"Responses with Content-Type of application/json",
"Media download with context-dependent Content-Type",
"Responses with Content-Type of application/x-protobuf"
],
"location":"query",
"type":"string"
},
"bearer_token":{
"description":"OAuth bearer token.",
"location":"query",
"type":"string"
},
"callback":{
"description":"JSONP",
"location":"query",
"type":"string"
},
"fields":{
"description":"Selector specifying which fields to include in a partial response.",
"location":"query",
"type":"string"
},
"key":{
"description":"API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.",
"location":"query",
"type":"string"
},
"oauth_token":{
"description":"OAuth 2.0 token for the current user.",
"location":"query",
"type":"string"
},
"pp":{
"default":"true",
"description":"Pretty-print response.",
"location":"query",
"type":"boolean"
},
"prettyPrint":{
"default":"true",
"description":"Returns response with indentations and line breaks.",
"location":"query",
"type":"boolean"
},
"quotaUser":{
"description":"Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.",
"location":"query",
"type":"string"
},
"uploadType":{
"description":"Legacy upload protocol for media (e.g. \"media\", \"multipart\").",
"location":"query",
"type":"string"
},
"upload_protocol":{
"description":"Upload protocol for media (e.g. \"raw\", \"multipart\").",
"description":"The preferred language for localized application info, as a BCP47 tag (e.g. \"en-US\", \"de\"). If not specified the default language of the application will be used.",
"description":"Issues a command to a device. The Operation resource returned contains a Command in its metadata field. Use the get operation method to get the status of the command.",
"description":"Starts asynchronous cancellation on a long-running operation. The server makes a best effort to cancel the operation, but success is not guaranteed. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED. Clients can use Operations.GetOperation or other methods to check whether the cancellation succeeded or whether the operation completed despite cancellation. On successful cancellation, the operation is not deleted; instead, it becomes an operation with an Operation.error value with a google.rpc.Status.code of 1, corresponding to Code.CANCELLED.",
"description":"Deletes a long-running operation. This method indicates that the client is no longer interested in the operation result. It does not cancel the operation. If the server doesn't support this method, it returns google.rpc.Code.UNIMPLEMENTED.",
"description":"Gets the latest state of a long-running operation. Clients can use this method to poll the operation result at intervals as recommended by the API service.",
"description":"Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns UNIMPLEMENTED.NOTE: the name binding allows API services to override the binding to use different resource name schemes, such as users/*/operations. To override the binding, API services can add a binding such as \"/v1/{name=users/*}/operations\" to their service configuration. For backwards compatibility, the default name includes the operations collection id, however overriding users must ensure the name binding is the parent resource, without the operations collection id.",
"description":"The callback URL that the admin will be redirected to after successfully creating an enterprise. Before redirecting there the system will add a query parameter to this URL named enterpriseToken which will contain an opaque token to be used for the create enterprise request. The URL will be parsed then reformatted in order to add the enterpriseToken parameter, so there may be some minor formatting changes.",
"description":"A compliance rule condition which is satisfied if the Android Framework API level on the device doesn't meet a minimum requirement. There can only be one rule with this type of condition per policy.",
"description":"The minimum desired Android Framework API level. If the device doesn't meet the minimum requirement, this condition is satisfied. Must be greater than zero.",
"description":"The default policy for all permissions requested by the app. If specified, this overrides the policy-level default_permission_policy which applies to all apps. It does not override the permission_grants which applies to all apps.",
"description":"Managed configuration applied to the app. The format for the configuration is dictated by the ManagedProperty values supported by the app. Each field name in the managed configuration must match the key field of the ManagedProperty. The field value must be compatible with the type of the ManagedProperty: \u003ctable\u003e \u003ctr\u003e\u003ctd\u003e\u003ci\u003etype\u003c/i\u003e\u003c/td\u003e\u003ctd\u003e\u003ci\u003eJSON value\u003c/i\u003e\u003c/td\u003e\u003c/tr\u003e \u003ctr\u003e\u003ctd\u003eBOOL\u003c/td\u003e\u003ctd\u003etrue or false\u003c/td\u003e\u003c/tr\u003e \u003ctr\u003e\u003ctd\u003eSTRING\u003c/td\u003e\u003ctd\u003estring\u003c/td\u003e\u003c/tr\u003e \u003ctr\u003e\u003ctd\u003eINTEGER\u003c/td\u003e\u003ctd\u003enumber\u003c/td\u003e\u003c/tr\u003e \u003ctr\u003e\u003ctd\u003eCHOICE\u003c/td\u003e\u003ctd\u003estring\u003c/td\u003e\u003c/tr\u003e \u003ctr\u003e\u003ctd\u003eMULTISELECT\u003c/td\u003e\u003ctd\u003earray of strings\u003c/td\u003e\u003c/tr\u003e \u003ctr\u003e\u003ctd\u003eHIDDEN\u003c/td\u003e\u003ctd\u003estring\u003c/td\u003e\u003c/tr\u003e \u003ctr\u003e\u003ctd\u003eBUNDLE_ARRAY\u003c/td\u003e\u003ctd\u003earray of objects\u003c/td\u003e\u003c/tr\u003e \u003c/table\u003e",
"description":"The minimum version of the app that runs on the device. If set, the device attempts to update the app to at least this version code. If the app is not up-to-date, the device will contain a NonComplianceDetail with non_compliance_reason set to APP_NOT_UPDATED. The app must already be published to Google Play with a version code greater than or equal to this value. At most 20 apps may specify a minimum version code per policy.",
"format":"int32",
"type":"integer"
},
"packageName":{
"description":"The package name of the app. For example, com.google.android.youtube for the YouTube app.",
"description":"Explicit permission grants or denials for the app. These values override the default_permission_policy and permission_grants which apply to all apps.",
"description":"The duration for which the command is valid. The command will expire if not executed by the device during this time. The default duration if unspecified is ten minutes. There is no maximum duration.",
"description":"The resource name of the user that owns the device in the form enterprises/{enterpriseId}/users/{userId}. This is automatically generated by the server based on the device the command is sent to.",
"description":"A rule declaring which mitigating actions to take when a device is not compliant with its policy. For every rule, there is always an implicit mitigating action to set policy_compliant to false for the Device resource, and display a message on the device indicating that the device is not compliant with its policy. Other mitigating actions may optionally be taken as well, depending on the field values in the rule.",
"description":"If set to true, the rule includes a mitigating action to disable apps so that the device is effectively disabled, but app data is preserved. If the device is running an app in locked task mode, the app will be closed and a UI showing the reason for non-compliance will be displayed.",
"The device was deleted. This state will never be returned by an API call, but is used in the final policy compliance report published to Cloud Pub/Sub when the device acknowledges the deletion.",
"The device is being provisioned. Newly enrolled devices are in this state until they have a policy applied."
"description":"If the device state is DISABLED, an optional message that is displayed on the device indicating the reason the device is disabled. This field can be modified by a patch request."
},
"displays":{
"description":"Detailed information about displays on the device. This information is only available if displayInfoEnabled is true in the device's policy.",
"items":{
"$ref":"Display"
},
"type":"array"
},
"enrollmentTime":{
"description":"The time of device enrollment.",
"format":"google-datetime",
"type":"string"
},
"enrollmentTokenData":{
"description":"If the device was enrolled with an enrollment token with additional data provided, this field contains that data.",
"type":"string"
},
"enrollmentTokenName":{
"description":"If the device was enrolled with an enrollment token, this field contains the name of the token.",
"type":"string"
},
"hardwareInfo":{
"$ref":"HardwareInfo",
"description":"Detailed information about the device hardware."
},
"hardwareStatusSamples":{
"description":"Hardware status samples in chronological order. This information is only available if hardwareStatusEnabled is true in the device's policy.",
"items":{
"$ref":"HardwareStatus"
},
"type":"array"
},
"lastPolicyComplianceReportTime":{
"description":"The last time the device sent a policy compliance report.",
"format":"google-datetime",
"type":"string"
},
"lastPolicySyncTime":{
"description":"The last time the device fetched its policy.",
"format":"google-datetime",
"type":"string"
},
"lastStatusReportTime":{
"description":"The last time the device sent a status report.",
"format":"google-datetime",
"type":"string"
},
"memoryEvents":{
"description":"Events related to memory and storage measurements in chronological order. This information is only available if memoryInfoEnabled is true in the device's policy.",
"items":{
"$ref":"MemoryEvent"
},
"type":"array"
},
"memoryInfo":{
"$ref":"MemoryInfo",
"description":"Memory information. This information is only available if memoryInfoEnabled is true in the device's policy."
},
"name":{
"description":"The name of the device in the form enterprises/{enterpriseId}/devices/{deviceId}.",
"type":"string"
},
"networkInfo":{
"$ref":"NetworkInfo",
"description":"Device network information. This information is only available if networkInfoEnabled is true in the device's policy."
},
"nonComplianceDetails":{
"description":"Details about policy settings that the device is not compliant with.",
"items":{
"$ref":"NonComplianceDetail"
},
"type":"array"
},
"policyCompliant":{
"description":"Whether the device is compliant with its policy.",
"type":"boolean"
},
"policyName":{
"description":"The name of the policy applied to the device, in the form enterprises/{enterpriseId}/policies/{policyId}. If not specified, the policy_name for the device's user is applied. This field can be modified by a patch request. You can specify only the policyId when calling enterprises.devices.patch, as long as the policyId doesn’t contain any slashes. The rest of the policy name is inferred.",
"type":"string"
},
"powerManagementEvents":{
"description":"Power management events on the device in chronological order. This information is only available if powerManagementEventsEnabled is true in the device's policy.",
"items":{
"$ref":"PowerManagementEvent"
},
"type":"array"
},
"previousDeviceNames":{
"description":"If the same physical device has been enrolled multiple times, this field contains its previous device names. The serial number is used as the unique identifier to determine if the same physical device has enrolled previously. The names are in chronological order.",
"items":{
"type":"string"
},
"type":"array"
},
"softwareInfo":{
"$ref":"SoftwareInfo",
"description":"Detailed information about the device software. This information is only available if softwareInfoEnabled is true in the device's policy."
},
"state":{
"description":"The state to be applied to the device. This field can be modified by a patch request. Note that when calling enterprises.devices.patch, ACTIVE and DISABLED are the only allowable values. To enter the device into a DELETED state, call enterprises.devices.delete.",
"enum":[
"DEVICE_STATE_UNSPECIFIED",
"ACTIVE",
"DISABLED",
"DELETED",
"PROVISIONING"
],
"enumDescriptions":[
"This value is disallowed.",
"The device is active.",
"The device is disabled.",
"The device was deleted. This state will never be returned by an API call, but is used in the final policy compliance report published to Cloud Pub/Sub when the device acknowledges the deletion.",
"The device is being provisioned. Newly enrolled devices are in this state until they have a policy applied."
],
"type":"string"
},
"userName":{
"description":"The resource name of the user that owns this device in the form enterprises/{enterpriseId}/users/{userId}.",
"type":"string"
}
},
"type":"object"
},
"DeviceSettings":{
"description":"Information about security related device settings on device.",
"id":"DeviceSettings",
"properties":{
"adbEnabled":{
"description":"Whether ADB (https://developer.android.com/studio/command-line/adb.html) is enabled on the device.",
"type":"boolean"
},
"developmentSettingsEnabled":{
"description":"Whether developer mode is enabled on the device.",
"type":"boolean"
},
"encryptionStatus":{
"description":"Encryption status from DevicePolicyManager.",
"enum":[
"ENCRYPTION_STATUS_UNSPECIFIED",
"UNSUPPORTED",
"INACTIVE",
"ACTIVATING",
"ACTIVE",
"ACTIVE_DEFAULT_KEY",
"ACTIVE_PER_USER"
],
"enumDescriptions":[
"Unspecified. No device should have this type.",
"Encryption is not supported by the device.",
"Encryption is supported by the device, but is not currently active.",
"Encryption is not currently active, but is currently being activated.",
"Encryption is active.",
"Encryption is active, but an encryption key is not set by the user.",
"Encryption is active, and the encryption key is tied to the user profile."
],
"type":"string"
},
"isDeviceSecure":{
"description":"Whether the device is secured with PIN/password.",
"type":"boolean"
},
"isEncrypted":{
"description":"Whether the storage encryption is enabled.",
"type":"boolean"
},
"unknownSourcesEnabled":{
"description":"Whether installing apps from unknown sources is enabled.",
"type":"boolean"
},
"verifyAppsEnabled":{
"description":"Whether Verify Apps (Google Play Protect (https://support.google.com/googleplay/answer/2812853)) is enabled on the device.",
"type":"boolean"
}
},
"type":"object"
},
"Display":{
"description":"Device display information.",
"id":"Display",
"properties":{
"density":{
"description":"Display density expressed as dots-per-inch.",
"format":"int32",
"type":"integer"
},
"displayId":{
"description":"Unique display id.",
"format":"int32",
"type":"integer"
},
"height":{
"description":"Display height in pixels.",
"format":"int32",
"type":"integer"
},
"name":{
"description":"Name of the display.",
"type":"string"
},
"refreshRate":{
"description":"Refresh rate of the display in frames per second.",
"format":"int32",
"type":"integer"
},
"state":{
"description":"State of the display.",
"enum":[
"DISPLAY_STATE_UNSPECIFIED",
"OFF",
"ON",
"DOZE",
"SUSPENDED"
],
"enumDescriptions":[
"This value is disallowed.",
"Display is off.",
"Display is on.",
"Display is dozing in a low power state",
"Display is dozing in a suspended low power state."
],
"type":"string"
},
"width":{
"description":"Display width in pixels.",
"format":"int32",
"type":"integer"
}
},
"type":"object"
},
"Empty":{
"description":"A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance:\nservice Foo {\n rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);\n}\nThe JSON representation for Empty is empty JSON object {}.",
"id":"Empty",
"properties":{},
"type":"object"
},
"EnrollmentToken":{
"description":"An enrollment token.",
"id":"EnrollmentToken",
"properties":{
"additionalData":{
"description":"Optional, arbitrary data associated with the enrollment token. This could contain, for example, the ID of an org unit the device is assigned to after enrollment. After a device enrolls with the token, this data will be exposed in the enrollment_token_data field of the Device resource. The data must be 1024 characters or less; otherwise, the creation request will fail.",
"type":"string"
},
"duration":{
"description":"The length of time the enrollment token is valid, ranging from 1 minute to 30 days. If not specified, the default duration is 1 hour.",
"format":"google-duration",
"type":"string"
},
"expirationTimestamp":{
"description":"The expiration time of the token. This is a read-only field generated by the server.",
"format":"google-datetime",
"type":"string"
},
"name":{
"description":"The name of the enrollment token, which is generated by the server during creation, in the form enterprises/{enterpriseId}/enrollmentTokens/{enrollmentTokenId}.",
"type":"string"
},
"policyName":{
"description":"The name of the policy initially applied to the enrolled device, in the form enterprises/{enterpriseId}/policies/{policyId}. If not specified, the policy_name for the device’s user is applied. If user_name is also not specified, enterprises/{enterpriseId}/policies/default is applied by default. When updating this field, you can specify only the policyId as long as the policyId doesn’t contain any slashes. The rest of the policy name will be inferred.",
"type":"string"
},
"qrCode":{
"description":"A JSON string whose UTF-8 representation can be used to generate a QR code to enroll a device with this enrollment token. To enroll a device using NFC, the NFC record must contain a serialized java.util.Properties representation of the properties in the JSON.",
"type":"string"
},
"value":{
"description":"The token value that's passed to the device and authorizes the device to enroll. This is a read-only field generated by the server.",
"type":"string"
}
},
"type":"object"
},
"Enterprise":{
"description":"The configuration applied to an enterprise.",
"description":"The types of Google Pub/Sub notifications enabled for the enterprise.",
"enumDescriptions":[
"This value is ignored.",
"A notification sent when a device enrolls.",
"A notification sent when a device issues a policy compliance report.",
"A notification sent when a device issues a status report.",
"A notification sent when a device command has completed."
],
"items":{
"enum":[
"NOTIFICATION_TYPE_UNSPECIFIED",
"ENROLLMENT",
"COMPLIANCE_REPORT",
"STATUS_REPORT",
"COMMAND"
],
"type":"string"
},
"type":"array"
},
"enterpriseDisplayName":{
"description":"The name of the enterprise displayed to users.",
"type":"string"
},
"logo":{
"$ref":"ExternalData",
"description":"An image displayed as a logo during device provisioning. Supported types are: image/bmp, image/gif, image/x-ico, image/jpeg, image/png, image/webp, image/vnd.wap.wbmp, image/x-adobe-dng."
},
"name":{
"description":"The name of the enterprise which is generated by the server during creation, in the form enterprises/{enterpriseId}.",
"type":"string"
},
"primaryColor":{
"description":"A color in RGB format that indicates the predominant color to display in the device management app UI. The color components are stored as follows: (red \u003c\u003c 16) | (green \u003c\u003c 8) | blue, where the value of each component is between 0 and 255, inclusive.",
"format":"int32",
"type":"integer"
},
"pubsubTopic":{
"description":"The topic that Cloud Pub/Sub notifications are published to, in the form projects/{project}/topics/{topic}. This field is only required if Pub/Sub notifications are enabled.",
"description":"Terms and conditions that must be accepted when provisioning a device for this enterprise. A page of terms is generated for each value in this list.",
"description":"Data hosted at an external location. The data is to be downloaded by Android Device Policy and verified against the hash.",
"id":"ExternalData",
"properties":{
"sha256Hash":{
"description":"The base-64 encoded SHA-256 hash of the content hosted at url. If the content doesn't match this hash, Android Device Policy won't use the data.",
"type":"string"
},
"url":{
"description":"The absolute URL to the data, which must use either the http or https scheme. Android Device Policy doesn't provide any credentials in the GET request, so the URL must be publicly accessible. Including a long, random component in the URL may be used to prevent attackers from discovering the URL.",
"type":"string"
}
},
"type":"object"
},
"HardwareInfo":{
"description":"Information about device hardware. The fields related to temperature thresholds are only available if hardwareStatusEnabled is true in the device's policy.",
"id":"HardwareInfo",
"properties":{
"batteryShutdownTemperatures":{
"description":"Battery shutdown temperature thresholds in Celsius for each battery on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"batteryThrottlingTemperatures":{
"description":"Battery throttling temperature thresholds in Celsius for each battery on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"brand":{
"description":"Brand of the device. For example, Google.",
"type":"string"
},
"cpuShutdownTemperatures":{
"description":"CPU shutdown temperature thresholds in Celsius for each CPU on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"cpuThrottlingTemperatures":{
"description":"CPU throttling temperature thresholds in Celsius for each CPU on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"deviceBasebandVersion":{
"description":"Baseband version. For example, MDM9625_104662.22.05.34p.",
"type":"string"
},
"gpuShutdownTemperatures":{
"description":"GPU shutdown temperature thresholds in Celsius for each GPU on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"gpuThrottlingTemperatures":{
"description":"GPU throttling temperature thresholds in Celsius for each GPU on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"hardware":{
"description":"Name of the hardware. For example, Angler.",
"type":"string"
},
"manufacturer":{
"description":"Manufacturer. For example, Motorola.",
"type":"string"
},
"model":{
"description":"The model of the device. For example, Asus Nexus 7.",
"type":"string"
},
"serialNumber":{
"description":"The device serial number.",
"type":"string"
},
"skinShutdownTemperatures":{
"description":"Device skin shutdown temperature thresholds in Celsius.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"skinThrottlingTemperatures":{
"description":"Device skin throttling temperature thresholds in Celsius.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
}
},
"type":"object"
},
"HardwareStatus":{
"description":"Hardware status. Temperatures may be compared to the temperature thresholds available in hardwareInfo to determine hardware health.",
"id":"HardwareStatus",
"properties":{
"batteryTemperatures":{
"description":"Current battery temperatures in Celsius for each battery on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"cpuTemperatures":{
"description":"Current CPU temperatures in Celsius for each CPU on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"cpuUsages":{
"description":"CPU usages in percentage for each core available on the device. Usage is 0 for each unplugged core. Empty array implies that CPU usage is not supported in the system.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"createTime":{
"description":"The time the measurements were taken.",
"format":"google-datetime",
"type":"string"
},
"fanSpeeds":{
"description":"Fan speeds in RPM for each fan on the device. Empty array means that there are no fans or fan speed is not supported on the system.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"gpuTemperatures":{
"description":"Current GPU temperatures in Celsius for each GPU on the device.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
},
"skinTemperatures":{
"description":"Current device skin temperatures in Celsius.",
"items":{
"format":"float",
"type":"number"
},
"type":"array"
}
},
"type":"object"
},
"ListDevicesResponse":{
"description":"Response to a request to list devices for a given enterprise.",
"id":"ListDevicesResponse",
"properties":{
"devices":{
"description":"The list of devices.",
"items":{
"$ref":"Device"
},
"type":"array"
},
"nextPageToken":{
"description":"If there are more results, a token to retrieve next page of results.",
"type":"string"
}
},
"type":"object"
},
"ListOperationsResponse":{
"description":"The response message for Operations.ListOperations.",
"id":"ListOperationsResponse",
"properties":{
"nextPageToken":{
"description":"The standard List next-page token.",
"type":"string"
},
"operations":{
"description":"A list of operations that matches the specified filter in the request.",
"items":{
"$ref":"Operation"
},
"type":"array"
}
},
"type":"object"
},
"ListPoliciesResponse":{
"description":"Response to a request to list policies for a given enterprise.",
"id":"ListPoliciesResponse",
"properties":{
"nextPageToken":{
"description":"If there are more results, a token to retrieve next page of results.",
"type":"string"
},
"policies":{
"description":"The list of policies.",
"items":{
"$ref":"Policy"
},
"type":"array"
}
},
"type":"object"
},
"ManagedProperty":{
"description":"Managed property.",
"id":"ManagedProperty",
"properties":{
"defaultValue":{
"description":"The default value of the property. BUNDLE_ARRAY properties don't have a default value.",
"type":"any"
},
"description":{
"description":"A longer description of the property, providing more detail of what it affects. Localized.",
"type":"string"
},
"entries":{
"description":"For CHOICE or MULTISELECT properties, the list of possible entries.",
"items":{
"$ref":"ManagedPropertyEntry"
},
"type":"array"
},
"key":{
"description":"The unique key that the app uses to identify the property, e.g. \"com.google.android.gm.fieldname\".",
"type":"string"
},
"nestedProperties":{
"description":"For BUNDLE_ARRAY properties, the list of nested properties. A BUNDLE_ARRAY property is at most two levels deep.",
"items":{
"$ref":"ManagedProperty"
},
"type":"array"
},
"title":{
"description":"The name of the property. Localized.",
"type":"string"
},
"type":{
"description":"The type of the property.",
"enum":[
"MANAGED_PROPERTY_TYPE_UNSPECIFIED",
"BOOL",
"STRING",
"INTEGER",
"CHOICE",
"MULTISELECT",
"HIDDEN",
"BUNDLE_ARRAY"
],
"enumDescriptions":[
"Not used.",
"A property of boolean type.",
"A property of string type.",
"A property of integer type.",
"A choice of one item from a set.",
"A choice of multiple items from a set.",
"A hidden restriction of string type (the default value can be used to pass along information that can't be modified, such as a version code).",
"An array of property bundles."
],
"type":"string"
}
},
"type":"object"
},
"ManagedPropertyEntry":{
"description":"An entry of a managed property.",
"id":"ManagedPropertyEntry",
"properties":{
"name":{
"description":"The human-readable name of the value. Localized.",
"type":"string"
},
"value":{
"description":"The machine-readable value of the entry, which should be used in the configuration. Not localized.",
"type":"string"
}
},
"type":"object"
},
"MemoryEvent":{
"description":"An event related to memory and storage measurements.",
"id":"MemoryEvent",
"properties":{
"byteCount":{
"description":"The number of free bytes in the medium, or for EXTERNAL_STORAGE_DETECTED, the total capacity in bytes of the storage medium.",
"format":"int64",
"type":"string"
},
"createTime":{
"description":"The creation time of the event.",
"format":"google-datetime",
"type":"string"
},
"eventType":{
"description":"Event type.",
"enum":[
"MEMORY_EVENT_TYPE_UNSPECIFIED",
"RAM_MEASURED",
"INTERNAL_STORAGE_MEASURED",
"EXTERNAL_STORAGE_DETECTED",
"EXTERNAL_STORAGE_REMOVED",
"EXTERNAL_STORAGE_MEASURED"
],
"enumDescriptions":[
"Unspecified. No events have this type.",
"Free space in RAM was measured.",
"Free space in internal storage was measured.",
"A new external storage medium was detected. The reported byte count is the total capacity of the storage medium.",
"An external storage medium was removed. The reported byte count is zero.",
"Free space in an external storage medium was measured."
"description":"For settings with nested fields, if a particular nested field is out of compliance, this specifies the full path to the offending field. The path is formatted in the same way the policy JSON field would be referenced in JavaScript, that is: 1) For object-typed fields, the field name is followed by a dot then by a subfield name. 2) For array-typed fields, the field name is followed by the array index enclosed in brackets. For example, to indicate a problem with the url field in the externalData field in the 3rd application, the path would be applications[2].externalData.url",
"description":"If package_name is set and the non-compliance reason is APP_NOT_INSTALLED or APP_NOT_UPDATED, the detailed reason the app can't be installed or updated.",
"An unknown condition is preventing the app from being installed. Some potential reasons are that the device doesn't have enough storage, the device network connection is unreliable, or the installation is taking longer than expected. The installation will be retried automatically.",
"description":"A compliance rule condition which is satisfied if there exists any matching NonComplianceDetail for the device. A NonComplianceDetail matches a NonComplianceDetailCondition if all the fields which are set within the NonComplianceDetailCondition match the corresponding NonComplianceDetail fields.",
"description":"The reason the device is not in compliance with the setting. If not set, then this condition matches any reason.",
"enum":[
"NON_COMPLIANCE_REASON_UNSPECIFIED",
"API_LEVEL",
"MANAGEMENT_MODE",
"USER_ACTION",
"INVALID_VALUE",
"APP_NOT_INSTALLED",
"UNSUPPORTED",
"APP_INSTALLED",
"PENDING",
"APP_INCOMPATIBLE",
"APP_NOT_UPDATED"
],
"enumDescriptions":[
"This value is disallowed.",
"The setting is not supported in the API level of the Android version running on the device.",
"The management mode (profile owner, device owner, etc.) doesn't support the setting.",
"The user has not taken required action to comply with the setting.",
"The setting has an invalid value.",
"The app required to implement the policy is not installed.",
"The policy is not supported by the version of Android Device Policy on the device.",
"A blocked app is installed.",
"The setting hasn't been applied at the time of the report, but is expected to be applied shortly.",
"The setting can't be applied to the app because the app doesn't support it, for example because its target SDK version is not high enough.",
"The app is installed, but it hasn't been updated to the minimum version code specified by policy."
],
"type":"string"
},
"packageName":{
"description":"The package name of the app that's out of compliance. If not set, then this condition matches any package name.",
"type":"string"
},
"settingName":{
"description":"The name of the policy setting. This is the JSON field name of a top-level Policy field. If not set, then this condition matches any setting name.",
"description":"If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.",
"type":"boolean"
},
"error":{
"$ref":"Status",
"description":"The error result of the operation in case of failure or cancellation."
},
"metadata":{
"additionalProperties":{
"description":"Properties of the object. Contains field @type with type URL.",
"type":"any"
},
"description":"Service-specific metadata associated with the operation. It typically contains progress information and common metadata such as create time. Some services might not provide such metadata. Any method that returns a long-running operation should document the metadata type, if any.",
"type":"object"
},
"name":{
"description":"The server-assigned name, which is only unique within the same service that originally returns it. If you use the default HTTP mapping, the name should have the format of operations/some/unique/name.",
"description":"Properties of the object. Contains field @type with type URL.",
"type":"any"
},
"description":"The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is standard Get/Create/Update, the response should be the resource. For other methods, the response should have the type XxxResponse, where Xxx is the original method name. For example, if the original method name is TakeSnapshot(), the inferred response type is TakeSnapshotResponse.",
"description":"The length of the password history. After setting this field, the user won't be able to enter a new password that is the same as any password in the history. A value of 0 means there is no restriction.",
"description":"The minimum allowed password length. A value of 0 means there is no restriction. Only enforced when password_quality is NUMERIC, NUMERIC_COMPLEX, ALPHABETIC, ALPHANUMERIC, or COMPLEX.",
"description":"Minimum number of non-letter characters (numerical digits or symbols) required in the password. Only enforced when password_quality is COMPLEX.",
"The device must be secured with a low-security biometric recognition technology, at minimum. This includes technologies that can recognize the identity of an individual that are roughly equivalent to a 3-digit PIN (false detection is less than 1 in 1,000).",
"A password is required, but there are no restrictions on what the password must contain.",
"The password must contain numeric characters.",
"The password must contain numeric characters with no repeating (4444) or ordered (1234, 4321, 2468) sequences.",
"The password must contain alphabetic (or symbol) characters.",
"The password must contain both numeric and alphabetic (or symbol) characters.",
"The password must contain at least a letter, a numerical digit and a special symbol. Other password constraints, for example, password_minimum_letters are enforced."
"description":"A default activity for handling intents that match a particular intent filter.",
"id":"PersistentPreferredActivity",
"properties":{
"actions":{
"description":"The intent actions to match in the filter. If any actions are included in the filter, then an intent's action must be one of those values for it to match. If no actions are included, the intent action is ignored.",
"description":"The intent categories to match in the filter. An intent includes the categories that it requires, all of which must be included in the filter in order to match. In other words, adding a category to the filter has no impact on matching unless that category is specified in the intent.",
"description":"The activity that should be the default intent handler. This should be an Android component name, e.g. com.android.enterprise.app/.MainActivity. Alternatively, the value may be the package name of an app, which causes Android Device Policy to choose an appropriate activity from the app to handle the intent.",
"type":"string"
}
},
"type":"object"
},
"Policy":{
"description":"A policy resources represents a group settings that govern the behavior of a managed device and the apps installed on it.",
"id":"Policy",
"properties":{
"accountTypesWithManagementDisabled":{
"description":"Account types that can't be managed by the user.",
"description":"The app tracks for Android Device Policy the device can access. The device receives the latest version among all accessible tracks. If no tracks are specified, then the device only uses the production track.",
"enumDescriptions":[
"This value is ignored.",
"The production track, which provides the latest stable release.",
"The beta track, which provides the latest beta release."
"description":"Whether applications other than the ones configured in applications are blocked from being installed. When set, applications that were installed under a previous policy but no longer appear in the policy are automatically uninstalled.",
"description":"Whether bluetooth is disabled. Prefer this setting over bluetooth_config_disabled because bluetooth_config_disabled can be bypassed by the user.",
"description":"Rules declaring which mitigating actions to take when a device is not compliant with its policy. When the conditions for multiple rules are satisfied, all of the mitigating actions for the rules are taken. There is a maximum limit of 100 rules.",
"items":{
"$ref":"ComplianceRule"
},
"type":"array"
},
"createWindowsDisabled":{
"description":"Whether creating windows besides app windows is disabled.",
"description":"Email addresses of device administrators for factory reset protection. When the device is factory reset, it will require one of these admins to log in with the Google account email and password to unlock the device. If no admins are specified, the device won't provide factory reset protection.",
"description":"Whether the keyguard is disabled.",
"type":"boolean"
},
"keyguardDisabledFeatures":{
"description":"Disabled keyguard customizations, such as widgets.",
"enumDescriptions":[
"This value is ignored.",
"Disable the camera on secure keyguard screens (e.g. PIN).",
"Disable showing all notifications on secure keyguard screens.",
"Disable unredacted notifications on secure keyguard screens.",
"Ignore trust agent state on secure keyguard screens.",
"Disable fingerprint sensor on keyguard secure screens.",
"Disable text entry into notifications on secure keyguard screens.",
"Disable all current and future keyguard customizations."
],
"items":{
"enum":[
"KEYGUARD_DISABLED_FEATURE_UNSPECIFIED",
"CAMERA",
"NOTIFICATIONS",
"UNREDACTED_NOTIFICATIONS",
"TRUST_AGENTS",
"DISABLE_FINGERPRINT",
"DISABLE_REMOTE_INPUT",
"ALL_FEATURES"
],
"type":"string"
},
"type":"array"
},
"kioskCustomLauncherEnabled":{
"description":"Whether the kiosk custom launcher is enabled. This replaces the home screen with a launcher that locks down the device to the apps installed via the applications setting. The apps appear on a single page in alphabetical order. It is recommended to also use status_bar_disabled to block access to device settings.",
"description":"The degree of location detection enabled. The user may change the value unless the user is otherwise blocked from accessing device settings.",
"enum":[
"LOCATION_MODE_UNSPECIFIED",
"HIGH_ACCURACY",
"SENSORS_ONLY",
"BATTERY_SAVING",
"OFF"
],
"enumDescriptions":[
"The current device value is not modified.",
"All location detection methods are enabled, including GPS, networks, and other sensors.",
"description":"Whether the network escape hatch is enabled. If a network connection can't be made at boot time, the escape hatch prompts the user to temporarily connect to a network in order to refresh the device policy. After applying policy, the temporary network will be forgotten and the device will continue booting. This prevents being unable to connect to a network if there is no suitable network in the last policy and the device boots into an app in lock task mode, or the user is otherwise unable to reach device settings.",
"description":"If present, only the input methods provided by packages in this list are permitted. If this field is present, but the list is empty, then only system input methods are permitted."
"description":"The network-independent global HTTP proxy. Typically proxies should be configured per-network in open_network_configuration. However for unusual configurations like general internal filtering a global HTTP proxy may be useful. If the proxy is not accessible, network access may break. The global proxy is only a recommendation and some apps may ignore it."
"description":"Flag to skip hints on the first use. Enterprise admin can enable the system recommendation for apps to skip their user tutorial and other introductory hints on first start-up.",
"description":"Whether the status bar is disabled. This disables notifications, quick settings, and other screen overlays that allow escape from full-screen mode.",
"description":"The battery plugged in modes for which the device stays on. When using this setting, it is recommended to clear maximum_time_to_lock so that the device doesn't lock itself while it stays on.",
"description":"The system update policy, which controls how OS updates are applied. If the update type is WINDOWED, the update window will automatically apply to Play app updates as well."
"description":"Configuration info for an HTTP proxy. For a direct proxy, set the host, port, and excluded_hosts fields. For a PAC script proxy, set the pac_uri field.",
"description":"The name of the resource. Use this value in the signupUrl field when calling enterprises.create to complete the enterprise signup flow.",
"description":"SHA-256 hash of android.content.pm.Signature (https://developer.android.com/reference/android/content/pm/Signature.html) associated with the system package, which can be used to verify that the system build hasn't been modified.",
"description":"The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC (https://github.com/grpc). The error model is designed to be:\nSimple to use and understand for most users\nFlexible enough to meet unexpected needsOverviewThe Status message contains three pieces of data: error code, error message, and error details. The error code should be an enum value of google.rpc.Code, but it may accept additional error codes if needed. The error message should be a developer-facing English message that helps developers understand and resolve the error. If a localized user-facing error message is needed, put the localized message in the error details or localize it in the client. The optional error details may contain arbitrary information about the error. There is a predefined set of error detail types in the package google.rpc that can be used for common error conditions.Language mappingThe Status message is the logical representation of the error model, but it is not necessarily the actual wire format. When the Status message is exposed in different client libraries and different wire protocols, it can be mapped differently. For example, it will likely be mapped to some exceptions in Java, but more likely mapped to some error codes in C.Other usesThe error model and the Status message can be used in a variety of environments, either with or without APIs, to provide a consistent developer experience across different environments.Example uses of this error model include:\nPartial errors. If a service needs to return partial errors to the client, it may embed the Status in the normal response to indicate the partial errors.\nWorkflow errors. A typical workflow has multiple steps. Each step may have a Status message for error reporting.\nBatch operations. If a client uses batch request and batch response, the Status message should be used directly inside batch response, one for each error sub-response.\nAsynchronous operations. If an API call embeds asynchronous operation results in its response, the status of those operations should be represented directly using the Status message.\nLogging. If some API errors are stored in logs, the message Status could be used directly after any stripping needed for security/privacy reasons.",
"description":"A list of messages that carry the error details. There is a common set of message types for APIs to use.",
"items":{
"additionalProperties":{
"description":"Properties of the object. Contains field @type with type URL.",
"type":"any"
},
"type":"object"
},
"type":"array"
},
"message":{
"description":"A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.",
"description":"If the type is WINDOWED, the end of the maintenance window, measured as the number of minutes after midnight in device's local time. This value must be between 0 and 1439, inclusive. If this value is less than start_minutes, then the maintenance window spans midnight. If the maintenance window specified is smaller than 30 minutes, the actual window is extended to 30 minutes beyond the start time.",
"description":"If the type is WINDOWED, the start of the maintenance window, measured as the number of minutes after midnight in the device's local time. This value must be between 0 and 1439, inclusive.",
"Install automatically within a daily maintenance window. This also configures Play apps to be updated within the window. This is strongly recommended for kiosk devices because this is the only way apps persistently pinned to the foreground can be updated by Play.",
"description":"The default message displayed if no localized message is specified or the user's locale doesn't match with any of the localized messages. A default message must be provided if any localized messages are provided.",
"description":"A map containing \u003clocale, message\u003e pairs, where locale is a well-formed BCP 47 language (https://www.w3.org/International/articles/language-tags/) code, such as en-US, es-ES, or fr.",
"type":"object"
}
},
"type":"object"
},
"WebToken":{
"description":"A web token used to access the managed Google Play iframe.",
"id":"WebToken",
"properties":{
"name":{
"description":"The name of the web token, which is generated by the server during creation in the form enterprises/{enterpriseId}/webTokens/{webTokenId}.",
"description":"The URL of the parent frame hosting the iframe with the embedded UI. To prevent XSS, the iframe may not be hosted at other URLs. The URL must use the https scheme.",
"description":"The token value which is used in the hosting page to generate the iframe with the embedded UI. This is a read-only field generated by the server.",