REST Resource: enterprises

Resource: Enterprise

The configuration applied to an enterprise.

JSON representation
{
  "name": string,
  "enabledNotificationTypes": [
    enum (NotificationType)
  ],
  "pubsubTopic": string,
  "primaryColor": integer,
  "logo": {
    object (ExternalData)
  },
  "enterpriseDisplayName": string,
  "termsAndConditions": [
    {
      object (TermsAndConditions)
    }
  ],
  "appAutoApprovalEnabled": boolean,
  "signinDetails": [
    {
      object (SigninDetail)
    }
  ],
  "contactInfo": {
    object (ContactInfo)
  }
}
Fields
name

string

The name of the enterprise which is generated by the server during creation, in the form enterprises/{enterpriseId}.

enabledNotificationTypes[]

enum (NotificationType)

The types of Google Pub/Sub notifications enabled for the enterprise.

pubsubTopic

string

The topic which Pub/Sub notifications are published to, in the form projects/{project}/topics/{topic}. This field is only required if Pub/Sub notifications are enabled.

primaryColor

integer

A color in RGB format that indicates the predominant color to display in the device management app UI. The color components are stored as follows: (red << 16) | (green << 8) | blue, where the value of each component is between 0 and 255, inclusive.

enterpriseDisplayName

string

The name of the enterprise displayed to users. This field has a maximum length of 100 characters.

termsAndConditions[]

object (TermsAndConditions)

Terms and conditions that must be accepted when provisioning a device for this enterprise. A page of terms is generated for each value in this list.

appAutoApprovalEnabled
(deprecated)

boolean

Deprecated and unused.

signinDetails[]

object (SigninDetail)

Sign-in details of the enterprise.

contactInfo

object (ContactInfo)

The enterprise contact info of an EMM-managed enterprise.

NotificationType

Types of notifications the device management server may send via Google Pub/Sub.

Enums
NOTIFICATION_TYPE_UNSPECIFIED This value is ignored.
ENROLLMENT A notification sent when a device enrolls.
COMPLIANCE_REPORT

Deprecated.

STATUS_REPORT A notification sent when a device issues a status report.
COMMAND A notification sent when a device command has completed.
USAGE_LOGS A notification sent when device sends BatchUsageLogEvents.

ExternalData

Data hosted at an external location. The data is to be downloaded by Android Device Policy and verified against the hash.

JSON representation
{
  "url": string,
  "sha256Hash": string
}
Fields
url

string

The absolute URL to the data, which must use either the http or https scheme. Android Device Policy doesn't provide any credentials in the GET request, so the URL must be publicly accessible. Including a long, random component in the URL may be used to prevent attackers from discovering the URL.

sha256Hash

string

The base-64 encoded SHA-256 hash of the content hosted at url. If the content doesn't match this hash, Android Device Policy won't use the data.

TermsAndConditions

A terms and conditions page to be accepted during provisioning.

JSON representation
{
  "header": {
    object (UserFacingMessage)
  },
  "content": {
    object (UserFacingMessage)
  }
}
Fields
header

object (UserFacingMessage)

A short header which appears above the HTML content.

content

object (UserFacingMessage)

A well-formatted HTML string. It will be parsed on the client with android.text.Html#fromHtml.

SigninDetail

A resource containing sign in details for an enterprise. Use enterprises to manage SigninDetails for a given enterprise.

For an enterprise, we can have any number of SigninDetails that is uniquely identified by combination of the following three fields (signinUrl, allowPersonalUsage, tokenTag). One cannot create two SigninDetails with the same (signinUrl, allowPersonalUsage, tokenTag). (tokenTag is an optional field).

Patch: The operation updates the current list of SigninDetails with the new list of SigninDetails.

  • If the stored SigninDetail configuration is passed, it returns the same signinEnrollmentToken and qrCode.
  • If we pass multiple identical SigninDetail configurations that are not stored, it will store the first one amongst those SigninDetail configurations.
  • if the configuration already exists we cannot request it more than once in a particular patch API call, otherwise it will give a duplicate key error and the whole operation will fail.
  • If we remove certain SigninDetail configuration from the request then it will get removed from the storage. We can then request another signinEnrollmentToken and qrCode for the same SigninDetail configuration.
JSON representation
{
  "signinUrl": string,
  "signinEnrollmentToken": string,
  "qrCode": string,
  "allowPersonalUsage": enum (AllowPersonalUsage),
  "tokenTag": string
}
Fields
signinUrl

string

Sign-in URL for authentication when device is provisioned with a sign-in enrollment token. The sign-in endpoint should finish authentication flow with a URL in the form of https://enterprise.google.com/android/enroll?et= for a successful login, or https://enterprise.google.com/android/enroll/invalid for a failed login.

signinEnrollmentToken

string

An enterprise wide enrollment token used to trigger custom sign-in flow. This is a read-only field generated by the server.

qrCode

string

A JSON string whose UTF-8 representation can be used to generate a QR code to enroll a device with this enrollment token. To enroll a device using NFC, the NFC record must contain a serialized java.util.Properties representation of the properties in the JSON. This is a read-only field generated by the server.

allowPersonalUsage

enum (AllowPersonalUsage)

Controls whether personal usage is allowed on a device provisioned with this enrollment token.

For company-owned devices:

  • Enabling personal usage allows the user to set up a work profile on the device.
  • Disabling personal usage requires the user provision the device as a fully managed device.

For personally-owned devices:

  • Enabling personal usage allows the user to set up a work profile on the device.
  • Disabling personal usage will prevent the device from provisioning. Personal usage cannot be disabled on personally-owned device.
tokenTag

string

An EMM-specified metadata to distinguish between instances of SigninDetail.

ContactInfo

Contact details for managed Google Play enterprises.

JSON representation
{
  "contactEmail": string,
  "dataProtectionOfficerName": string,
  "dataProtectionOfficerEmail": string,
  "dataProtectionOfficerPhone": string,
  "euRepresentativeName": string,
  "euRepresentativeEmail": string,
  "euRepresentativePhone": string
}
Fields
contactEmail

string

Email address for a point of contact, which will be used to send important announcements related to managed Google Play.

dataProtectionOfficerName

string

The name of the data protection officer.

dataProtectionOfficerEmail

string

The email of the data protection officer. The email is validated but not verified.

dataProtectionOfficerPhone

string

The phone number of the data protection officer The phone number is validated but not verified.

euRepresentativeName

string

The name of the EU representative.

euRepresentativeEmail

string

The email of the EU representative. The email is validated but not verified.

euRepresentativePhone

string

The phone number of the EU representative. The phone number is validated but not verified.

Methods

create

Creates an enterprise.

delete

Permanently deletes an enterprise and all accounts and data associated with it.

get

Gets an enterprise.

list

Lists EMM-managed enterprises.

patch

Updates an enterprise.