Back to top
Home / Knox SDK / Features / MDM Providers / Accounts /

Email accounts

This topic describes how to use Samsung Knox to add support for email accounts. To use these examples, you will need your email account details such as your account type or mail server address.

About

EmailAccountPolicy provides APIs to manage email accounts on a device. This allows you to:

  • Add Email accounts.
  • Delete Email accounts.
  • Manage account types — regular accounts (Gmail, Hotmail, and so on) or Exchange accounts.
  • Provide extra security features (sync, certificates, and so on).

Benefits

  • Maximize security on incoming and outgoing messages.
  • Maintain corporate employee email polices (for example — no personal email accounts allowed)

For example, here are some of the settings you can push to a device with EmailAccountPolicy.addNewAccount.

add-email-accounts.png

Examples

Set up an public email account

Supported modes

  • Work Managed Device (DO)
  • Workspace (PO)
  • Workspace with Work Managed device (DO + PO)

API behavior

  • One email account per API call
  • Without minimum settings (account type) the API fails.

API implementation

  1. Create the EnterpriseDeviceManager object

  2. Get the emailAccountPolicy class

  3. Call addNewAccount()

  4. Enter the required account settings.

    long  accountId = -1;
EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
EmailAccountPolicy  emailAccountPolicy = edm.getEmailAccountPolicy();
try {
        accountId = emailAccountPolicy.addNewAccount(new EmailAccount(
            "testemail@gmail.com","pop3","pop.gmail.com", 995,
            "testemail@gmail.com", null,"smtp", "smtp.gmail.com",465,
            "testemail@gmail.com",null));

        if(accountId >= 0){
            Log.d(TAG," Adding a new email account has succeeded!");
            // Administrator needs to call sendAccountsChangedBroadcast() API
            // to notify regarding email account addition.
            emailAccountPolicy.sendAccountsChangedBroadcast();

        }else{
            Log.d(TAG," Adding a new email account failed.");
        }
} catch(SecurityException e) {
    Log.w(TAG,"SecurityException: "+e);
}

Set up an Exchange account

This API remotely configures a Microsoft Exchange ActiveSync account on the user’s device without user interaction. Most of these settings can be changed by the user except domain and username.

Use ExchangeAccountPolicy.addNewAccount to add exchange accounts the device or Workspace.

long  accountId = -1;
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  ExchangeAccountPolicy  exchangeAccountPolicy = edm.
                         getExchangeAccountPolicy();
  try {
     accountId =  exchangeAccountPolicy.addNewAccount(new ExchangeAccount(
                 "testeasid@easserver.com", "testeasid","easDomain", "easserver.com",
                 "Password@123"));
     if(accountId >= 0){
         Log.d(TAG,"Add a new exchange account with base parameters succeeded!");
         // Administrator needs to call sendAccountsChangedBroadcast() API
         // to notify about the Microsoft Exchange account addition.
         exchangeAccountPolicy.sendAccountsChangedBroadcast();
      }else{
          Log.d(TAG," Add a new exchange account with base parameters failed.");
      }
  } catch(SecurityException e) {
      Log.w(TAG,"SecurityException: "+e);
  }

Set up an Exchange account inside Workspace with a certificate

For this scenario, we set up Exchange inside Workspace using a client certificate and configure the following:

  • Use SSL
  • Encrypt the messages using a certificate
  • Sync as ‘automatic push’ for new messages

  1. Create a Knox Container.

  2. Get the Knox container manger object.

  3. Create the ExchangeAccountPolicy object with the required account configurations.

  4. Call addNewAccount to create the account.

  5. Call UseSSL and set to true.

  6. Call syncInterval to add sync frequency (in minutes).

  7. Open a certificate from the SD card and add a password.

  8. Call SetForceSMIECertificateForEncryption and pass in accountID, certificate path and the certificate password.

//Get the Knox container manager object
EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance();
KnoxContainerManager kmcm = ekm.getKnoxContainerManager(mContext, containerID);

//create Exchange account policy and add accounts

ExchangeAccountPolicy  eap = kcm.getExchangeAccountPolicy();
ExchangeAccount account = new ExchangeAccount("test@eas.com", "user", "domain","eas.server.com", "password");

//set SSL to true and sync interval to 2 minutes
account.UseSSL = true;
account.SyncInterval = 2;

//add new accounts with previous configurations
eap.addNewAccount(account);

//pass in certificate details to setForceSMIMECertificateForEncryption API
String certPath = "/mnt/sdcard/cert.p12";
String certPwd = "ins3cur3p4ss";
eap.setForceSMIMECertificateForEncryption(accountId, certPath, certPwd);

On this page

Is this page helpful?