Policies are the core resource of the Android Management API. You use them to
build groups of settings for your customers to apply to devices. The settings
available in the
resource include everything from password protection requirements, to installing
apps. Example policy snippets are available for:
policies resource can be applied to one or more devices. After a device
is linked to a policy, any updates to the policy are automatically applied to
- To create or update a
- To delete a
policies resource that’s not linked to any device for over seven days may
be deleted automatically by the API.
Relationship between a policy and a device
You can associate a
policies resource with a device during enrollment by
policyName when creating an enrollment
token. After a
device is enrolled with the enrollment token, the
policies resource linked to
policyName is applied to the device or work profile, depending on the
To update the policy associated with the device, call
When you update a
policies resource, the update is enforced on all devices
associated with that policy.
To apply a different policy to the device, call
Set a default policy
You can define a single default policy for an enterprise by setting the
name of a policy to
"default". The default policy will be applied to all
newly enrolled devices unless another
policyName is specified in the device's
Devices enrolled without a policy are blocked from all functions until a policy is applied. If a policy is not applied within five minutes, then the enrollment will fail and the device will be factory reset.
If a device is not in compliance with a policy setting, the device will generate a non-compliance detail indicating:
- The setting that the device is not in compliance with.
- The reason that the device is not in compliance with the setting.
Non-compliance details don't trigger any action on a device by default. However, you can include compliance rules in a policy. Compliance rules define the action taken on a device when a specified condition is met. Each rule contains:
- A condition: A specific non-compliance detail or minimum API level. Each compliance rule can only have one condition.
- Mitigating action: The action triggered on a device if the specified condition is met (for example, disable apps). A rule can have any number of mitigating actions. If no mitigating actions are set, Android Device Policy will display a non-compliance message on the device.
Receive non-compliance detail notifications
To configure an enterprise to receive notifications of noncompliant devices: