Back to top

Now that you have upgraded your Android work profile to a Knox workspace, you can use the Knox APIs to toggle the camera state and enforce multi-factor authentication for the work profile.

Create the camera policy

This method demonstrates how to use the Knox APIs to toggle the state of the camera.

    private void toggleCameraState() {
        // Instantiate the EnterpriseDeviceManager class
        EnterpriseDeviceManager enterpriseDeviceManager = EnterpriseDeviceManager.getInstance(this);
        // Get the RestrictionPolicy class where the setCameraState method lives
        RestrictionPolicy restrictionPolicy = enterpriseDeviceManager.getRestrictionPolicy();

        boolean cameraEnabled = restrictionPolicy.isCameraEnabled(false);

        try {
            // Toggle the camera state on/off
            boolean result = restrictionPolicy.setCameraState(!cameraEnabled);
            if(result) {
                mUtils.log(getResources().getString(R.string.camera_state, !cameraEnabled));
            } else {
                mUtils.log(getResources().getString(R.string.camera_fail));
            }
        } catch (SecurityException e) {
            mUtils.processException(e, TAG);
        }
    }

Enable multi-factor authentication

This method demonstrates how to use Knox APIs to enable multi-factor authentication for the work profile. Note that this API only works for devices running Knox v3.0 and higher (minimum SDK level 24).

    private void enforceMfa() {
        // Instantiate the EnterpriseDeviceManager class
        EnterpriseDeviceManager enterpriseDeviceManager = EnterpriseDeviceManager.getInstance(this);
        // Get the PasswordPolicy class where the setMultifactorAuthenticationEnabled method lives
        PasswordPolicy passwordPolicy = enterpriseDeviceManager.getPasswordPolicy();

        try {
            // Enable multi-factor authentication in the work profile
            passwordPolicy.setMultifactorAuthenticationEnabled(true);
            mUtils.log("Is MFA Enabled: " + passwordPolicy.isMultifactorAuthenticationEnabled());

        } catch (SecurityException e) {
            mUtils.processException(e, TAG);
        }
    }

Declare the hardware permission in the manifest

<uses-permission android:name="com.samsung.android.knox.permission.KNOX_HW_CONTROL" />
<uses-permission android:name="com.samsung.android.knox.permission.KNOX_ADVANCED_SECURITY" />  
<uses-permission android:name="com.samsung.android.knox.permission.KNOX_CONTAINER" />

Tutorial progress

You’ve completed 5/6 steps!

Next

Is this page helpful?