This documentation is for WSO2 IoT Server 3.1.0. View the documentation for the latest release.
Device Ownership Application - IoT Server 3.1.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

A device owner is an application that runs as a device administrator on your Android device. But it has more control over the device than a device administrator as it get's access to a set of unique APIs. This is new concept was introduced for Android 5.0 and above.

Wondering when to use the device ownership application? You can define the WSO2 Android agent as the Device Ownership application for devices that are enrolled with WSO2 IoT Server and don't have the system service application installed. This way you can impose restrictions on the device that you weren't able to impose when the device in the device administrator state. For more information on the restrictions that can be imposed by the device ownership application, see Available Android Mobile Device Management Policies.

Please note that the restriction functions of the device ownership application do not work for Samsung devices at the moment.

Let's get started!

Device ownership application functionality

Let's take a look at how an application having the device ownership settings enabled, function.

  • Once the device ownership is assigned to an application, it gets access to a set of Android APIs, such as adding a user restriction policy on Android devices. These APIs are only accessible by the device ownership application.
  • At a given time a device can only have one application with the device ownership settings. It prevents another device ownership application from overriding the policies that have already been enforced on the device. 
  • If you wish to remove the device ownership from the application, you need to factory reset the device. For example, in a situation where the device needs to be given to a different user, you need to factory reset the device to remove the application.

Configuring the WSO2 Android agent

Before you begin

Make sure to have the Android agent installed on your device. For more information, see enrolling an Android device.

Let's take a look at how WSO2 IoT Server configures the device ownership settings on the agent.

Assign the device ownership to the WSO2 Android agent using one of the following methods.

The device ownership settings only work for SDK API levels 21 and above.

  • A command issued through the Android Debug Bridge (adb).

     Click here for more information.
    1. Make sure to have your Android device enrolled with WSO2 IoT Server.

    2. If you have set up a Google account for your device, make sure to remove it before proceeding to the next step.

    3. Connect the device to your PC and run the command given below:

      adb shell dpm set-device-owner org.wso2.iot.agent/.services.AgentDeviceAdminReceiver

      The above command is not supported by SDK API levels below 21 because it does not support Device Policy Manager (dpm) that is used in the command.

       Click here for more information on what happens when you run the adb command

      The Android system creates an XML file in the device's <DEVICE>/data/system directory once you run the command to assign the device ownership settings in the agent application as shown in step1.
      The name of the XML will be device_owner and it contains the package name of the service application having the device ownership.

      Example:

      device_owner.xml
      <device-owner package="org.wso2.iot.agent" name="Your app name" />

      A non-system application cannot modify the XML file that is in the device's <DEVICE>/data/system  directory unless it's rooted. Therefore Android guarantees that only the configured application gets the privileged device ownership status.

  • Integrating Android for work. 

The device ownership settings can also be assigned through a special Near Field Communication (NFC) message. Since this is a new feature, not all Android devices will have it. Therefore, this feature will not be supported by IoT Server 3.1.0.

Integrating the service application with WSO2 IoT Server

To successfully integrate the service application with WSO2 IoT Server you need to have the WSO2 Android agent installed as well. Take a look at the diagram given below to clearly understand the role of the Android agent in this scenario.

  • No labels