This documentation is for WSO2 Enterprise Mobility Manager 2.1.0. View documentation for the latest release.
Policy Functions via the Console - Enterprise Mobility Manager 2.1.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

This section provides the details of the REST APIs used to carry out functions related to policies via the EMM console:

Adding a policy via the console

Description

Add a policy using this REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy. Using the REST API command given below you are able to save a created Policy and this policy will be in the inactive state.

Resource Path/inactive-policy
URL/mdm-admin/policies/inactive-policy
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/inactive-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to add a policy as the as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/inactive-policy
 Sample output
> POST /mdm-admin/policies/inactive-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 420
< HTTP/1.1 201 Created
< Date: Thu, 25 Feb 2016 06:30:18 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
{"statusCode":201,"messageFromServer":"Policy has been added successfully."}
Sample JSON Definition 
{  
   "policyName":"Camera",
   "description":"Optional",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{  
      "profileName":"Camera",
      "deviceType":{  
         "id":1
      },
      "profileFeaturesList":[  
         {  
            "featureCode":"CAMERA",
            "deviceTypeId":1,
            "content":{  
               "enabled":true
            }
         }
      ]
   },
   "users":[],
   "roles":[]
}
Property valueDescription
policyName

The name of the policy.

DescriptionProvide a description on what the policy is based on.
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
ownershipType

Define the define ownership type using the values given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
profileProvide the policy profile details.
profileNameThe name of the policy that is being added.
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID for the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

profileFeaturesList Lists the features that belong to the profile.
featureCode

Provide the code that defines the policy you wish to add.

Example: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

deviceTypeIdThe ID used to define the type of the device platform.
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

enabled

In the context of adding a policy for cameras. The filed is used to define if the camera on the device is permitted to be used or not.

  • true - The camera is enabled.
  • false - the camera is disabled.
usersDefine the users the policy needs to be applied on. The policy will be applied on the respective users devices.
rolesDefine the roles the policy needs to be applied on. The policy will be applied on the respective user roles devices.

If you wish to add a new policy criteria than what is already supported (users and roles) you can do so by defining a new policy criteria within the "policyCriterias":[] field.

Adding an active policy

Description

Add a policy that is in the active state using the REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy. Using the REST API command given below you are able to save and publish a created policy and this policy will be in the active state.

Resource Path/active-policy
URL/mdm-admin/policies/active-policy
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/active-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to add an active policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/active-policy
 Sample output
> POST /mdm-admin/policies/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 326a1824316a122152570d2dfd137ee7
> Content-Length: 420
< HTTP/1.1 201 OK
< Date: Thu, 25 Feb 2016 08:26:09 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
{"statusCode":201,"messageFromServer":"Policy has been added successfully."}
Sample JSON Definition 
{  
   "policyName":"Camera",
   "description":"Optional",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{  
      "profileName":"Camera",
      "deviceType":{  
         "id":1
      },
      "profileFeaturesList":[  
         {  
            "featureCode":"CAMERA",
            "deviceTypeId":1,
            "content":{  
               "enabled":true
            }
         }
      ]
   },
   "users":[],
   "roles":[]
}
Property valueDescription
policyName

The name of the policy.

DescriptionProvide a description on what the policy is based on.
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
ownershipType

Define the ownership type using the values given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
profileProvide the policy profile details.
profileNameThe name of the policy that is being added.
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID of the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

profileFeaturesListLists the features that belong to the profile.
featureCode

Provide the code that defines the policy you wish to add.

Example: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

deviceTypeIdThe ID used to define the type of the device platform.
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

enabled

In the context of adding a policy for cameras this filed is used to define if the camera on the device is permitted to be used or not.

  • true - The camera is enabled.
  • false - the camera is disabled.
usersDefine the users the policy needs to be applied on. The policy will be applied on the respective user's devices.
rolesDefine the roles the policy needs to be applied on. The policy will be applied on the respective user role's devices.

If you wish to add a new policy criteria than what is already supported (users and roles) you can do so by defining a new policy criteria within the "policyCriterias":[] field.

Getting details of policies

Description

Retrieve the details of all the policies that you have created in WSO2 EMM.

Resource Path/
URL/mdm-admin/policies/
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/
 Sample output
> GET /mdm-admin/policies/ HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 08:29:09 GMT
< Content-Type: application/json
< Content-Length: 1205
< Server: WSO2 Carbon Server
{"id":1,"priorityId":1,"profile":{"profileId":1,"profileName":"Camera","tenantId":-1234,"deviceType":{"id":1,"name":"android"},"createdDate":"Feb 25, 2016 12:00:18 PM","updatedDate":"Feb 25, 2016 12:00:18 PM","profileFeaturesList":[{"id":1,"featureCode":"CAMERA","profileId":1,"deviceTypeId":1,"content":"{\"enabled\":true}"}]},"policyName":"Camera","generic":false,"roles":[],"ownershipType":"ANY","devices":[],"users":[],"active":false,"updated":false,"description":"Optional","compliance":"enforce","policyCriterias":[],"tenantId":-1234,"profileId":1}
Sample JSON Definition 
{  
   "id":1,
   "priorityId":1,
   "profile":{  
      "profileId":1,
      "profileName":"Camera",
      "tenantId":-1234,
      "deviceType":{  
         "id":1,
         "name":"android"
      },
      "createdDate":"Feb 25, 2016 12:00:18 PM",
      "updatedDate":"Feb 25, 2016 12:00:18 PM",
      "profileFeaturesList":[  
         {  
            "id":1,
            "featureCode":"CAMERA",
            "profileId":1,
            "deviceTypeId":1,
            "content":"{\"enabled\":true}"
         }
      ]
   },
   "policyName":"Camera",
   "generic":false,
   "roles":[],
   "ownershipType":"ANY",
   "devices":[],
   "users":[],
   "active":true,
   "updated":true,
   "description":"Optional",
   "compliance":"enforce",
   "policyCriterias":[],
   "tenantId":-1234,
   "profileId":1
}
Property valueDescription
idThe policy ID.
priorityIdThe priority order of the policy. 1 indicates the highest priority.
profile

Contains the details of the profile that is included in the policy.

Example: The policy will contain a profile of disabling a camera on a device and encrypting the storage.

profileIdThe ID of each profile that is in the selected policy.
profileNameThe name of the profile.
tenantIdThe ID of the tenant that added the policy.
deviceTypeContains the device type details the policy was created for.
idThe ID of the device type.
nameThe device platform type.

createdDate

The date the policy was created.

updatedDate

The date the changes made to the policy was published to the devices registered with the EMM.
profileFeaturesListContains the features specific to each profile in the policy.
idThe ID of the feature list.
featurecode

The code specific for the feature of the profile.

The code that defines the profile. Example for feature codes: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

profileIdThe ID of the profile the features belong to.
deviceTypeIdThe Id of the device type.
contentContains the details of the features and the values assigned when adding the policy.
policyNameThe name of the policy.
rolesThe roles to whom the policy is applied on.
ownershipType

The policy ownership type. It can be any of the following values:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
devicesLists out the devices the policy is enforced on. This field will be empty if you have not defined the devices the policy needs to be applied on. If a policy is enforced on a device when the device registers with EMM, those device details will not be shown here.
usersLists out the users on whose devices the policy is enforced.
activateIf the value is true it indicates that the policy is active. If the value is false it indicates that the policy is inactive.
updatedIf you have made changes to the policy but have not applied these changes to the devices that are registered with EMM, then the value is defined as true. But if you have already applied any changes made to the policy then the value is defined as false.
descriptionGives a description on the policy.
compliance

Provides the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.

policyCriteria

When adding a policy if you have added a policy criteria other than the ones given via WSO2 EMM those additional details will be given here.
tenantIdThe ID of the tenant that created the policy.
profileIdThe ID of the profile.

Getting details of a policy

Description

Retrieve the details of a selected policy in WSO2 EMM.

Resource Path/{id}
URL/mdm-admin/policies/{id}
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/{id}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.
  • Provide the policy ID as the value for {id}. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details.

Example: Retrieve the policy details of the policy having the ID 1.

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/1
 Sample output
> GET /mdm-admin/policies/1 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 09:53:45 GMT
< Content-Type: application/json
< Content-Length: 652
< Server: WSO2 Carbon Server
{"id":1,"priorityId":1,"profile":{"profileId":1,"profileName":"Camera","tenantId":-1234,"deviceType":{"id":1,"name":"android"},"createdDate":"Feb 25, 2016 12:00:18 PM","updatedDate":"Feb 25, 2016 12:00:18 PM","profileFeaturesList":[{"id":1,"featureCode":"CAMERA","profileId":1,"deviceTypeId":1,"content":"{\"enabled\":true}"}]},"policyName":"Camera","generic":false,"roles":[],"ownershipType":"ANY","devices":[],"users":[],"active":false,"updated":false,"description":"Optional","compliance":"enforce","policyCriterias":[],"tenantId":-1234,"profileId":1}
Sample JSON Definition 
{  
   "id":1,
   "priorityId":1,
   "profile":{  
      "profileId":1,
      "profileName":"Camera",
      "tenantId":-1234,
      "deviceType":{  
         "id":1,
         "name":"android"
      },
      "createdDate":"Feb 25, 2016 12:00:18 PM",
      "updatedDate":"Feb 25, 2016 12:00:18 PM",
      "profileFeaturesList":[  
         {  
            "id":1,
            "featureCode":"CAMERA",
            "profileId":1,
            "deviceTypeId":1,
            "content":"{\"enabled\":true}"
         }
      ]
   },
   "policyName":"Camera",
   "generic":false,
   "roles":[  

   ],
   "ownershipType":"ANY",
   "devices":[],
   "users":[],
   "active":false,
   "updated":false,
   "description":"Optional",
   "compliance":"enforce",
   "policyCriterias":[],
   "tenantId":-1234,
   "profileId":1
}
Property valueDescription
idThe policy ID.
priorityIdThe priority order of the policy. 1 indicates the highest priority
profile

Contains the details of the profile that is included in the policy.

Example: The policy will contain a profile of disabling a camera on a device and encrypting the storage.

profileIdThe ID of each profile that is in the selected policy.
profileNameThe name of the profile.
tenantIdThe ID of the tenant that added the policy.
deviceTypeContains the device type details the policy was created for.
idThe ID of the device type.
nameThe device platform type.

createdDate

The date the policy was created.

updatedDate

The date the changes made to the policy was published to the devices registered with the EMM.
profileFeaturesListContains the features specific to each profile in the policy.
idThe ID of the feature list.
featurecode

The code specific for the feature of the profile.

The code that defines the profile. Example for feature codes: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

profileIdThe ID of the profile the features belong to.
deviceTypeIdThe Id of the device type.
contentContains the details of the features and the values assigned when adding the policy.
policyNameThe name of the policy.
rolesThe roles to whom the policy is applied on.
ownershipType

The policy ownership type. It can be any of the following values:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
devicesLists out the devices the policy is enforced on. This field will be empty if you have not defined to what devices the policy needs to be applied on. If a policy is enforced on a device when the device registers with EMM, those device details will not be shown here.
usersLists out the users on whose devices the policy is enforced.
activateIf the value is true it indicates that the policy is active. If the value is false it indicates that the policy is inactive.
updatedIf you have made changes to the policy but have not applied these changes to the devices that are registered with EMM, then the value is defined as true. But if you have already applied any changes made to the policy then the value is defined as false.
descriptionGives a description on the policy.
compliance

Provides the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.

policyCriteria

When adding a policy if you have added a policy criteria other than the ones given via WSO2 EMM those additional details will be given here.
tenantIdThe ID of the tenant that created the policy.
profileIdThe ID of the profile.

Updating a policy

DescriptionIf you wish to make changes to an existing policy, you can do so by updating the policy using the REST API command given below.
Resource Path/{id}
URL/mdm-admin/policies/{id}
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/{id}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to update the policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.
  • Provide the policy ID as the value for {id}. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

Example: Update the policy having the policy ID 1, with the changes defined in the policy.json file.

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/1
 Sample output
> PUT /mdm-admin/policies/1 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 571
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 11:29:30 GMT
< Content-Type: application/json
< Content-Length: 78
< Server: WSO2 Carbon Server
{"messageFromServer":"Policy has been updated successfully."}
Sample JSON
Definition 
{  
   "policyName":"Camera",
   "description":"Optional",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{  
      "profileName":"Camera",
      "deviceType":{  
         "id":1
      },
      "profileFeaturesList":[  
         {  
            "featureCode":"CAMERA",
            "deviceTypeId":1,
            "content":{  
               "enabled":true
            }
         },
         {  
            "featureCode":"ENCRYPT_STORAGE",
            "deviceTypeId":1,
            "content":{  
               "encrypted":true
            }
         }
      ]
   },
   "roles":["ANY"]
}
Property valueDescription
policyName

The name of the policy.

DescriptionProvide a description on what the policy is based on.
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
ownershipType

Define the define ownership type. It will be one of the options given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
profileProvide the policy profile details.
profileNameThe name of the policy that is being added.
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID for the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

profileFeaturesList Lists the features that belong to the profile.
featureCode

Provide the code that defines the policy you wish to add.

Example: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

deviceTypeIdThe ID used to define the type of the device platform.
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

enabled

In the context of adding a policy for cameras this filed is used to define if the camera is allowed to be used or not.

  • true - The camera is enabled.
  • false - the camera is disabled.
usersDefine the users the policy needs to be applied on. The policy will then be applied on the respective user's devices.
rolesDefine the roles the policy needs to be applied on. The policy will then be applied on the respective user role's devices.

Updating the policy priority

DescriptionIf you wish to make changes to the existing policy priority order, you can do so by updating the priority order using the REST API command given below.
Resource Path/priorities
URL/mdm-admin/policies/priorities
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/priorities
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to update the policy priority as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/priorities
 Sample output
> PUT /mdm-admin/policies/priorities HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 13:01:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200",messageFromServer":"Policy Priorities successfully updated."}
Sample JSON
Definition 
[  
   {  
      "id":2,
      "priority":1
   }
]
PropertyDescription
id

Define the ID of the policy. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

priorityDefine the priority of the order, where 1 indicates the highest priority.

Removing multiple policies

DescriptionIn situations where you need to delete more than one policy you can do so using the REST API command given below.
Resource Path/bulk-remove
URL/mdm-admin/policies/bulk-remove
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/bulk-remove
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to remove multiple policies as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/bulk-remove
 Sample output
> POST /mdm-admin/policies/bulk-remove HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 06:35:00 IST
< Date: Thu, 25 Feb 2016 14:06:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200",messageFromServer":"Policies have been successfully deleted."}
Sample JSON
Definition 
[1,2]

Define the IDs of the policies you wish to delete. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

Activating policies

DescriptionUsing the REST API command you are able to publish a policy in order to bring a policy that is in the inactive state to the active state.
Resource Path/activate
URL/mdm-admin/policies/activate
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/activate
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to activate a policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/activate
 Sample output
> PUT /mdm-admin/policies/activate HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 06:35:00 IST
< Date: Thu, 25 Feb 2016 14:06:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200","messageFromServer": "Selected policies have been successfully activated."}
Sample JSON
Definition 
[{1,2}]

Define the ID/IDs of the policies you wish to publish. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

Deactivating policies

DescriptionUsing the REST API command you are able to unpublish a policy in order to bring a policy that is in the active state to the inactive state.
Resource Path/inactivate
URL/mdm-admin/policies/inactivate
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/inactivate
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to inactivate a policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/inactivate
 Sample output
> PUT /mdm-admin/policies/inactivate HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 06:35:00 IST
< Date: Thu, 25 Feb 2016 14:06:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200","messageFromServer": "Selected policies have been successfully inactivated."}
Sample JSON
Definition 
[{1,2}]

Define the ID/IDs of the policies you wish to unpublish. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

Applying changes on policies

DescriptionPolicies in the active state will be applied to new device that register with WSO2 EMM based on the policy enforcement criteria . In a situation where you need to make changes to existing policies (removing, activating, deactivating and updating) or add new policies, the existing devices will not receive these changes immediately. Once all the required changes are made you need to apply the changes to push the policy changes to the existing devices.
Resource Path/apply-changes
URL/mdm-admin/policies/apply-changes
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/apply-changes
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/apply-changes
 Sample output
> PUT /mdm-admin/policies/apply-changes HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Fri, 26 Feb 2016 11:35:02 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Changes have been successfully updated."}

Starting policy monitoring

Description

WSO2 EMM monitors the devices to identify any devices that have not complied to an enforced policy. The policy monitoring task begins at the point WSO2 EMM has a a published policy. It will monitor the device based on the policy monitoring frequency that you define in milliseconds.

Using this REST API to start the policy monitoring task is optional as WSO2 EMM uses an OSGI call to start the monitoring task.

Resource Path/start-task/{milliseconds}
URL/mdm-admin/policies/start-task/{milliseconds}
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/start-task/{milliseconds}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/start-task/6000
 Sample output
> GET /mdm-admin/policies/start-task/600 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Fri, 26 Feb 2016 11:50:37 GMT
< Content-Type: application/json
< Content-Length: 88
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Policy monitoring service started successfully."}

Updating policy monitoring

Description

WSO2 EMM monitors the devices to identify any devices that have not complied to an enforced policy. If you wish to update the policy monitoring frequency you can do so using the following REST API command.

Resource Path/update-task/{milliseconds}
URL/mdm-admin/policies/update-task/{milliseconds}
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/update-task/{milliseconds}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/update-task/6500
 Sample output
> GET /mdm-admin/policies/update-task/6500 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Sat, 27 Feb 2016 07:23:15 GMT
< Content-Type: application/json
< Content-Length: 88
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Policy monitoring service updated successfully."}

Stopping policy monitoring

Description

WSO2 EMM monitors the devices to identify any devices that have not complied to an enforced policy. The policy monitoring task begins at the point WSO2 EMM has a a published policy. If you wish to stop the policy monitoring task you can do so by using the REST API command given below.

Resource Path/stop-task
URL/mdm-admin/policies/stop-task
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/stop-task
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/stop-task
 Sample output
> GET /mdm-admin/policies/stop-task HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Sat, 27 Feb 2016 07:31:50 GMT
< Content-Type: application/json
< Content-Length: 88
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Policy monitoring service stopped successfully."}

Getting policy enforced details of a device

Description

When a device registers with WSO2 EMM a policy is enforced on the device. Initially, the EMM filters the policies based on the Platform (device type), filters based on the device ownership type , filters based on the user role or name and finally the policy is enforced on the device.

For more information, see Managing Policies.

Resource Path/{type}/{id}/active-policy
URL/mdm-admin/policies/{type}/{id}/active-policy
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/{type}/{id}/active-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.
  • Define the device type as the value for {type}. Example: ios, android, windows.
  • Define the device ID as the value for {id}.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/iso/ee07b9c45904ef3af3tt5r4t13d0d6cd58a4567y/active-policy
 Sample output
> GET /mdm-admin/policies/ios/ee07b9c45904ef3af3tt5r4t13d0d6cd58a4567y/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Sat, 27 Feb 2016 08:04:28 GMT
< Content-Type: application/json
< Content-Length: 797
< Server: WSO2 Carbon Server
{"id":38,"priorityId":3,"profile":{"profileId":38,"profileName":"iOS Policies","tenantId":-1234,"deviceType":{"id":33,"name":"ios"},"createdDate":"Feb 27, 2016 1:33:13 PM","updatedDate":"Feb 27, 2016 1:33:13 PM","profileFeaturesList":[{"id":39,"featureCode":"PASSCODE_POLICY","profileId":38,"deviceTypeId":33,"content":"{\"forcePIN\":true,\"allowSimple\":true,\"requireAlphanumeric\":true,\"minLength\":\"10\",
\"minComplexChars\":\"3\",\"maxPINAgeInDays\":\"50\",\"pinHistory\":\"25\",\"maxInactivity\":\"3\",
\"maxGracePeriod\":\"1\",\"maxFailedAttempts\":\"6\"}"}]},"policyName":"iOS Policies","generic":false,
"roles":["ANY"],"ownershipType":"BYOD","devices":[],"users":[],"active":true,"updated":false,"description":"","compliance":"enforce","policyCriterias":[],"tenantId":-1234,"profileId":38}
Sample JSON output
{  
   "id":38,
   "priorityId":3,
   "profile":{  
      "profileId":38,
      "profileName":"iOS Policies",
      "tenantId":-1234,
      "deviceType":{  
         "id":33,
         "name":"ios"
      },
      "createdDate":"Feb 27, 2016 1:33:13 PM",
      "updatedDate":"Feb 27, 2016 1:33:13 PM",
      "profileFeaturesList":[  
         {  
            "id":39,
            "featureCode":"PASSCODE_POLICY",
            "profileId":38,
            "deviceTypeId":33,
            "content":"{\"forcePIN\":true,\"allowSimple\":true,\"requireAlphanumeric\":true,\"minLength\":\"10\",
\"minComplexChars\":\"3\",\"maxPINAgeInDays\":\"50\",\"pinHistory\":\"25\",\"maxInactivity\":\"3\",
\"maxGracePeriod\":\"1\",\"maxFailedAttempts\":\"6\"}"
         }
      ]
   },
   "policyName":"iOS Policies",
   "generic":false,
   "roles":["ANY"],
   "ownershipType":"BYOD",
   "devices":[],
   "users":[],
   "active":true,
   "updated":false,
   "description":"",
   "compliance":"enforce",
   "policyCriterias":[],
   "tenantId":-1234,
   "profileId":38
}
Property valueDescription
idThe policy ID.
priorityIdThe priority order of the policy. 1 is defined as the highest priority policy.
profile

Contains the details of the profile that is included in the policy.

Example: The policy will contain a profile of disabling a camera on a device and encrypting the storage.

profileIdThe ID of each profile that is in the selected policy.
profileNameThe name of the profile.
tenantIdThe ID of the tenant that added the policy.
deviceTypeContains the device type details the policy was created for.
idThe ID of the device type.
nameThe device platform type.

createdDate

The date the policy was created.

updatedDate

The date the changes made to the policy was published to the devices registered with the EMM.
profileFeaturesListContains the features specific to each profile in the policy.
idThe ID of the feature list.
featurecode

The code specific for the feature of the profile.

The code that defines the profile. Example for feature codes: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

profileIdThe ID of the profile the features belong to.
deviceTypeIdThe Id of the device type.
contentContains the details of the features and the values assigned when adding the policy.
policyNameThe name of the policy.
rolesThe roles to whom the policy is applied on.
ownershipType

The policy ownership type. It can be any of the following values:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied to the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied to the COPE device type.
devicesLists the devices that the policy is enforced on. This field will be empty if you have not defined to what devices the policy needs to be applied on. If a policy is enforced on a device when the device registers with EMM, those device details will not be shown here.
usersLists the users on whose devices the policy is enforced.
activateIf the value is true it indicates that the policy is active. If the value is false it indicates that the policy is inactive.
updatedIf you have made changes to the policy but have not applied these changes to the devices that are registered with EMM, then the value is defined as true. But if you have already applied any changes made to the policy then the value is defined as false.
descriptionGives a description of the policy.
compliance

Provides the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforces the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.

policyCriteria

When adding a policy if you have added the policy criteria other than the ones given via WSO2 EMM those additional details will be given here.
tenantIdThe ID of the tenant that created the policy.
profileIdThe ID of the profile.

Getting the policy count

DescriptionGet the number of policies that are created in WSO2 EMM.
Resource Path/count
URL/mdm-admin/policies/count
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/count
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/count
 Sample output
> GET /mdm-admin/policies/count HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 10:58:30 GMT
< Content-Type: application/json
< Content-Length: 1
< Server: WSO2 Carbon Server
10
Sample JSON Output
Definition 

Provides the number of policies in WSO2 EMM at the time of running the REST API command as an integer value.

Example: As per the above sample output there are 10 policies in the EMM.

Adding a user restriction policy

Description

Restrict different functions on the user's device using this REST API. When adding a policy you will have the option of saving the user restriction policy or saving and publishing the user restriction policy.

For a better understanding on how this works via the EMM console, see Adding a Policy.

Resource Path
  • Adding a policy that is in the inactive state /inactive-policy.
  • Adding a policy that is in the active state /active-policy.
URL/mdm-admin/policies/inactive-policy or /mdm-admin/policies/active-policy
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/inactive-policy
 
or
 
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/active-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to add a policy as the as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/inactive-policy
 
or
 
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/active-policy
 Sample output
> POST /mdm-admin/policies/inactive-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 420
< HTTP/1.1 201 Created
< Date: Thu, 25 Feb 2016 06:30:18 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
{"statusCode":201,"messageFromServer":"Policy has been added successfully."}
Sample JSON Definition 
{
  "policyName": "restriction_policy",
  "description": "Add restriction on the devices that have the settings application installed.",
  "compliance": "enforce",
  "ownershipType": "ANY",
  "profile": {
    "profileName": "restriction_policy",
    "deviceType": {
      "id": 1
    },
    "profileFeaturesList": [
      {
        "featureCode": "CAMERA",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_ADJUST_VOLUME",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CONFIG_BLUETOOTH",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CONFIG_CELL_BROADCASTS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CONFIG_CREDENTIALS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CONFIG_MOBILE_NETWORKS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CONFIG_TETHERING",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CONFIG_VPN",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CONFIG_WIFI",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_APPS_CONTROL",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CREATE_WINDOWS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_CROSS_PROFILE_COPY_PASTE",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_DEBUGGING_FEATURES",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_FACTORY_RESET",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_ADD_USER",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_INSTALL_APPS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_INSTALL_UNKNOWN_SOURCES",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_MODIFY_ACCOUNTS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_MOUNT_PHYSICAL_MEDIA",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_NETWORK_RESET",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_OUTGOING_BEAM",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_OUTGOING_CALLS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_REMOVE_USER",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_SAFE_BOOT",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_SHARE_LOCATION",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_SMS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_UNINSTALL_APPS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_UNMUTE_MICROPHONE",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "DISALLOW_USB_FILE_TRANSFER",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "ALLOW_PARENT_PROFILE_APP_LINKING",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "ENSURE_VERIFY_APPS",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "AUTO_TIME",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "SET_SCREEN_CAPTURE_DISABLED",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      },
      {
        "featureCode": "SET_STATUS_BAR_DISABLED",
        "deviceTypeId": 1,
        "content": {
          "enabled": true
        }
      }
    ]
  },
  "roles": [
    "ANY"
  ]
}
PropertyDescriptionData
Type 
policyNameThe name of the policy.String
DescriptionProvide a description on what the policy is based on.String
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
String
ownershipType

Define the define ownership type using the values given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
String
profileProvide the policy profile details.-
profileNameThe name of the policy that is being added.String
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID for the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

Integer
profileFeaturesList Lists the features that belong to the profile.-
featureCode

Provide the code that defines the policy you wish to add. WSO2 EMM provides the following features for user restrictions:

For more information, see the featurecode table below.

String
deviceTypeIdThe ID used to define the type of the device platform.Integer
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

String
enabled

In the context of adding a policy for cameras. The filed is used to define if the camera on the device is permitted to be used or not.

  • true - The camera is enabled.
  • false - the camera is disabled.
Boolean
usersDefine the users the policy needs to be applied on. The policy will be applied on the respective users devices.String array
rolesDefine the roles the policy needs to be applied on. The policy will be applied on the respective user roles devices.String array

If you wish to add a new policy criteria than what is already supported (users and roles) you can do so by defining a new policy criteria within the "policyCriterias" :[] field.


featurecode

The available OS column gives the information on what OS a given feature is available. The features will be available in the proceeding OS versions after it too. For example if its mentioned that the feature is available on the Android 4.1.0 OS version, the feature will be available on the OS version starting from Android 4.1.0 to the latest Android version.

PropertyDescription

Available
OS 

Data
Type 
CAMERADefine if the user is allowed to use the camera by assigning true as the value. 4.1.xBoolean

DISALLOW_ADJUST_VOLUME:

Define if a user is disallowed from adjusting the master volume by assigning true as the value.5.0.0Boolean

DISALLOW_CONFIG_BLUETOOTH

Define if a user is disallowed from configuring bluetooth by assigning true as the value.5.0.0Boolean

DISALLOW_CONFIG_CELL_BROADCASTS

Define if a user is disallowed from configuring cell broadcasts by assigning true as the value.5.0.0Boolean

DISALLOW_CONFIG_CREDENTIALS

Define if a user is disallowed from configuring user credentials by assigning true as the value.5.0.0Boolean

DISALLOW_CONFIG_MOBILE_NETWORKS

Define if a user is disallowed from configuring mobile networks by assigning true as the value.5.0.0Boolean

DISALLOW_CONFIG_TETHERING:

Define if a user is disallowed from configuring Tethering & portable hotspots by assigning true as the value.5.0.0Boolean

DISALLOW_CONFIG_VPN

Define if a user is disallowed from configuring VPN by assigning true as the value.5.0.0Boolean

DISALLOW_CONFIG_WIFI

Define if a user is disallowed from changing Wi-Fi access points by assigning true as the value.5.0.0Boolean

DISALLOW_CREATE_WINDOWS

Define that windows besides app windows should not be created by assigning true as the value.5.0.0Boolean

DISALLOW_CROSS_PROFILE_COPY_PASTE:

Define if what is copied in the clipboard can be pasted in related profiles by assigning true as the value.5.0.0Boolean

DISALLOW_DEBUGGING_FEATURES

Define if a user is disallowed from enabling or accessing debugging features by assigning true as the value.5.0.0Boolean

DISALLOW_FACTORY_RESET

Define if a user is disallowed to factory reset the device from Settings by assigning true as the value.5.0.0Boolean

DISALLOW_ADD_USER

Define if a user is disallowed from adding new users and profiles by assigning true as the value.5.0.0Boolean

DISALLOW_INSTALL_APPS

Define if a user is disallowed from installing applications by assigning true as the value.5.0.0Boolean

DISALLOW_INSTALL_UNKNOWN_SOURCES

Define if a user is disallowed from enabling the "Unknown Sources" setting, that allows installation of apps from unknown sources by assigning true as the value.5.0.0Boolean

DISALLOW_MODIFY_ACCOUNTS

Define if a user is disallowed from adding and removing accounts, unless they are programmatically added by Authenticator.

5.0.0Boolean

DISALLOW_MOUNT_PHYSICAL_MEDIA

Define if a user is disallowed from mounting physical external media by assigning true as the value.5.0.0Boolean

DISALLOW_NETWORK_RESET

Define if a user is disallowed from resetting network settings from Settings by assigning true as the value.5.0.0Boolean

DISALLOW_OUTGOING_BEAM

Define if the user is not allowed to use NFC to beam out data from apps by assigning true as the value.5.0.0Boolean

DISALLOW_OUTGOING_CALLS

Define that the user is not allowed to make outgoing phone calls by assigning true as the value.5.0.0Boolean

DISALLOW_REMOVE_USER

If the value assigned is true, it defines that the user can not remove other users, When set on the primary user this specifies5.0.0Boolean

DISALLOW_SAFE_BOOT

Define if the user is not allowed to reboot the device into safe boot mode.5.0.0Boolean

DISALLOW_SHARE_LOCATION

Define if a user is disallowed from turning on location sharing.5.0.0Boolean

DISALLOW_SMS

Define that the user is not allowed to send or receive SMS messages.5.0.0Boolean

DISALLOW_UNINSTALL_APPS

Define if a user is disallowed from uninstalling applications.5.0.0Boolean

DISALLOW_UNMUTE_MICROPHONE

Define if a user is disallowed from adjusting microphone volume.5.0.0Boolean

DISALLOW_USB_FILE_TRANSFER

Define if a user is disallowed from transferring files over USB.5.0.0Boolean

ALLOW_PARENT_PROFILE_APP_LINKING

Allows apps in the parent profile to handle web links from the managed profile if the value is set to true.5.0.0Boolean

ENSURE_VERIFY_APPS

Define if a user is disallowed from disabling application verification.5.0.0Boolean

AUTO_TIME

Defines that the auto time feature in the device that is in Settings > Date & Time is enabled if the value is set to true.5.0.0Boolean

SET_SCREEN_CAPTURE_DISABLED

The screen shot option on the device will be disabled if the value is set to true.5.0.0Boolean

SET_STATUS_BAR_DISABLED

The status bar on the device will not be shown if the value is set to true.6.0.0Boolean

Whitelisting or blacklisting applications

Description

Whitelist or blacklist applications using this API. In whitelisting you define the applications that a user is allowed to use on the device and in blacklisting you define the applications that a user is not allowed to use on a device.

Resource Path
  • Adding a policy that is in the inactive state /inactive-policy.
  • Adding a policy that is in the active state /active-policy.
URL/mdm-admin/policies/inactive-policy or /mdm-admin/policies/active-policy
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/inactive-policy
 
or
 
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/active-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to add a policy as the as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/inactive-policy
 
or
 
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/active-policy
 Sample output
> POST /mdm-admin/policies/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 420
< HTTP/1.1 201 Created
< Date: Thu, 25 Feb 2016 06:30:18 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
{"statusCode":201,"messageFromServer":"Policy has been added successfully."}
Sample JSON Definition 
{   
   "policyName":"blacklist",
   "description":"",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{   
      "profileName":"blacklist",
      "deviceType":{   
         "id":1
      },
      "profileFeaturesList":[   
         {   
            "featureCode":"APP-RESTRICTION",
            "deviceTypeId":1,
            "content":{   
               "restriction-type":"black-list",
               "restricted-applications":[   
                  {   
                     "appName":"app name1",
                     "packageName":"package1"
                  },
                  {   
                     "appName":"app name2",
                     "packageName":"package2"
                  },
                  {   
                     "appName":"app name3",
                     "packageName":"package3"
                  }
               ]
            }
         }
      ]
   },
   "roles":[   
      "ANY"
   ]
}
{   
   "policyName":"whitelist",
   "description":"",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{   
      "profileName":"whitelist",
      "deviceType":{   
         "id":1
      },
      "profileFeaturesList":[   
         {   
            "featureCode":"APP-RESTRICTION",
            "deviceTypeId":1,
            "content":{   
               "restriction-type":"white-list",
               "restricted-applications":[   
                  {   
                     "appName":"app name1",
                     "packageName":"package1"
                  },
                  {   
                     "appName":"app name2",
                     "packageName":"package2"
                  },
                  {   
                     "appName":"app name3",
                     "packageName":"package3"
                  }
               ]
            }
         }
      ]
   },
   "roles":[   
      "ANY"
   ]
}
PropertyDescriptionData
Type 
policyNameThe name of the policy.String
DescriptionProvide a description on what the policy is based on.String
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
String
ownershipType

Define the define ownership type using the values given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
String
profileProvide the policy profile details.-
profileNameThe name of the policy that is being added.String
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID for the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

Integer
profileFeaturesListLists the features that belong to the profile.-
featureCode

Provide the code that defines the policy you wish to add.

String
deviceTypeIdThe ID used to define the type of the device platform.Integer
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

String

restriction-type

Define the application restriction type using the values given below:

  • black-list: Define the applications that needs to be restricted in a device.
  • white-list: Define the applications that are only allowed to be used in a device and restrict the other applications from being used.
String

restricted-applications

Provides the details of the applications that are restricted.-

appName

The name of the application.String
packageName

Define the exact name of the application package. You can use one of the following methods to get the package name.

  • Go to the respective application in the play store and copy the ID or package name from the URL.
    Example: The play store application URL for the Viber app is https://play.google.com/store/apps/details?id=com.viber.voip&hl=en. Therefore, the package name or the application ID is: id=com.viber.voip 
  • Download the System Info for Android to your device from the play store.
    Once the application is successfully installed go to the Tasks tab and you will see the package name under the respective application.
String
rolesDefine the roles the policy needs to be applied on. The policy will be applied on the respective user roles devices.String array

If you wish to add a new policy criteria than what is already supported (roles) you can do so by defining a new policy criteria within the "policyCriterias" :[] field

Setting up a VPN on Android devices

DescriptionSet up a VPN on your Android devices remotely. It allows the device to access secured resources on the intranet of an Organization.
Resource Path
  • Adding a policy that is in the inactive state /inactive-policy.
  • Adding a policy that is in the active state /active-policy.
URL/mdm-admin/policies/inactive-policy or /mdm-admin/policies/active-policy
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/inactive-policy
 
or
 
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/active-policy
  • For more information on how to generate the EMM API token, see Generating the OAuth 2.0 Access Token.
  • Define the path to the JSON file, which lists the devices that this operation is applied on, as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/inactive-policy
 
or
 
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/active-policy
 Sample output
> POST /mdm-admin/policies/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 420
< HTTP/1.1 201 Created
< Date: Thu, 25 Feb 2016 06:30:18 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
{"statusCode":201,"messageFromServer":"Policy has been added successfully."} 
Sample JSON Definition 
 {  
   "policyName":"VPN",
   "description":"",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{  
      "profileName":"vpn",
      "deviceType":{  
         "id":1
      },
      "profileFeaturesList":[  
         {  
            "featureCode":"VPN",
            "deviceTypeId":1,
            "content":{  
               "serverAddress":"abc.com",
               "serverPort":"1234",
               "sharedSecret":"wso2",
               "dnsServer":"1.1.1.1"
            }
         }
      ]
   },
   "roles":[  
      "ANY"
   ]
}
PropertyDescriptionData
Type 
policyNameThe name of the policy.String
DescriptionProvide a description on what the policy is based on.String
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
String
ownershipType

Define the define ownership type using the values given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
String
profileProvide the policy profile details.-
profileNameThe name of the policy that is being added.String
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID for the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

Integer
profileFeaturesListLists the features that belong to the profile.-
featureCode

Provide the code that defines the policy you wish to add.

String
deviceTypeIdThe ID used to define the type of the device platform.Integer
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

String

serverAddress

Define the server address of the VPN.String

serverPort

Define the server port of the VPN.String

sharedSecret

Define the shared secret for the VPN connection. This is used for secure communication between the device and the WSO2 EMM server.

String

dnsServer

Define the DNS server URL. This field is optional.String
rolesDefine the roles the policy needs to be applied on. The policy will be applied on the respective user roles devices.String array

  • No labels