updated to a custom value, for example “Celona”.

Please reach out to support@celona.io in case of any additional questions.

Did this answer your question?