Adds apps to this profile notemptyApps on EMM-managed devices are configured within the profiles!
Application
Package name
com.google.android.youtube Select application
Package name of the application
Install type
Pre install
The way the installation is performed.
Pre install
The app is installed automatically, but can be removed by the user.
Force install
The app is installed automatically and cannot be deleted by the user.
Block
The app is blocked and cannot be installed. If the app was installed using an old profile, it will be uninstalled.
Available
The app is ready for installation.
Required for setup
The app is installed automatically, cannot be deleted by the user, and prevents the device from being set up until the app is installed.
Kiosk
The app is automatically installed in kiosk mode: it is set as the prefered home intention and set to white list for lock-task mode. The device setup will not be completed until after the app has been installed. After installation, users can only use this app, which starts automatically and can no longer be removed. You can only set this installType for one application per policy. If this is present in the policy, the status bar is automatically disabled.
Default permission policy
Prompt
The default policy for all permissions requested by the app. If set, overrides the default policy-level permission policy that applies to all apps. It does not override the global permission grant, which applies to all apps.
Policy not specified. If no policy is specified for a permission at any level, 'Prompt' is used by default.
Prompt
Prompts the user to grant an authorization.
Grant
Grant authorization automatically
Deny
Deny authorization automatically
Permissions
Add permission
Grants explicit permission or denial for the app. These values override the default permission policy and global permission restrictions that apply to all apps.
Permission
Permission
The Android permission or group, for example android.permission.READ_CALENDAR or android.permission_group.CALENDAR.
Policy
The policy for granting authorization.
Policy not specified. If no policy is specified for a permission at any level, 'Prompt' is used by default.
Prompt
Prompt the user to grant permission.
Grant
Grant permission automatically
Deny
Deny permission automatically
Managed Configuration Template
Calls up a template from the app manufacturer in which various parameters can be transferred to the app, depending on what the manufacturer specifies. These can be fixed parameters and variables in email apps:
Deactivated
Whether the app is disabled. When deactivated, the app data is still retained.
Minimum version code
0
The minimum version of the app that will run on the device.
If set, the device will attempt to update the app to at least this version code. If the app is not up to date, the device contains a non-compliance detail with the non-compliance reason APP_NOT_UPDATED. The app must already be published in Google Play with a version code equal or greater than this value. A maximum of 20 apps can set a minimum version code per policy.
Delegate areas
The permissions selected here are delegated to the app by the Device Policy Controller.
No delegation area specified.
Certificate installation
Provides access to the installation and management of certificates.
Managed configurations
Provides access to the management of managed configurations.
Block uninstall
Gives access to blocking the uninstallation.
Grant permission
Provides access to the permission policy and permission status.
Packet access
Gives access to the packet access status.
Enable system apps
Grants access to activate system apps.
Accessible Track IDs
List of track IDs of the app that an enterprise device can access. If the list contains multiple track IDs, devices get the latest version among all accessible tracks. If the list does not contain any track IDs, devices have access only to the production track of the app.
Connected Work & Personal App
Controls whether the app can communicate with itself through a device's work and personal profiles with the user's permission.
Not allowed by default
Not allowed
Default. Prevents cross-profile communication of the app.
Allowed
Allows the app to communicate across profiles after receiving the user's consent.
Login Provider - Use Default Policy
Login Provider - Use Default Policy
The default login provider policy ( siehe unten) determines, whether this app can be used as the default login provider.
This app is allowed to act as a login provider
This app can function as a login provider regardless of global app settings.
Play Store Mode
Automatic App Updates
Always
The policy enforced on a device to automatically update apps depending on the network connection: Apps should also be updated on devices that rarely or never return to a wireless network. The volume of data usually has little effect with standard volume tariffs.
The auto-update policy is not set. Corresponds with the user selection.
User selection
The user can control the automatic updates.
Never
Apps are never updated automatically
Via WLAN only
Apps are only updated automatically via WLAN.
Always
Apps are updated automatically at any time. Data charges may apply.
Disable installation of apps
notemptyIf activated , no installations or Updates are possible. Also not via the portal!
Disable uninstalling apps
The user should not be able to uninstall any apps.
Global default authorization policy
Not specified (prompt)
The default authorization policy for runtime authorization requests.
Not specified (prompt)
Policy not specified. If no policy is specified for a permission at any level, 'Prompt' is used by default.
Prompt
Prompt the user to grant permission.
Grant
Grant authorization automatically
Deny
Deny correction automatically
Global permission granting
Add permission
Explicit permission or group grant or deny for all apps. These values override the Default permission policy.
Permission
Permission
The Android permission or group, for example android.permission.READ_CALENDAR or android.permission_group.CALENDAR.
Policy
The policy for granting authorization.
Policy not specified. If no policy is specified for a permission at any level, 'Prompt' is used by default.
Prompt
Prompt the user to grant permission.
Grant
Grant permission automatically
Deny
Deny permission automatically
Not specified (Only apps with a login provider policy)
This feature determines whether an app on Android 14 and above is allowed to function as a login provider for managing login credentials. If it is relevant for apps that handle authentication or login data, such as password managers or multi-factor authentication apps.
Not specified (Only apps with a login provider policy)
Not specified. Only apps that have explicitly defined a login provider policy.
Only apps that have specified a login provider policy.
Only apps that have declared a login provider policy or OEM default login providers
Only apps with a declared login provider policy or those pre-defined by the OEM as default login providers are allowed.
notemptyNew as of: 2.12
Notes on using login providers
Option
Value
Description
Managed configuration
The format for the configuration depends on the ManagedProperty values supported by the app. Each field name in the managed configuration must match the key field of the managed property. The field value must be compatible with the ManagedProperty type.
Caption
Value
Description
3
Managed Configuration Template
Caption
Value
Description
Managed Configuration Template
Manage configuration template
This field is ignored if the managed configuration is set. Calls up a template from the app manufacturer in which various parameters can be transferred to the app, depending on what the manufacturer specifies. These can be fixed parameters and variables in email apps:
Example for Gmail app:
Email Address
$emailaddress$
Variable
Hostname or Host
m.google.com
Fixed parameter
Example: Hostname of the mail server for Gmail accounts
Username
$emailaddress$
Variable (for Gmail accounts the username is the email address.) With other accounts / apps the variable $username$ can be used here.
notemptyNew as of: 2.8notemptyFor a correct function, in the tab General the button Profile is a template must be activated and the users must be selected!
In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden
The values are taken from the user settings of the user to whom the respective device is assigned
Variable name in profiles
Description
Example
$username$
alternative names: %device_user% %device_user_username%
Username
jdoe
$emailaddress$
alternative name: %device_email%
Email address
jdoe@ttt-point.de
$firstname$
alternative name: %device_user_firstname%
First name
John
$lastname$
alternative name: %device_user_lastname%
Last name
Doe
$name$
alternative name: %device_user_name%
First name and surname
John Doe
$variable1$
alternative name: %variable1%
custom value
jdoe/ttt-point.local
$variable2$
alternative name: %variable2%
custom value
$variable3$
alternative name: %variable3%
custom value
$device_name$
alternative name: %device_name%
Only for iOS: The name assigned on the phone (see: Settings → General → Info → Name)
This variable can also be used in iOS profiles in the Shared device section
Cell phone from Markus Müller
$device_alias$
alternative name: %device_alias%
Only for iOS: The alias assigned in the portal. If the alias is not assigned, the device_name is displayed.
This variable can also be used in iOS profiles in the Shared device section
Tablet Storage1
Defining the values in the user administration in the portal under: General Users or for the device alias in the device tile. To avoid input errors, different variable names are possible for compatibility reasons.
A distinction between Android and iOS is no longer necessary.
