14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Managing 'Android Enterprise' Devices
  3. App management

Category filter

How to set up permissions and configurations for an app?

Jump To

With Hexnode UEM, you can configure app configurations and app permissions for your managed applications deployed on your enterprise devices. The app configuration feature for Android allows you to remotely pre-configure the work app settings for different users. The app permission feature will enable you to allow or deny the permissions required by work apps and enterprise apps on a device.

Pre-requisites:

The organization and device should be enrolled in Android Enterprise.

Setting up app configurations

To set up app configurations,

  1. Go to the Policies tab on your Hexnode portal.
  2. Create a new policy or select an existing policy.
  3. From AndroidApp Management, select App Configurations.
  4. Click on Configure and + Add new configuration button to select a work app and configure it.
  5. (Optional) Use the search bar to search for work apps.
  6. Click on the Select button to choose the app to configure.
  7. The app configuration screen is displayed. Configure it from here and hit Done when you’re done with the configurations.
Notes:

  • Add at least one configuration for an app to show it in the list of configured apps.
  • The App Configurations policy supports the use of the following wildcards:
    • %newline%
    • %username%
    • %email%
    • %phonenumber%
    • %udid%
    • %imei%
    • %deviceid%
    • %serialnumber%
    • %wifimacaddress%
    • %devicename%
    • %model%
    • %osname%
    • %osversion%
    • %iccid%

Different apps have different configurations, so it is not possible to list all of them here. However, we are trying to show you a few examples on how the configurations differ from app to app. We take Chrome Browser as the first example. The available configurations are:

  • Account type for HTTP negotiate authentication
  • Address or URL of proxy server
  • Allow cookies on these sites
  • Allow images on these sites
  • Allow JavaScript on these sites
  • Allow proceeding from the SSL warning page
  • Allow access to a list of URLs
  • Allow session only cookies on these sites
  • Authentication server whitelist
  • Block access to a list of URLs, and so on.

The chrome app on android offers a wide selection of app configurations

While Gmail shows varying configurations. Listing out some of them below.

  • Default email signature
  • Default sync window
  • Device identifier
  • Email address
  • Hostname or host

Setting up app permissions

Set up what a specific app can do or have access to, even before they are installed on the device. The permissions may include location, network access, and camera, but are not limited to these three. App permissions differ between apps, but there might be common permissions for more than one app.

To set up permissions for an app,

  1. From your Hexnode portal, go to Policies.
  2. Create a new policy or select an existing policy.
  3. Select App Permissions from AndroidApp Management.
  4. Click on the + Add New App Permission button to select a work app and configure permissions.
  5. (Optional) Use the search bar to search for work apps.
  6. Click on the Select button to the right of an app.
  7. The app permission screen is displayed. Most of the restrictions contain three options to choose from – Default, Allow and Deny, which help you decide whether the app should follow the app defaults, or allow or deny a specific feature.
  8. Hit Done when you’re done with setting up permissions for an app.

Here are some of the restrictions for Dropbox.

  • View network connections
  • View Wi-Fi connections
  • Take pictures and videos
  • Find accounts on the device
  • Full network access
  • Add or remove accounts
  • Run at startup
  • Prevent device from sleeping
Notes:

  • The App Permissions policy allows you to configure only the runtime permissions for apps, some of which are listed below.
    1. android.permission.ACCEPT_HANDOVER
    2. android.permission.ACCESS_BACKGROUND_LOCATION
    3. android.permission.ACCESS_COARSE_LOCATION
    4. android.permission.ACCESS_FINE_LOCATION
    5. android.permission.ACCESS_MEDIA_LOCATION
    6. android.permission.ACTIVITY_RECOGNITION
    7. com.android.voicemail.permission.ADD_VOICEMAIL
    8. android.permission.ANSWER_PHONE_CALLS
    9. android.permission.BODY_SENSORS
    10. android.permission.CALL_PHONE
    11. android.permission.CAMERA
    12. android.permission.GET_ACCOUNTS
    13. android.permission.PROCESS_OUTGOING_CALLS
    14. android.permission.READ_CALENDAR
    15. android.permission.READ_CALL_LOG
    16. android.permission.READ_CONTACTS
    17. android.permission.READ_EXTERNAL_STORAGE
    18. android.permission.READ_PHONE_NUMBERS
    19. android.permission.READ_PHONE_STATE
    20. android.permission.READ_SMS
    21. android.permission.RECEIVE_MMS
    22. android.permission.RECEIVE_SMS
    23. android.permission.RECEIVE_WAP_PUSH
    24. android.permission.RECORD_AUDIO
    25. android.permission.SEND_SMS
    26. android.permission.USE_SIP
    27. android.permission.WRITE_CALENDAR
    28. android.permission.WRITE_CALL_LOG
    29. android.permission.WRITE_CONTACTS
    30. android.permission.WRITE_EXTERNAL_STORAGE
    31. android.permission.BLUETOOTH_ADVERTISE
    32. android.permission.BLUETOOTH_SCAN
    33. android.permission.BODY_SENSORS_BACKGROUND
    34. android.permission.NEARBY_WIFI_DEVICES
    35. android.permission.POST_NOTIFICATIONS
    36. android.permission.READ_MEDIA_AUDIO
    37. android.permission.READ_MEDIA_IMAGES
    38. android.permission.READ_MEDIA_VIDEO
    39. android.permission.UWB_RANGING
    40. android.permission.BLUETOOTH_CONNECT
    41. android.permission.READ_MEDIA_VISUAL_USER_SELECTED

      42. However, the set of runtime permissions that can be configured via the policy will ultimately depend on the application.

  • Special permissions for apps, such as the All files access (MANAGE_EXTERNAL_STORAGE) and Displaying and drawing over other apps permissions, must be granted by the user explicitly. These permissions are particularly sensitive and are not directly related to user privacy.
  • To grant a special permission to an application, a user must navigate to Settings > Apps > Special app access on the device and select the permission and the corresponding app to grant access to.

Set up targets for app configurations and permissions policies

If you haven’t saved the policy yet, you can

  1. Go to the Policy Targets tab within the policy.
  2. Click on + Add Devices.
  3. Search and select the devices to which the policy needs to be associated with and click on OK.
    You can also associate policies to Device Groups, Users, User Groups or Domains from the left pane underneath the Policy Targets tab.
  4. Save the policy to associate the policy to the device.

If you have saved the policy,

  1. From your Policies tab, check the policy.
  2. Select Associate Targets from Manage.
  3. Select the devices and click on Associate to get the policy associated with these devices.
Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • Managing 'Android Enterprise' Devices