This documentation is for WSO2 Enterprise Mobility Manager 2.1.0. View documentation for the latest release.
Key Concepts - Enterprise Mobility Manager 2.1.0 - WSO2 Documentation
Skip to end of metadata
Go to start of metadata

The following are the key concepts available in WSO2 Enterprise Mobility Manager (EMM):

Mobile Device Management (MDM)

WSO2 EMM's core function to manage devices. The following features list out how WSO2 EMM manages the devices enrolled.

  • Self-service device enrollment and management with end-user EMM Console for iOS, Android, and Windows devices.
  • Integrates to enterprise identity systems for device ownership: LDAP, Microsoft AD
  • Policy-driven device and profile management for security, data, and device features (Camera, Password Policy).
  • Deploy policies over-the-air.
  • Compliance monitoring for applied policies on devices.
  • Role-based access control (RBAC) for device management.
  • Securely wipe enterprise configurations from Enterprise wipe.
  • Track locations of enrolled devices.
  • Retrieve device information.
  • Facilitate device-owner operations such as registering and unregistering devices, installing, rating, sorting mobile apps, etc.

 Mobile App Management

WSO2 EMM manages applications installed on the mobile devices.

  • Supports App management.
  • App approval process through a lifecycle.
  • Provision and de-provisioning apps to enrolled devices.
  • Provision apps to enrolled devices based on roles.
  • Provision apps to multiple enrolled devices per user.
  • Retrieve the list of apps.
  • Install new apps and update existing apps on iOS devices via REST APIs, enabling automation of application installation/updates for third-party systems/vendors.
  • Install Web Clips on devices.
  • Enterprise App Store.
  • Discover mobile apps through an Enterprise App Store.

  • Self-provisioning of mobile apps to devices.

  • Rating and Sorting Applications.

  • Password reset.

Device and Data Security

Another key area with WSO2 EMM is that it securely manages devices and data.

  • Multi-tenancy to ensure data isolation across all tenants.
  • Enforce built-in security features of passcode and encryption.
  • Encryption of data storage.
  • Device lock and reset.
  • Managed APIs to perform administrative functions.
  • Ring and GPS to locate device remotely if lost/stolen.


  • No labels