Distribute Apps

The following sections will provide you useful information about the distribution of apps in the managed Google Play Store.

Install apps

You can install Android apps from the Google Play Store on devices using the policy. To use this feature, you need to know the package name of the app you want to install. To find the app's package name you have two options:

  1. The app's package name is in the URL of the Google Play Store page. For example, the URL of the Google Chrome app page is

    and its package name is com.android.chrome.

  2. You can embed the managed Google Play iframe in your EMM console to allow your customers to browse the Google Play Store. When your customer selects an app in the iframe your EMM console receives the package name in the event.

You can then add the app in the device's policy:


When you apply the policy to a device, the app will either be installed on the device or added to the managed Google Play Store on the device.

Distribute apps for closed testing

In the Play Console, app developers can create a closed release (closed track) to test pre-release versions of their app with a set of testers. This is called closed testing. Supporting closed track distribution lets organizations test third-party apps, as well as any private apps they develop in-house.

When setting up a closed test in the Play Console, app developers can target up to 100 organizations (enterprises). You can use the Android Management API to retrieve the closed tracks targeted to an enterprise, and distribute these closed tracks to devices using the policy.

Apps eligible for closed testing

Before setting up a closed test, app developers must ensure that their app meets the following requirements:

  • A production version of the app is published on Google Play (or managed Google Play, for private apps)
  • In the Google Play Console, Managed Google Play is enabled in the app's Advanced Settings page.
  • Any closed versions of the app meet version code requirements.

Add an enterprise to closed tests

When setting up a closed test, app developers can grant an organization access to closed tests by adding their Organization ID. Your customers can locate their Organization ID using these instructions:

  1. Sign in to managed Google Play using an administrator account.
  2. Click Admin Settings.
  3. Copy the Organization ID string from the Organization information box and send it to the developer.

For private apps, the developer also needs to add the Organization ID of each participating enterprise in the Managed Google Play tab of the app's Advanced Settings page. For instructions, see Publish private apps from the Play Console.

Distribute closed tracks to users

To retrieve a list of tracks available to an enterprise for a specified app, call enterprises.applications. The appTrackInfo[] list included in the response contains the following for given apps:

  • trackId: The track’s unique identifier, taken from the releaseTrackId in the URL of the page in the Play Console that displays the app's track information.
  • trackAlias: The human-readable name for the track, which is modifiable in the Play Console.

To install a closed track on a user's device, specify the accessibleTrackIds in their device's policy:


If a policy contains multiple tracks from the same app (as in the example above), then the policy installs the track with the highest version code.

The trackIds will be automatically removed from enterprises.applications call in certain scenarios such as the following:

  • Track's APK is promoted to another track or to the production.
  • The production version is updated with a higher version than the track.
  • A developer stops the track.

Managed Google Play iframe

With the managed Google Play iframe, you can embed managed Google Play directly in your EMM console to offer customers a unified mobility management experience.

Figure 1. Managed Google Play iframe

The iframe contains a title bar and an expandable side menu. From the menu, users can navigate to different pages:

  • Search apps: Allows IT admins to search for and browse Google Play apps, view app details, and select apps.
  • Private apps: Allows IT admins to publish and manage private apps for their enterprise.
  • Web apps: Allows IT admins to publish and distribute website shortcuts as apps.
  • Organize apps: Allows IT admins to configure how apps are organized in the Play Store app on their user’s devices.


This section describes the features available in the managed Google Play iframe. For information on how to embed the iframe and implement these features, see Add the iframe to your console.

Add the iframe to your console

Step 1. Generate a web token

Call enterprises.webTokens.create to generate a web token that identifies the enterprise. The response contains the token's value.

  • Set parentFrameUrl to the URL of the parent frame hosting the iframe.
  • Use iframeFeature to specify which features to enable in the iframe: PLAY_SEARCH, PRIVATE_APPS, WEB_APPS, STORE_BUILDER (organize apps). If iframeFeature is not set, then the iframe enables all features by default.

Step 2. Render the iframe

Here's an example of how to render the managed Google Play iframe:

<script src="https://apis.google.com/js/api.js"></script>
<div id="container"></div>
  gapi.load('gapi.iframes', function() {
    var options = {
      'url': 'https://play.google.com/work/embedded/search?token=web_token&mode=SELECT',
      'where': document.getElementById('container'),
      'attributes': { style: 'width: 600px; height:1000px', scrolling: 'yes'}

    var iframe = gapi.iframes.getContext().openChild(options);

This code generates an iframe inside the container div. Attributes to be applied to the iframe tag can be set with the 'attributes' option, as previously mentioned.

URL parameters

The table below lists all the available parameters for the iframe that can be added to the URL as URL parameters, e.g:

'url': 'https://play.google.com/work/embedded/search?token=web_token&mode=SELECT&showsearchbox=TRUE',
Parameter Page Required Description
token N/A Yes The token returned from Step 1.
iframehomepage N/A No The initial page displayed when the iframe is rendered. Possible values are PLAY_SEARCH, WEB_APPS, PRIVATE_APPS, and STORE_BUILDER (organize apps). If not specified, the following order of precedence determines which page is displayed: 1. PLAY_SEARCH, 2. PRIVATE_APPS, 3. WEB_APPS, 4. STORE_BUILDER.
locale N/A No A well-formed BCP 47 language tag that is used to localize the content in the iframe. If not specified, the default value is en_US.
mode Search apps No SELECT: lets IT admins select apps.
APPROVE (default): lets IT admins select, approve, and un-approve apps.
showsearchbox Search apps No TRUE (default): displays the search box and initiates the search query from within the iframe.
FALSE: the search box is not displayed.
search Search apps No Search string. If specified, the iframe directs the IT admin to search results with the specified string.

Step 3. Handle iframe events

You should also handle the following events as part of your integration.

onproductselect The user selects or approves an app. This returns an object containing:
    "packageName": The package name of the app, e.g. "com.google.android.gm",
    "productId": The product ID of the app, e.g. "app:com.google.android.gm",
    "action": The type of action performed on the document. Possible values are:
    "approved", "unapproved" or "selected." If you implement the iframe in SELECT
    mode, the only possible value is "selected".
The sample below shows how to listen for onproductselect:
iframe.register('onproductselect', function(event) {

Upload your own app to the Google Play Store

If you or your customer develop an Android app, you can upload it on the Play Store using the Google Play Console.

If you don't want the app to be publicly available on the Play Store, you can restrict your app to a single enterprise using Google Play Console. Another option is to publish a private app programmatically using the Google Play Custom App Publishing API. Private apps are only available to the enterprise they are restricted to. They can still be installed using a policy, but are not be visible to users outside your enterprise.