[Android Enterprise] In-depth Explanation and Comprehensive Study Notes on Android Enterprise

0. Introduction

• Android Management API Preparation

  • This API mainly sends requests via HTTP to the EMM console and interacts with apps under EMM devices.
  • Android 6.0+ devices
  • Gmail account for binding (If you encounter enterprise binding issues: reference)
  • Create a Cloud Platform Project
  • Enable Android Management API
    • Similar to other Google API services, enable Android Management API under the project in Google Cloud Platform
  • Setup Guide Reference

• Android Management API Method to Remove Enterprise

  • Cancel device configuration

    1. Obtain the enterprise device list via HTTP GET curl -X GET https://androidmanagement.googleapis.com/v1/{parent=enterprises/*}/devices Replace {parent=enterprises/*} with the format enterprises/{enterprise-id} Response:
    2. Delete the enterprise device via HTTP DELETE
       curl -X DELETE https://androidmanagement.googleapis.com/v1/{name=enterprises/*/devices/*} Replace name with the name obtained from the previous response

  • Delete the Enterprise from the account

    1. Go to play.google.com/work
    2. Find Admin Settings
    3. Click the icon with three dots
    4. Press Delete Organization to remove the previously created enterprise

• AMAPI SDK Preparation

  • Import Reference
  • API level 21+ can use this SDK
  • API level 30+ requires additional query fragment settings in Manifest.xml
  • This SDK mainly provides some functions to directly send commands to the Android Device Policy app For example: clear specified package data, monitor command changes, reference

• Pub/Sub API Preparation

  • A method to receive notifications for new registered devices, device reports, and new issued commands

    1. Enable the Android Management API
    2. Create a topic (create within the console or use projects.topics.create)
    3. Create a subscription (create within the console or use projects.subscriptions.create)
    4. Grant Android Device Policy right (app)
    5. Update the enterprise to support notifications enterprises.patch
    6. Start using to receive notifications

  • Sample code for the API

1. Development

• Android Management API There are two ways to create an enterprise: Customer-managed enterprises, EMM-managed enterprises

• Android Management API Unlock Device Password

  • Update via HTTP Patch enterprises.policies For example: curl -X PATCH https://androidmanagement.googleapis.com/v1/{name=enterprises/*/policies/*} -d '{json=ResourcePolicy}'

  The Patch URL {name=enterprises/*/policies/*} should include the corresponding policyID

  The format is enterprises/{enterpriseId}/policies/{policyId}

  The request body {json=ResourcePolicy} should include the corresponding Resource Policy format

   - In the request body, there is a key passwordRequirements where you can include the corresponding [PasswordRequirements json format](https://developers.google.com/android/management/reference/rest/v1/PasswordRequirements) to set it
   <script src="https://gist.github.com/waitzShigoto/a73f43b9b538e0ea0ecb2e40c337e420.js"></script>
  

• Android Management API Lock Bottom Bar Buttons

  • Similarly, update via HTTP Patch enterprises.policies, and in the request body, the SystemNavigation can be set to display the bottom bar
  • Must be in kiosk mode
  • The documentation mentions that to enable kiosk mode, set the value of kioskCustomLauncherEnabled
  • Currently, it is seen that it provides options to display only the Home button or to hide both the Home and Overview buttons

• AMAPI SDK Clear data for a specified package

  • Use LocalCommandClientFactory.create(getContext()).issueCommand(createClearAppRequest(packageNames)

  to remove data for the specified package