Since: API level 1
public class

ApplicationPolicy

extends Object
java.lang.Object
   ↳ com.samsung.android.knox.application.ApplicationPolicy

Class Overview

This class provides APIs to control application-related functions and restrictions. The API controls the following functions:

- Installing and uninstalling applications
- Restricting installation and uninstallation of applications
- Disabling and enabling applications
- Querying the current state of an application
- Control application behavior
- Control notifications of applications
- Control widgets

All APIs parameters in this class are case sensitive.

Since
API level 1
MDM 1.0

Summary

Constants
String ACTION_APPLICATION_FOCUS_CHANGE Broadcast intent action sent to notify the administrator(s) that an activity has switched its focus.
String ACTION_PREVENT_APPLICATION_START Intent action to notify the administrator(s) that an activity has been prevented from starting.
String ACTION_PREVENT_APPLICATION_STOP Intent action to notify the administrator(s) that an application has been prevented from stopping.
int APPLICATION_INSTALLATION_MODE_ALLOW Flag to set the application installation mode to allow.
int APPLICATION_INSTALLATION_MODE_DISALLOW Flag to set the application installation mode to disallow.
int APPLICATION_UNINSTALLATION_MODE_ALLOW Flag to set the application uninstallation mode to allow.
int APPLICATION_UNINSTALLATION_MODE_DISALLOW Flag to set the application uninstallation mode to disallow.
int ERROR_APP_NOT_INSTALLED Flag to indicate that the designated proxy is not installed.
int ERROR_CALLER_TARGET_SDK_NOT_SUPPORTED Flag to indicate that API failed because caller of API do not meet Android SDK version
int ERROR_INVALID_INPUT Flag to indicate that API failed because of invalid input
int ERROR_NONE Flag to indicate that API applied policy succesfully
int ERROR_PROXY_NO_ADMIN_RECEIVER Flag to indicate that the designated proxy does not contain an admin receiver.
int ERROR_SIGNATURE_MISMATCH Flag to indicate that API failed because of invalid signature mismatch
int ERROR_UNKNOWN Flag to indicate that API failed for an unknown reason
String EXTRA_APPLICATION_FOCUS_COMPONENT_NAME Used as a String extra field with ACTION_APPLICATION_FOCUS_CHANGE.
String EXTRA_APPLICATION_FOCUS_DEX_MODE Used as a Boolean extra field with ACTION_APPLICATION_FOCUS_CHANGE.
String EXTRA_APPLICATION_FOCUS_STATUS Used as a String extra field with ACTION_APPLICATION_FOCUS_CHANGE.
String EXTRA_APPLICATION_PACKAGE_NAME Used as a String extra field with ACTION_PREVENT_APPLICATION_START and ACTION_PREVENT_APPLICATION_STOP.
String EXTRA_ERROR_CLASS Used as an intent extra field with ACTION_PREVENT_APPLICATION_STOP.
String EXTRA_ERROR_REASON Used as an intent extra field with ACTION_PREVENT_APPLICATION_STOP.
String EXTRA_ERROR_TYPE Used as an intent extra field with ACTION_PREVENT_APPLICATION_STOP.
String EXTRA_USER_ID Used as an int extra field with ACTION_PREVENT_APPLICATION_START, ACTION_PREVENT_APPLICATION_STOP and ACTION_APPLICATION_FOCUS_CHANGE.
int FLAG_ALLOW_PROXY_FOR_PFW Flag to indicate that the designated proxy is allowed for Play for Work used with PROXY_FLAGS.
int NOTIFICATION_MODE_BLOCK_ALL Block all status bar notifications.
int NOTIFICATION_MODE_BLOCK_TEXT Block status bar notification text.
int NOTIFICATION_MODE_BLOCK_TEXT_AND_SOUND Block status bar notification text and alert sounds.
int PERMISSION_POLICY_STATE_DEFAULT Flag to indicate that permission policy will be removed and user will be able to change the grant state.
int PERMISSION_POLICY_STATE_DENY Flag to indicate that that permission will be denied automatically and user will not be able to change the grant state.
int PERMISSION_POLICY_STATE_GRANT Flag to indicate that permission will be granted automatically and user will not be able to change the grant state.
String PROXY_FLAGS Key for putting and getting the Proxy flags value with a bundle

NOTE: This constant is impacted by changes made to the Workspace container in Knox 3.0.
int TYPE_APPROVED_APP_INSTALLER Approved application installer.
int TYPE_CALL_RECORDING Approved call recorder.
int TYPE_EXTERNAL_STORAGE_ACCESS Deprecated in API level 30
NOTE: This API is not available since Android 11.
Fields
public static final Intent DEVICE_ASSISTANCE_ACTIVITY_TASK Intent task to open a device assistance activity.
public static final Intent DEVICE_ASSISTANCE_SERVICE_TASK Intent task to open a device assistance service.
public static final Intent LAUNCHER_TASK Intent task to open the home launcher.
public static final Intent OPEN_DIALER_TASK Intent task to open the Dialer.
public static final Intent OPEN_PDF_TASK Intent task to open a PDF file.
public static final Intent OPEN_URL_TASK Intent task to open a http URL.
public static final Intent PLAY_AUDIO_TASK Intent task to play an audio.
public static final Intent PLAY_VIDEO_TASK Intent task to open a video.
public static final Intent SMS_MMS_TASK Intent task to send/receive SMS/MMS messages.
Public Methods
boolean addAppPackageNameToBlackList(String packageName)
API to add a application package name to the application package name blacklist.
boolean addAppPackageNameToWhiteList(String packageName)
API to add an application package name to the application package name whitelist.
boolean addAppPackageNameToWhiteList(String packageName, boolean defaultBlackList)
API to add an application package name to the application package name whitelist along with blacklisting all other packages, if defaultBlackList is passed true.
boolean addAppPermissionToBlackList(String appPermission)
API to add a permission to the application permission blacklist.
boolean addAppSignatureToBlackList(String appSignature)
API to add a signature to the application signature blacklist.
boolean addAppSignatureToWhiteList(String appSignature)
API to add a signature to the application signature whitelist.
boolean addAppSignatureToWhiteList(String appSignature, boolean defaultBlackList)
API to add a signature to the application signature whitelist along with blacklisting all other packages, if defaultBlackList is passed true.
boolean addHomeShortcut(String pkgName, String homePkgName)
API to add an application shortcut on the home screen of user profile.
boolean addNewAdminActivationAppWhiteList(List<String> packageNames)
Deprecated in API level 37
int addPackageToBatteryOptimizationWhiteList(AppIdentity appIdentity)
API to add a package to the Battery Optimization whitelist.
int addPackageToBlackList(int type, AppIdentity app)
API to add package to a given type of blacklist.
int addPackageToWhiteList(int type, AppIdentity app)
API to add package to a given type of whitelist.
boolean addPackagesToClearCacheBlackList(List<String> packageList)
API to add a list of packages to the clear cache blacklist.
boolean addPackagesToClearCacheWhiteList(List<String> packageList)
API to add a list of packages to clear cache whitelist.
boolean addPackagesToClearDataBlackList(List<String> packageList)
API to add a list of packages to the clear data blacklist.
boolean addPackagesToClearDataWhiteList(List<String> packageList)
API to add a list of packages to clear data whitelist.
boolean addPackagesToDisableClipboardBlackList(List<String> packageList)
Deprecated in API level 35
boolean addPackagesToDisableClipboardWhiteList(List<String> packageList, boolean defaultBlackList)
API to add a list of packages to the disable clipboard white list along with blacklisting all other packages, if defaultBlackList is passed true.
boolean addPackagesToDisableClipboardWhiteList(List<String> packageList)
API to add a list of packages to the disable clipboard white list.
boolean addPackagesToDisableUpdateBlackList(List<String> packageList)
API to add a list of packages to the disable update blacklist.
boolean addPackagesToDisableUpdateWhiteList(List<String> packageList)
API to add a list of packages to disable update whitelist.
boolean addPackagesToDisableUpdateWhiteList(List<String> packageList, boolean defaultBlackList)
API to add a list of packages to the disable update white list along with blacklisting all other packages, if defaultBlackList is passed true.
boolean addPackagesToFocusMonitoringList(List<String> packageList)
API to add a list of packages to start monitoring its focus.
boolean addPackagesToForceStopBlackList(List<String> packageList)
API to add a list of packages to the force stop blacklist.
boolean addPackagesToForceStopWhiteList(List<String> packageList)
API to add a list of packages to force stop whitelist.
boolean addPackagesToForceStopWhiteList(List<String> packageList, boolean defaultBlackList)
API to add a whitelist of applications that the user will be allowed to stop along with blacklisting all other packages, if defaultBlackList is passed true.
boolean addPackagesToNotificationBlackList(List<String> packageList)
API to add a list of package names to notification blacklist.
boolean addPackagesToNotificationWhiteList(List<String> packageList, boolean defaultBlackList)
API to add a list of package names allowed to show status bar notifications whitelist along with blacklisting all other packages, if defaultBlackList is passed true.
boolean addPackagesToNotificationWhiteList(List<String> packageList)
API to add a list of package names to the notification whitelist.
List<String> addPackagesToPreventStartBlackList(List<String> packageList)
API to add a list of packages to the prevent start blacklist.
boolean addPackagesToWidgetBlackList(List<String> packageList)
API to add a list of widget packages to the widget blacklist.
boolean addPackagesToWidgetWhiteList(List<String> packageList, boolean defaultBlackList)
API to add a list of allowed widget packages into whitelist along with blacklisting all other packages, if defaultBlackList is passed true.
boolean addPackagesToWidgetWhiteList(List<String> packageList)
API to add a list of widget packages to the widget whitelist.
boolean addUsbDevicesForDefaultAccess(String packageName, List<UsbDeviceConfig> deviceConfig)
API to grant user permission for one or more usb devices to be used by a particular package.
int applyRuntimePermissions(AppIdentity appIdentity, List<String> permissions, int permState)
Deprecated in API level 30
NOTE: This API is not available since Android 12.
boolean changeApplicationIcon(String packageName, byte[] imageData)
Deprecated in API level 35
boolean changeApplicationName(String packageName, String newName)
Deprecated in API level 35
boolean clearAppPackageNameFromList()
API to clear all of the whitelist and the blacklist package names.
boolean clearAppSignatureFromList()
API to clear all signature data of the whitelist and the blacklist.
boolean clearDisableClipboardBlackList()
Deprecated in API level 35
boolean clearDisableClipboardWhiteList()
API to remove all packages from disable clipboard whitelist.
boolean clearDisableUpdateBlackList()
API to clear the list of packages from disable update blacklist.
boolean clearDisableUpdateWhiteList()
API to clear the list of packages from disable update whitelist.
boolean clearFocusMonitoringList()
API to remove all packages from focus monitoring list.
boolean clearNewAdminActivationAppWhiteList()
Deprecated in API level 37
boolean clearPackagesFromDisableClipboardList()
API to remove all packages from both disable clipboard white and black list.
boolean clearPackagesFromDisableUpdateList()
API to remove all packages from both disable update white and black list.
boolean clearPackagesFromForceStopList()
API to remove all packages from both force stop white and black list.
boolean clearPackagesFromNotificationList()
API to clear all status bar notifications data of the whitelist and the blacklist.
boolean clearPackagesFromWidgetList()
API to clear all allowed widget data of the whitelist and the blacklist.
boolean clearPreventStartBlackList()
API to remove all packages from prevent start blacklist.
boolean clearUsbDevicesForDefaultAccess(String packageName)
API to clear all the usb devices which are granted user permission for a package
boolean deleteHomeShortcut(String pkgName, String homePkgName)
API to remove an application shortcut from the home screen of user profile.
void disableAndroidBrowser()
Deprecated in API level 33
void disableAndroidMarket()
Deprecated in API level 33
void disableVoiceDialer()
Deprecated in API level 33
void disableYouTube()
Deprecated in API level 33
void enableAndroidBrowser()
Deprecated in API level 33
void enableAndroidMarket()
Deprecated in API level 33
void enableVoiceDialer()
Deprecated in API level 33
void enableYouTube()
Deprecated in API level 33
AppInfoLastUsage[] getAllAppLastUsage()
API to get last launch time and last usage duration from applications.
List<DefaultAppConfiguration> getAllDefaultApplications()
Deprecated in API level 32
NOTE: This API is not available since Android 10.
Map<AppWidgetProviderInfoArrayList<Integer>> getAllWidgets(String pkgName)
API to return the list of all widgets currently on the home screen of the specified launcher.
List<AppControlInfo> getAppPackageNamesAllBlackLists()
API to get the list of blacklisted application package names for all administrators.
List<AppControlInfo> getAppPackageNamesAllWhiteLists()
API to get the list of whitelisted application package names for all administrators.
List<AppControlInfo> getAppPermissionsAllBlackLists()
API to get the list of blacklisted application package permissions for all administrators.
String[] getAppPermissionsBlackList()
API to get the list of blacklisted application permissions.
List<AppControlInfo> getAppSignaturesAllBlackLists()
API to get the list of blacklisted application package signatures for all administrators.
List<AppControlInfo> getAppSignaturesAllWhiteLists()
API to get the list of whitelisted application package signatures for all administrators.
String[] getAppSignaturesBlackList()
API to get the list of blacklisted application signatures.
String[] getAppSignaturesWhiteList()
API to get the list of whitelisted application signatures.
long getApplicationCacheSize(String packageName)
API to get the cache size of an application.
long getApplicationCodeSize(String packageName)
API to get the code size of an application.
boolean getApplicationComponentState(ComponentName compName)
Deprecated in API level 37
long getApplicationCpuUsage(String packageName)
API to get the CPU usage of an application.
long getApplicationDataSize(String packageName)
API to get the data size of an application.
boolean getApplicationInstallationEnabled(String pkg)
API to check whether a particular application package can be installed.
int getApplicationInstallationMode()
API to get the current installation mode for all applications.
long getApplicationMemoryUsage(String packageName)
API to get the RAM memory usage of an application.
String getApplicationName(String packageName)
API to get the application name.
List<NetworkStats> getApplicationNetworkStats()
Deprecated in API level 36
int getApplicationNotificationMode()
API to get block mode for notifications of status bar expansion.
Bundle getApplicationRestrictions(ComponentName admin, String packageName)
API to get the application restrictions for a target application.
boolean getApplicationStateEnabled(String packageName)
API to check whether a given application package is enabled or disabled.
String[] getApplicationStateList(boolean state)
API to get the list of enabled or disabled applications based on state.
long getApplicationTotalSize(String packageName)
API to get the total size of an application package.
int getApplicationUid(String packageName)
API to get the application uid.
boolean getApplicationUninstallationEnabled(String pkg)
Deprecated in API level 36
int getApplicationUninstallationMode()
API to get the current uninstallation mode for all applications.
String getApplicationVersion(String packageName)
API to get the application version.
int getApplicationVersionCode(String packageName)
API to get the application version code.
AppInfoLastUsage[] getAvgNoAppUsagePerMonth()
API to get a list of application launch counts per month.
boolean getConcentrationMode()
API to get concentration mode
ComponentName getDefaultApplication(Intent intent)
Deprecated in API level 32
NOTE: This API is not available since Android 10.
List<ComponentName> getHomeShortcuts(String pkgName, boolean includeHotSeat)
API to get all shortcuts from homescreen.
String[] getInstalledApplicationsIDList()
API to get a list of all installed application packages.
List<AppInfo> getMostCpuUsageApps(int appCount, boolean showAllProcess)
API to get a list of application packages or processes with the highest CPU usage.
List<AppInfo> getMostDataUsageApps(int appCount)
API to get list of application packages with most data size.
List<AppInfo> getMostMemoryUsageApps(int appCount, boolean showAllProcess)
API to get a list of application packages or processes with the highest memory usage.
List<String> getNewAdminActivationAppWhiteList()
Deprecated in API level 37
List<String> getPackagesFromBatteryOptimizationWhiteList()
API to get the list of packages from the Battery Optimization whitelist.
List<String> getPackagesFromBlackList(int type)
API to get all packages for a given type of blacklist.
List<String> getPackagesFromClearCacheBlackList()
API to get the list of blacklisted packages in clear cache blacklist.
List<String> getPackagesFromClearCacheWhiteList()
API to get the list of whitelisted packages in clear cache whitelist.
List<String> getPackagesFromClearDataBlackList()
API to get the list of blacklisted packages in clear data blacklist.
List<String> getPackagesFromClearDataWhiteList()
API to get the list of whitelisted packages in clear data whitelist.
List<String> getPackagesFromDisableClipboardBlackList()
Deprecated in API level 35
List<String> getPackagesFromDisableClipboardWhiteList()
API to get packages from disable clipboard white list.
List<String> getPackagesFromDisableUpdateBlackList()
API to get the list of blacklisted packages in disable update blacklist.
List<String> getPackagesFromDisableUpdateWhiteList()
API to get the list of whitelisted packages in disable update whitelist.
List<String> getPackagesFromFocusMonitoringList()
API to get packages from focus monitoring list.
List<String> getPackagesFromForceStopBlackList()
API to get the list of blacklisted packages in force stop blacklist.
List<String> getPackagesFromForceStopWhiteList()
API to get the list of whitelisted packages in force stop whitelist.
List<String> getPackagesFromNotificationBlackList()
API to get the list of blacklisted package names in the notification blacklist.
List<String> getPackagesFromNotificationWhiteList()
API to get the list of whitelisted application package names in the notification whitelist.
List<String> getPackagesFromPreventStartBlackList()
API to get packages from prevent start blacklist.
List<String> getPackagesFromWhiteList(int type)
API to get list of application packages for a given type of whitelist.
List<String> getPackagesFromWidgetBlackList()
API to get a list of blacklisted widget packages in widget blacklist.
List<String> getPackagesFromWidgetWhiteList()
API to get the list of whitelisted widget packages in the widget whitelist.
List<String> getRuntimePermissions(String packageName, int permState)
Deprecated in API level 30
List<UsbDeviceConfig> getUsbDevicesForDefaultAccess(String packageName)
API to retrieve the list of usb devices which are granted user permission for a particular package.
boolean installApplication(String packageName)
Deprecated in API level 36
boolean installApplication(String apkFilePath, boolean installOnSDCard)
Deprecated in API level 36
boolean isApplicationInstalled(String pkgName)
API to check if an application package is installed.
boolean isApplicationRunning(String pkgName)
API to check if an application package is currently running.
boolean isNewAdminActivationEnabled(boolean showMsg)
Deprecated in API level 37
boolean isNewAdminInstallationEnabled(boolean showMsg)
API to check whether new administrator installation is enabled.
boolean preventNewAdminActivation(boolean prevent)
Deprecated in API level 37
boolean preventNewAdminInstallation(boolean prevent)
API to prevent installation of another administrator application.
boolean removeAppPackageNameFromBlackList(String packageName)
API to remove application package name from application package name blacklist.
boolean removeAppPackageNameFromWhiteList(String packageName)
API to remove application package name from application package name whitelist.
boolean removeAppPermissionFromBlackList(String appPermission)
API to remove a permission from the application permission blacklist.
boolean removeAppSignatureFromBlackList(String appSignature)
API to remove signature from application signature blacklist.
boolean removeAppSignatureFromWhiteList(String appSignature)
API to remove signature from application signature whitelist.
boolean removeDefaultApplication(Intent intent, ComponentName componentName)
Deprecated in API level 32
NOTE: This API is not available since Android 10.
int removePackageFromBatteryOptimizationWhiteList(AppIdentity appIdentity)
API to remove a package from the Battery Optimization whitelist.
int removePackageFromBlackList(int type, String pkgName)
API to remove a package from a given type of blacklist.
int removePackageFromWhiteList(int type, String pkgName)
API to remove a package from a given type of whitelist.
boolean removePackagesFromClearCacheBlackList(List<String> packageList)
API to remove a list of packages from clear cache blacklist.
boolean removePackagesFromClearCacheWhiteList(List<String> packageList)
API to remove a list of packages from clear cache whitelist.
boolean removePackagesFromClearDataBlackList(List<String> packageList)
API to remove a list of packages from clear data blacklist.
boolean removePackagesFromClearDataWhiteList(List<String> packageList)
API to remove a list of packages from clear data whitelist.
boolean removePackagesFromDisableClipboardBlackList(List<String> packageList)
Deprecated in api level 35
boolean removePackagesFromDisableClipboardWhiteList(List<String> packageList)
API to remove a list of packages from disable clipboard white list.
boolean removePackagesFromDisableUpdateBlackList(List<String> packageList)
API to remove a list of packages from disable update blacklist.
boolean removePackagesFromDisableUpdateWhiteList(List<String> packageList)
API to remove a list of packages from disable update whitelist.
boolean removePackagesFromFocusMonitoringList(List<String> packageList)
API to remove a list of packages from focus monitoring list.
boolean removePackagesFromForceStopBlackList(List<String> packageList)
API to remove a list of packages from force stop blacklist.
boolean removePackagesFromForceStopWhiteList(List<String> packageList)
API to remove a list of packages from force stop whitelist.
boolean removePackagesFromNotificationBlackList(List<String> packageList)
API to remove a list of package names from the notification blacklist.
boolean removePackagesFromNotificationWhiteList(List<String> packageList)
API to remove a list of package names from the notification whitelist.
boolean removePackagesFromPreventStartBlackList(List<String> packageList)
API to remove a list of packages from prevent start blacklist.
boolean removePackagesFromWidgetBlackList(List<String> packageList)
API to remove a list of widget packages from the widget blacklist.
boolean removePackagesFromWidgetWhiteList(List<String> packageList)
API to remove a list of widget packages from the widget whitelist.
int setAfWProxy(boolean enable, AppIdentity proxy, Bundle data)
Deprecated in API level 33
boolean setApplicationComponentState(ComponentName compName, boolean enable)
Deprecated in API level 37
void setApplicationInstallationDisabled(String packageName)
API to disable the installation of an application package by adding the package name to a blacklist.
void setApplicationInstallationEnabled(String packageName)
API to enable the installation of an application package that was previously disabled.
boolean setApplicationInstallationMode(int installationMode)
API to set the default mode for application installation.
boolean setApplicationNotificationMode(int mode)
API to set notification mode to be used in blocking the notifications of status bar expansion.
void setApplicationRestrictions(ComponentName admin, String packageName, Bundle settings)
Deprecated in API level 35
String[] setApplicationStateList(String[] pkgList, boolean state)
API to set the list of application package names to the enabled or disabled state.
void setApplicationUninstallationDisabled(String packageName)
Deprecated in API level 36
void setApplicationUninstallationEnabled(String packageName)
Deprecated in API level 36
boolean setApplicationUninstallationMode(int uninstallationMode)
API to set the default mode for application uninstallation.
boolean setConcentrationMode(List<String> packageSuspendExclusiveList, boolean enable)
API to enable or disable concentration mode Basically, all packages in launcher are suspended unless otherwise mentioned.
boolean setDefaultApplication(Intent intent, ComponentName componentName)
Deprecated in API level 32
NOTE: This API is not available since Android 10.
boolean setDisableApplication(String packageName)
Deprecated in API level 37
boolean setEnableApplication(String packageName)
Deprecated in API level 37
boolean startApp(String pkgName, String className)
API to remotely start an application.
boolean stopApp(String pkgName)
API to remotely stop an application.
boolean uninstallApplication(String packageName, boolean keepDataAndCache)
API to uninstall an application package.
List<String> uninstallApplications(List<String> packageList)
API for bulk uninstallation of application packages.
boolean updateApplication(String apkFilePath)
API to update an application package.
boolean wipeApplicationData(String pkgName)
API to wipe the data of an application package.
[Expand]
Inherited Methods
From class java.lang.Object

Constants

public static final String ACTION_APPLICATION_FOCUS_CHANGE

Since: API level 15

Broadcast intent action sent to notify the administrator(s) that an activity has switched its focus. The intent will have EXTRA_APPLICATION_FOCUS_COMPONENT_NAME, EXTRA_APPLICATION_FOCUS_STATUS and EXTRA_USER_ID as extras, containing the component name, the focus status and the user id of the activity which has changed focus, respectively. Please refer to addPackagesToFocusMonitoringList(List) for further information. Receiver must hold "com.samsung.android.knox.permission.KNOX_APP_MGMT" to receive this broadcast.

Since
API level 15
MDM 5.4
Constant Value: "com.samsung.android.knox.intent.action.APPLICATION_FOCUS_CHANGE"

public static final String ACTION_PREVENT_APPLICATION_START

Since: API level 11

Intent action to notify the administrator(s) that an activity has been prevented from starting. It will have EXTRA_APPLICATION_PACKAGE_NAME and EXTRA_USER_ID as extras, containing the application package name and the user id whose application has been prevented from starting, respectively. Please refer to addPackagesToPreventStartBlackList(List) for further information. Receiver must hold "com.samsung.android.knox.permission.KNOX_APP_MGMT" to receive this broadcast.

Since
API level 11
MDM 5.0
Constant Value: "com.samsung.android.knox.intent.action.PREVENT_APPLICATION_START"

public static final String ACTION_PREVENT_APPLICATION_STOP

Since: API level 14

Intent action to notify the administrator(s) that an application has been prevented from stopping. It will have EXTRA_APPLICATION_PACKAGE_NAME, EXTRA_USER_ID, EXTRA_ERROR_TYPE, EXTRA_ERROR_REASON, EXTRA_ERROR_CLASS as extras, containing the application package name, the user id whose application has been prevented from stopping and, if the application was stopped by Android SO due to some error, it will also contain the error type, reason and class which such error was thrown from. Please refer to addPackagesToForceStopBlackList(List) for further information. Receiver must hold "com.samsung.android.knox.permission.KNOX_APP_MGMT" to receive this broadcast.

Since
API level 14
MDM 5.3
Constant Value: "com.samsung.android.knox.intent.action.PREVENT_APPLICATION_STOP"

public static final int APPLICATION_INSTALLATION_MODE_ALLOW

Since: API level 2

Flag to set the application installation mode to allow. All applications can be installed unless specified otherwise. This mode is the default when no policy is applied.

Since
API level 2
MDM 2.0
Constant Value: 1 (0x00000001)

public static final int APPLICATION_INSTALLATION_MODE_DISALLOW

Since: API level 2

Flag to set the application installation mode to disallow. No application can be installed unless specified otherwise.

Since
API level 2
MDM 2.0
Constant Value: 0 (0x00000000)

public static final int APPLICATION_UNINSTALLATION_MODE_ALLOW

Since: API level 4

Flag to set the application uninstallation mode to allow. All applications can uninstall unless specified otherwise. This mode is the default when no policy is applied.

Since
API level 4
MDM 2.2
Constant Value: 1 (0x00000001)

public static final int APPLICATION_UNINSTALLATION_MODE_DISALLOW

Since: API level 4

Flag to set the application uninstallation mode to disallow. No application can uninstall unless specified otherwise.

Since
API level 4
MDM 2.2
Constant Value: 0 (0x00000000)

public static final int ERROR_APP_NOT_INSTALLED

Since: API level 20

Flag to indicate that the designated proxy is not installed.

Since
API level 19
MDM 5.6
Constant Value: -5 (0xfffffffb)

public static final int ERROR_CALLER_TARGET_SDK_NOT_SUPPORTED

Since: API level 19

Flag to indicate that API failed because caller of API do not meet Android SDK version

Since
API level 19
MDM 5.6
Constant Value: -4 (0xfffffffc)

public static final int ERROR_INVALID_INPUT

Since: API level 19

Flag to indicate that API failed because of invalid input

Since
API level 19
MDM 5.6
Constant Value: -1 (0xffffffff)

public static final int ERROR_NONE

Since: API level 19

Flag to indicate that API applied policy succesfully

Since
API level 19
MDM 5.6
Constant Value: 0 (0x00000000)

public static final int ERROR_PROXY_NO_ADMIN_RECEIVER

Since: API level 19

Flag to indicate that the designated proxy does not contain an admin receiver.

NOTE: This constant is impacted by changes made to the Workspace container in Knox 3.0. For more information, please see New container architecture overview.

Since
API level 19
MDM 5.6
Constant Value: -6 (0xfffffffa)

public static final int ERROR_SIGNATURE_MISMATCH

Since: API level 19

Flag to indicate that API failed because of invalid signature mismatch

Since
API level 19
MDM 5.6
Constant Value: -3 (0xfffffffd)

public static final int ERROR_UNKNOWN

Since: API level 19

Flag to indicate that API failed for an unknown reason

Since
API level 19
MDM 5.6
Constant Value: -2 (0xfffffffe)

public static final String EXTRA_APPLICATION_FOCUS_COMPONENT_NAME

Since: API level 15

Used as a String extra field with ACTION_APPLICATION_FOCUS_CHANGE. Contains the component name of the activity which has changed focus, due to addPackagesToFocusMonitoringList(List) called previously by an administrator.

Since
API level 15
MDM 5.4
Constant Value: "com.samsung.android.knox.intent.extra.APPLICATION_FOCUS_COMPONENT_NAME"

public static final String EXTRA_APPLICATION_FOCUS_DEX_MODE

Since: API level 32

Used as a Boolean extra field with ACTION_APPLICATION_FOCUS_CHANGE. Contains the DeX mode status of an activity that has switched focus due to addPackagesToFocusMonitoringList(List) called previously by an administrator. The possible values for this field are "true" or "false".

Since
API level 32
KNOX 3.6
Constant Value: "com.samsung.android.knox.intent.extra.APPLICATION_FOCUS_DEX_MODE"

public static final String EXTRA_APPLICATION_FOCUS_STATUS

Since: API level 15

Used as a String extra field with ACTION_APPLICATION_FOCUS_CHANGE. Contains the focus status of an activity that has switched focus due to addPackagesToFocusMonitoringList(List) called previously by an administrator. The possible values for this field are "gained" or "lost".

Since
API level 15
MDM 5.4
Constant Value: "com.samsung.android.knox.intent.extra.APPLICATION_FOCUS_STATUS"

public static final String EXTRA_APPLICATION_PACKAGE_NAME

Since: API level 11

Used as a String extra field with ACTION_PREVENT_APPLICATION_START and ACTION_PREVENT_APPLICATION_STOP. Contains the application package name which has been prevented from starting due to addPackagesToPreventStartBlackList(List) or stopping due to addPackagesToForceStopBlackList(List) called previously by an administrator.

Since
API level 11
MDM 5.0
Constant Value: "com.samsung.android.knox.intent.extra.APPLICATION_PACKAGE_NAME"

public static final String EXTRA_ERROR_CLASS

Since: API level 14

Used as an intent extra field with ACTION_PREVENT_APPLICATION_STOP. Contains the class which some exception was thrown from when some application, added in prevent stop blacklist through addPackagesToPreventStartBlackList(List), is stopped by Android OS due some runtime error. If the application is stopped by the user, this extra field is not added in the intent.

Since
API level 14
MDM 5.3
Constant Value: "com.samsung.android.knox.intent.extra.ERROR_CLASS"

public static final String EXTRA_ERROR_REASON

Since: API level 14

Used as an intent extra field with ACTION_PREVENT_APPLICATION_STOP. Contains the error reason (e.g. NullPointerException, OutOfMemoryError, etc) when some application, added in prevent stop blacklist through addPackagesToPreventStartBlackList(List), is stopped by Android OS due some runtime error. If the application is stopped by the user, this extra field is not added in the intent.

Since
API level 14
MDM 5.3
Constant Value: "com.samsung.android.knox.intent.extra.ERROR_REASON"

public static final String EXTRA_ERROR_TYPE

Since: API level 14

Used as an intent extra field with ACTION_PREVENT_APPLICATION_STOP. Contains the error type when some application, added in prevent stop blacklist through addPackagesToPreventStartBlackList(List), is stopped by Android OS due some runtime error. The possible values for this field is "crash" or "anr". If the application is stopped by the user, this extra field is not added in the intent.

Since
API level 14
MDM 5.3
Constant Value: "com.samsung.android.knox.intent.extra.ERROR_TYPE"

public static final String EXTRA_USER_ID

Since: API level 11

Used as an int extra field with ACTION_PREVENT_APPLICATION_START, ACTION_PREVENT_APPLICATION_STOP and ACTION_APPLICATION_FOCUS_CHANGE. Contains the user id whose application has been prevented from starting due to addPackagesToPreventStartBlackList(List), stopping due to addPackagesToForceStopBlackList(List) or has switched focus due to addPackagesToFocusMonitoringList(List) called previously by an administrator.

Since
API level 11
MDM 5.0
Constant Value: "com.samsung.android.knox.intent.extra.USER_ID"

public static final int FLAG_ALLOW_PROXY_FOR_PFW

Since: API level 19

Flag to indicate that the designated proxy is allowed for Play for Work used with PROXY_FLAGS.

NOTE: This constant is impacted by changes made to the Workspace container in Knox 3.0. For more information, please see New container architecture overview.

Since
API level 19
MDM 5.6
Constant Value: 1 (0x00000001)

public static final int NOTIFICATION_MODE_BLOCK_ALL

Since: API level 5

Block all status bar notifications. This mode is the default.

Since
API level 5
MDM 3.0
Constant Value: 2 (0x00000002)

public static final int NOTIFICATION_MODE_BLOCK_TEXT

Since: API level 5

Block status bar notification text.

Since
API level 5
MDM 3.0
Constant Value: 3 (0x00000003)

public static final int NOTIFICATION_MODE_BLOCK_TEXT_AND_SOUND

Since: API level 5

Block status bar notification text and alert sounds.

Since
API level 5
MDM 3.0
Constant Value: 4 (0x00000004)

public static final int PERMISSION_POLICY_STATE_DEFAULT

Since: API level 19

Flag to indicate that permission policy will be removed and user will be able to change the grant state.

Since
API level 19
MDM 5.6
Constant Value: 0 (0x00000000)

public static final int PERMISSION_POLICY_STATE_DENY

Since: API level 19

Flag to indicate that that permission will be denied automatically and user will not be able to change the grant state.

Since
API level 19
MDM 5.6
Constant Value: 2 (0x00000002)

public static final int PERMISSION_POLICY_STATE_GRANT

Since: API level 19

Flag to indicate that permission will be granted automatically and user will not be able to change the grant state.

Since
API level 19
MDM 5.6
Constant Value: 1 (0x00000001)

public static final String PROXY_FLAGS

Since: API level 19

Key for putting and getting the Proxy flags value with a bundle

NOTE: This constant is impacted by changes made to the Workspace container in Knox 3.0. For more information, please see New container architecture overview.

Since
API level 19
MDM 5.6
Constant Value: "proxy-flags"

public static final int TYPE_APPROVED_APP_INSTALLER

Since: API level 24

Approved application installer. Only whitelisted package can install other packages in that user space.

NOTE: This feature can be used only by Device owner or Profile owner.

Since
API level 24
KNOX 3.0
Multiuser Environment
User Scope
Permission
The use of this feature requires the caller to have the "com.samsung.android.knox.permission.KNOX_ADVANCED_APP_MGMT" permission which has a protection level of signature.
Constant Value: 1 (0x00000001)

public static final int TYPE_CALL_RECORDING

Since: API level 24

Approved call recorder. Only whitelisted packages can record phone calls.

Since
API level 24
KNOX 3.0
Multiuser Environment
Global Scope
Permission
The use of this feature requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Constant Value: 3 (0x00000003)

public static final int TYPE_EXTERNAL_STORAGE_ACCESS

Since: API level 24

Deprecated in API level 30
NOTE: This API is not available since Android 11.

External SD card access. Only whitelisted package can access external SD card.

NOTE: This feature can be used only by Device owner or Profile owner.

Since
API level 24
KNOX 3.0
Multiuser Environment
User Scope
Permission
The use of this feature requires the caller to have the "com.samsung.android.knox.permission.KNOX_ADVANCED_APP_MGMT" permission which has a protection level of signature.
Constant Value: 2 (0x00000002)

Fields

public static final Intent DEVICE_ASSISTANCE_ACTIVITY_TASK

Since: API level 19

Intent task to open a device assistance activity.

Since
API level 19
MDM 5.6

public static final Intent DEVICE_ASSISTANCE_SERVICE_TASK

Since: API level 19

Intent task to open a device assistance service.

Since
API level 19
MDM 5.6

public static final Intent LAUNCHER_TASK

Since: API level 15

Intent task to open the home launcher.

Since
API level 15
MDM 5.4

public static final Intent OPEN_DIALER_TASK

Since: API level 15

Intent task to open the Dialer.

Since
API level 15
MDM 5.4

public static final Intent OPEN_PDF_TASK

Since: API level 15

Intent task to open a PDF file.

Since
API level 15
MDM 5.4

public static final Intent OPEN_URL_TASK

Since: API level 15

Intent task to open a http URL.

Since
API level 15
MDM 5.4

public static final Intent PLAY_AUDIO_TASK

Since: API level 15

Intent task to play an audio.

Since
API level 15
MDM 5.4

public static final Intent PLAY_VIDEO_TASK

Since: API level 15

Intent task to open a video.

Since
API level 15
MDM 5.4

public static final Intent SMS_MMS_TASK

Since: API level 15

Intent task to send/receive SMS/MMS messages.

Since
API level 15
MDM 5.4

Public Methods

public boolean addAppPackageNameToBlackList (String packageName)

Since: API level 3

API to add a application package name to the application package name blacklist.

Parameters
packageName The application package name to be added to the blacklist.
Returns
  • true if the application package name has been successfully added to blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to blacklist third-party applications (applications that are not part of the system image) based on the application package name. An application with a matching application package name cannot be installed. If the application package is already installed, the API does not affect the existing installation. If the application package is uninstalled, the package cannot be installed until the application package name is either removed from the blacklist or added to the whitelist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

Installing via ADB installs package to all users by default in multi user enabled devices. So if administrator has disabled the package installation for any user then for all users installations will be blocked via ADB.

  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  ApplicationPolicy appPolicy = edm.getApplicationPolicy();
  try {
      boolean result = appPolicy.addAppPackageNameToBlackList("com.test.app");
      if( true == result){
          Log.d(TAG,"  add a application  package name to the application"
               +"Package name has been added to blacklist successfully!");
      }else{
          Log.w(TAG," add a application  package name to the application"
              +"Addition of package name to blacklist failed.");
      }
   }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
   }
 
For Container:
  // When you create container successfully, containerID will be returned via intent.
  // Use this containerID in below API.
  EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
  KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
  ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

  try {
      boolean result = appPolicy.addAppPackageNameToBlackList("com.test.app");
      if( true == result){
          Log.d(TAG,"  add a application  package name to the application"
               +"Package name has been added to blacklist successfully!");
      }else{
          Log.w(TAG," add a application  package name to the application"
              +"Addition of package name to blacklist failed.");
      }
   }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
   }
 

An application package name added to the application package name whitelist using addAppPackageNameToWhiteList(String) can still be installed. The whitelist is the exception to the blacklist. If the package name of an application currently being installed matches a package name pattern in both the blacklist and whitelist, the whitelist takes priority and the application is installed.

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public boolean addAppPackageNameToWhiteList (String packageName)

Since: API level 3

API to add an application package name to the application package name whitelist.

Parameters
packageName The application package name to be added to the whitelist
Returns
  • true if the application package name is successfully added to the whitelist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add to the whitelist a third-party application (application that is not part of system image) based on the application package name. An application with a matching package name in the whitelist is an exception to the configured blacklist and allows the application to be installed.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  ApplicationPolicy appPolicy = edm.getApplicationPolicy();
  try {
      boolean result = appPolicy.addAppPackageNameToWhiteList("com.test.app");
      if( true == result){
          Log.d(TAG,"add a package name to the application package name"
              +"whitelist has been successful!");
      }else{
          Log.w(TAG,"add a package name to the application package name"
                +"whitelist has failed.");
      }
  }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
  }
 
For Container:
  // When you create container successfully, containerID will be returned via intent.
  // Use this containerID in below API.
  EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
  KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
  ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

  try {
      boolean result = appPolicy.addAppPackageNameToWhiteList("com.test.app");
      if( true == result){
          Log.d(TAG,"add a package name to the application package name"
              +"whitelist has been successful!");
      }else{
          Log.w(TAG,"add a package name to the application package name"
                +"whitelist has failed.");
      }
  }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
  }
 

This whitelist is an exception to the blacklist, which is created using addAppPackageNameToBlackList(String). If the package name of an application currently being installed matches the application package name pattern in both the blacklist and whitelist, the whitelist takes priority and the application is installed.

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public boolean addAppPackageNameToWhiteList (String packageName, boolean defaultBlackList)

Since: API level 11

API to add an application package name to the application package name whitelist along with blacklisting all other packages, if defaultBlackList is passed true.

Parameters
packageName The application package name to be added to the whitelist.
defaultBlackList is used to add "*" into the black list if this bool is true.
Returns
  • true if the application package name is successfully added to the whitelist and * to blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add to the whitelist a third-party application (application that is not part of system image) based on the application package name and blacklist all other packages by adding * in blacklist as well. Administrator could use this one to blacklist everything except the whitelisted packages. An application with a matching package name in the whitelist is an exception to the configured blacklist and allows the application to be installed.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  ApplicationPolicy appPolicy = edm.getApplicationPolicy();
  try {
      boolean result = appPolicy.addAppPackageNameToWhiteList("com.test.app",true);
      if( true == result){
          Log.d(TAG,"add a package name to the application package name"
              +"whitelist has been successful!");
      }else{
          Log.w(TAG,"add a package name to the application package name"
                +"whitelist has failed.");
      }
  }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
  }
 
For Container:
  // When you create container successfully, containerID will be returned via intent.
  // Use this containerID in below API.
  EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
  KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
  ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

  try {
      boolean result = appPolicy.addAppPackageNameToWhiteList("com.test.app",true);
      if( true == result){
          Log.d(TAG,"add a package name to the application package name"
              +"whitelist has been successful!");
      }else{
          Log.w(TAG,"add a package name to the application package name"
                +"whitelist has failed.");
      }
  }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
  }
 

This whitelist is an exception to the blacklist, which is created using addAppPackageNameToBlackList(String). If the package name of an application currently being installed matches the application package name pattern in both the blacklist and whitelist, the whitelist takes priority and the application is installed.

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addAppPermissionToBlackList (String appPermission)

Since: API level 2

API to add a permission to the application permission blacklist.

Parameters
appPermission Application permission to be added to blacklist. List of Android permissions
Returns
  • true if the permission is successfully added to the blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to blacklist third-party applications (not part of the system image) based on permissions requested by those applications (permissions requested in 'uses-permission' tag of Android manifest). The applications with matching permissions are prevented from being installed. The API action does affect existing third-party applications with blacklisted permissions.

For example, a new downloaded application that has the permission android.permission.BLUETOOTH is not allowed to install.

Installing via ADB installs package to all users by default in multi user enabled devices. So if administrator has disabled the package installation for any user then for all users installations will be blocked via ADB.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 //permission to be added to blacklist.
 String permission = "android.permission.BLUETOOTH";
 try {
     boolean result = appPolicy.addAppPermissionToBlackList(permission);
     if (true == result) {
         //permission added to blacklist
     } else {
         //permission not added to blacklist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 //permission to be added to blacklist.
 String permission = "android.permission.BLUETOOTH";
 try {
     boolean result = appPolicy.addAppPermissionToBlackList(permission);
     if (true == result) {
         //permission added to blacklist
     } else {
         //permission not added to blacklist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean addAppSignatureToBlackList (String appSignature)

Since: API level 2

API to add a signature to the application signature blacklist.

Parameters
appSignature The application signature to be added to the blacklist
Returns
  • true if the signature is successfully added in to blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can us this API to blacklist third-party applications (applications that are not part of system image) based on the the third-party application signature. Applications with matching signatures cannot be installed. Existing third-party applications with blacklisted signatures are unaffected. The administrator can use the wildcard character "*" instead of specifying a signature

Installing via ADB installs package to all users by default in multi user enabled devices. So if administrator has disabled the package installation for any user then for all users installations will be blocked via ADB.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 //try to get signature of the apk to be installed
 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.addAppSignatureToBlackList(signature);
     if (true == result) {
         //signature added to blacklist
     } else {
         //signature not added to blacklist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 //try to get signature of the apk to be installed
 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.addAppSignatureToBlackList(signature);
     if (true == result) {
         //signature added to blacklist
     } else {
         //signature not added to blacklist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean addAppSignatureToWhiteList (String appSignature)

Since: API level 6

API to add a signature to the application signature whitelist.

Parameters
appSignature is the application signature to be added to whitelist
Returns
  • true if the signature is successfully added in to whitelist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to whitelist a third-party application (an application that is not part of the system image) based on the signature used by the application. The administrator can use the wildcard character "*" instead of specifying a signature.

The whitelist is an exception to the blacklist that is created using addAppSignatureToBlackList(String). If the signature of an application currently being installed matches the signature in both the blacklist and whitelist, the whitelist, as an exception to the blacklist, takes priority, and the application is installed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.addAppSignatureToWhiteList(signature);
     if (true == result) {
         // signature added to whitelist
     } else {
         // signature not added to whitelist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.addAppSignatureToWhiteList(signature);
     if (true == result) {
         // signature added to whitelist
     } else {
         // signature not added to whitelist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope

public boolean addAppSignatureToWhiteList (String appSignature, boolean defaultBlackList)

Since: API level 11

API to add a signature to the application signature whitelist along with blacklisting all other packages, if defaultBlackList is passed true.

Parameters
appSignature is the application signature to be added to whitelist
defaultBlackList is used to add "*" into the black list if this bool is true.
Returns
  • true if the signature is successfully added in to whitelist and * in blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to whitelist a third-party application (an application that is not part of the system image) based on the signature used by the application and blacklist all other packages by adding * in blacklist as well. Administrator could use this one to blacklist everything except the whitelisted packages. The administrator can use the wildcard character "*" instead of specifying a signature.

The whitelist is an exception to the blacklist that is created using addAppSignatureToBlackList(String). If the signature of an application currently being installed matches the signature in both the blacklist and whitelist, the whitelist, as an exception to the blacklist, takes priority, and the application is installed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.addAppSignatureToWhiteList(signature,true);
     if (true == result) {
         // signature added to whitelist
     } else {
         // signature not added to whitelist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.addAppSignatureToWhiteList(signature,true);
     if (true == result) {
         // signature added to whitelist
     } else {
         // signature not added to whitelist
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addHomeShortcut (String pkgName, String homePkgName)

Since: API level 5

API to add an application shortcut on the home screen of user profile.

Parameters
pkgName The package name of the application.
homePkgName The target launcher (null if all launchers). Since Android O, this parameter should be null.
Returns
  • true on add an application shortcut successfully, else false on failure or if launcher package name is invalid.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to remotely add an application shortcut on home screen at an user profile. The launcher chooses the home screen position where the shortcut is placed. If no space is left on the home screen for placement, the shortcut is not created.


NOTES:

- Since Android O, the homePkgName parameter should be null and the shortcut is added only in current launcher.
- Since Android O, this API is not supported in third party launchers.

 // administrator wants to add a browser shortcut on the home screen
 String packageName = "com.android.browser";
 String homePkgName = null;
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     boolean result = applicationPolicy.addHomeShortcut(packageName, homePkgName);

     if (result == true) {
         Log.d(TAG, "addHomeShortcut has succeeded!");
     } else {
         Log.d(TAG, "addHomeShortcut has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // administrator wants to add a browser shortcut on the home screen
 String packageName = "com.android.browser";
 String homePkgName = null;
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = applicationPolicy.addHomeShortcut(packageName, homePkgName);

     if (result == true) {
         Log.d(TAG, "addHomeShortcut has succeeded!");
     } else {
         Log.d(TAG, "addHomeShortcut has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature and "com.android.launcher.permission.INSTALL_SHORTCUT" permission which has a protection level normal.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addNewAdminActivationAppWhiteList (List<String> packageNames)

Since: API level 11

Deprecated in API level 37

API to add list of whitelisted applications that can be activated as an administrator.

Returns
  • true if whitelisted administrator activated applications is added, false if not added.
Usage
An administrator can use this API to add list of whitelisted applications that are allowed to be activated as an administrator.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     List packageList = new ArrayList();
     packageList.add("com.android.email");

     if (appPolicy.addNewAdminActivationAppWhiteList(packageList)) {
         Log.w(TAG, " Add new administrator activation whitelist allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List packageList = new ArrayList();
     packageList.add("com.android.email");
     if (appPolicy.addNewAdminActivationAppWhiteList(packageList)) {
         Log.w(TAG, " Add administrator activation whitelist allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission with a protection level of signature.
Since
API level 11
KNOX 2.0
Multiuser Environment
User Scope

public int addPackageToBatteryOptimizationWhiteList (AppIdentity appIdentity)

Since: API level 20

API to add a package to the Battery Optimization whitelist.

Parameters
appIdentity An AppIdentity of the application. Application should be installed on the Device.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add a package to whitelist it from Google's Doze mode, app standby and power saving mode. In case of smart manager application, Administrator can use addPackagesToForceStopBlackList(List) to prevent it from force stop.


NOTE: The package will be whitelisted for device wide if it is presented in other user space too.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 AppIdentity appIdentity = new AppIdentity("com.abc.xyz", "appSignature");
 try {
     boolean result = appPolicy.addPackageToBatteryOptimizationWhiteList(appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 AppIdentity appIdentity = new AppIdentity("com.abc.xyz", "appSignature");
 try {
     boolean result = appPolicy.addPackageToBatteryOptimizationWhiteList(appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 20
MDM 5.7
Multiuser Environment
User Scope

public int addPackageToBlackList (int type, AppIdentity app)

Since: API level 24

API to add package to a given type of blacklist.

Parameters
type Type of blacklist.
TYPE_APPROVED_APP_INSTALLER
TYPE_EXTERNAL_STORAGE_ACCESS
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add package to a given type of blacklist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageYouWantedBlocked is standard java.lang.String object.

NOTE: TYPE_EXTERNAL_STORAGE_ACCESS is not available since API level 33.

TYPE_APPROVED_APP_INSTALLER
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToBlackList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, appIdentity);

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
TYPE_APPROVED_APP_INSTALLER
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToBlackList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 24
KNOX 3.0

public int addPackageToWhiteList (int type, AppIdentity app)

Since: API level 24

API to add package to a given type of whitelist.

Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add package to a given type of whitelist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

NOTE: TYPE_EXTERNAL_STORAGE_ACCESS is not available since API level 33.

TYPE_APPROVED_APP_INSTALLER
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToWhiteList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }

 
TYPE_CALL_RECORDING
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToWhiteList(ApplicationPolicy.TYPE_CALL_RECORDING, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }

 
For Container:
TYPE_APPROVED_APP_INSTALLER
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 String pkgSignature = "iuwueyhfbdigerbhfdfb";
 AppIdentity appIdentity = new AppIdentity(pkgName, pkgSignature);
 try {
     int result = appPolicy.addPackageToWhiteList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 24
KNOX 3.0

public boolean addPackagesToClearCacheBlackList (List<String> packageList)

Since: API level 5

API to add a list of packages to the clear cache blacklist.

Parameters
packageList List of packages to be added to the clear cache blacklist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to prevent the user from clearing cache for certain applications. The actions include clear cache in Settings app, clearing cache through third- party applications, and clearing service cache from the application. The user can still clear cache the application through its interface or back key. The administrator provides a list of packages that are added to the blacklist. For any package added on the whitelist using addPackagesToClearCacheWhiteList(List) , then that application cache can be cleared. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToClearCacheBlackList(list);
     if (true == result) {
         // user is not allowed to clear cache the blacklisted application
         // packages
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToClearCacheBlackList(list);
     if (true == result) {
         // user is not allowed to clear cache the blacklisted application
         // packages
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToClearCacheWhiteList (List<String> packageList)

Since: API level 5

API to add a list of packages to clear cache whitelist.

Parameters
packageList List of packages to be added to the clear cache whitelist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to let users clear cache for certain packages. An administrator provides a list of packages that are to be added to the clear cache whitelist. The whitelist is the exception to the blacklist. If a package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToClearCacheWhiteList(list);
     if (true == result) {
         // application clear cache is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean result = appPolicy.addPackagesToClearCacheWhiteList(list);
     if (true == result) {
         // application clear cache is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToClearDataBlackList (List<String> packageList)

Since: API level 5

API to add a list of packages to the clear data blacklist.

Parameters
packageList List of packages to be added to the clear data blacklist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to prevent the user from clearing data for certain applications. The actions include clear data in Settings app, clearing data through third- party applications, and clearing service data from the application. The user can still clear data the application through its interface or back key. The administrator provides a list of packages that are added to the blacklist. For any package added on the whitelist using addPackagesToClearDataWhiteList(List) , then that application data can be cleared. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToClearDataBlackList(list);
     if (true == result) {
         // user is not allowed to clear data the blacklisted application
         // packages
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToClearDataBlackList(list);
     if (true == result) {
         // user is not allowed to clear data the blacklisted application
         // packages
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToClearDataWhiteList (List<String> packageList)

Since: API level 5

API to add a list of packages to clear data whitelist.

Parameters
packageList List of packages to be added to the clear data whitelist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to let users clear data for certain packages. An administrator provides a list of packages that are to be added to the clear data whitelist. The whitelist is the exception to the blacklist. If a package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToClearDataWhiteList(list);
     if (true == result) {
         // application clear data is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToClearDataWhiteList(list);
     if (true == result) {
         // application clear data is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToDisableClipboardBlackList (List<String> packageList)

Since: API level 11

Deprecated in API level 35

API to add a list of packages to the disable clipboard blacklist.

Parameters
packageList List of packages that should be added to the disable clipboard blacklist.
Returns
  • true if the package list was successfully added to disable clipboard blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to prevent user from using clipboard in application(s) of the provided package(s). The administrator provides a list of packages that should be added to the blacklist. In case a package has already been added to the blacklist by other administrator, that package will not be added to the blacklist.

Once a package is added to the blacklist, the user will no longer be able to use the clipboard in the application related to that package.


NOTES:

- This policy only take effect over native android clipboard.
- When a blacklisted application tries to use the clipboard, the content of the clipboard is deleted.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.chrome");
 list.add("com.samsung.android.snote");
 try {
     boolean result = appPolicy.addPackagesToDisableClipboardBlackList(list);
     if (result) {
         // user will not be able to use clipboard from the appplication(s) of
         // the provided package(s)
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.chrome");
 list.add("com.samsung.android.snote");
 try {
     boolean result = appPolicy.addPackagesToDisableClipboardBlackList(list);
     if (result) {
         // user will not be able to use clipboard from the appplication(s) of
         // the provided package(s)
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addPackagesToDisableClipboardWhiteList (List<String> packageList, boolean defaultBlackList)

Since: API level 11

API to add a list of packages to the disable clipboard white list along with blacklisting all other packages, if defaultBlackList is passed true.

Parameters
packageList List of packages that should be added to the disable clipboard white list.
defaultBlackList is used to add "*" into the black list if this bool is true.
Returns
  • true if the package list was successfully added to disable clipboard white list and * to blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to allow the user of using clipboard in application(s) of the provided package(s) even if these packages are added in the disable application clipboard blacklist. Administrator could use this one to blacklist everything except the whitelisted packages. The administrator provides a list of packages that should be added to the white list. In case a package has already been added to the white list by other administrator, that package will not be added to the white list.

Once a package is added to the white list, the user will be able to use the clipboard in that application independently if the package has been already added in blacklist or not.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.chrome");
 list.add("com.samsung.android.snote");
 try {
     boolean result = appPolicy.addPackagesToDisableClipboardWhiteList(list,true);
     if (result) {
         // user will be able to use clipboard from the appplication(s) of the
         // provided package(s) even if they are also inserted in clipboard blacklist
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.chrome");
 list.add("com.samsung.android.snote");
 try {
     boolean result = appPolicy.addPackagesToDisableClipboardWhiteList(list,true);
     if (result) {
         // user will be able to use clipboard from the appplication(s) of the
         // provided package(s) even if they are also inserted in clipboard blacklist
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addPackagesToDisableClipboardWhiteList (List<String> packageList)

Since: API level 11

API to add a list of packages to the disable clipboard white list.

Parameters
packageList List of packages that should be added to the disable clipboard white list.
Returns
  • true if the package list was successfully added to disable clipboard white list, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to allow the user of using clipboard in application(s) of the provided package(s) even if these packages are added in the disable application clipboard blacklist. The administrator provides a list of packages that should be added to the white list. In case a package has already been added to the white list by other administrator, that package will not be added to the white list.

Once a package is added to the white list, the user will be able to use the clipboard in that application independently if the package has been already added in blacklist or not.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.chrome");
 list.add("com.samsung.android.snote");
 try {
     boolean result = appPolicy.addPackagesToDisableClipboardWhiteList(list);
     if (result) {
         // user will be able to use clipboard from the appplication(s) of the
         // provided package(s) even if they are also inserted in clipboard blacklist
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.chrome");
 list.add("com.samsung.android.snote");
 try {
     boolean result = appPolicy.addPackagesToDisableClipboardWhiteList(list);
     if (result) {
         // user will be able to use clipboard from the appplication(s) of the
         // provided package(s) even if they are also inserted in clipboard blacklist
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addPackagesToDisableUpdateBlackList (List<String> packageList)

Since: API level 11

API to add a list of packages to the disable update blacklist.

Parameters
packageList List of packages to be added to the disable update blacklist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to prevent certain applications from being updated. It also prevents the application from being downgraded (installing an older version) or being replaced (installing another apk with same version number). If a package on the blacklist is also added to the whitelist using addPackagesToDisableUpdateWhiteList(List), then that application can still be updated. The whitelist is the exception to the blacklist of the same administrator. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority. The whitelist has no priority over blacklists of other administrators and it has no effect if blacklist is empty.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToDisableUpdateBlackList(list);
     if (true == result) {
         // applications are not allowed to be updated
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean addPackagesToDisableUpdateWhiteList (List<String> packageList)

Since: API level 11

API to add a list of packages to disable update whitelist.

Parameters
packageList List of packages to be added to the disable update whitelist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to let certain packages be updated. The administrator provides a list of packages to be added to the disable update whitelist. The whitelist is the exception to the blacklist of the same administrator. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority. The whitelist has no priority over blacklists of other administrators and it has no effect if blacklist is empty.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToDisableUpdateWhiteList(list);
     if (true == result) {
         // application update is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean addPackagesToDisableUpdateWhiteList (List<String> packageList, boolean defaultBlackList)

Since: API level 11

API to add a list of packages to the disable update white list along with blacklisting all other packages, if defaultBlackList is passed true.

Parameters
packageList List of packages to be added to the disable update whitelist.
defaultBlackList is used to add "*" into the black list if this bool is true.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to let certain packages be updated. The administrator provides a list of packages to be added to the disable update whitelist and blacklist all other packages by adding * in blacklist as well. Administrator could use this one to blacklist everything except the whitelisted packages.The whitelist is the exception to the blacklist of the same administrator. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority. The whitelist has no priority over blacklists of other administrators and it has no effect if blacklist is empty.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToDisableUpdateWhiteList(list,true);
     if (true == result) {
         // application update is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean addPackagesToFocusMonitoringList (List<String> packageList)

Since: API level 15

API to add a list of packages to start monitoring its focus.

Parameters
packageList List of packages that should be added to the focus monitoring list.
Returns
  • true if the package list was successfully added to focus monitoring list, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to start monitoring focus changes of activities which pertain to the provided package(s). The administrator provides a list of packages that are added to the list. Once a package has been added to the list, that application is monitored for focus changes. Whenever an activity from that package gains or loses focus (comes to foreground or leave it), ACTION_APPLICATION_FOCUS_CHANGE intent is broadcasted.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToFocusMonitoringList(list);
     if (true == result) {
         // listed packages will be monitored for focus changes
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToFocusMonitoringList(list);
     if (true == result) {
         // listed packages will be monitored for focus changes
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public boolean addPackagesToForceStopBlackList (List<String> packageList)

Since: API level 5

API to add a list of packages to the force stop blacklist.

Parameters
packageList List of packages to be added to the force stop blacklist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to prevent the user from stopping certain applications. The stop actions include force stop in Settings app, stopping through third- party applications, stopping any background process by system and stopping any service from the application. The user can still stop the application through its interface or back key. The administrator provides a list of packages that are added to the blacklist. For any package added on the whitelist using addPackagesToForceStopWhiteList(List), then that application can still be stopped. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

NOTE: Since MDM 5.3, in case user tries to stop a package that is at prevent stop blacklist, ACTION_PREVENT_APPLICATION_STOP intent is broadcasted. Administrator can stop a package which has been added to the prevent stop blacklist by calling stopApp(String).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToForceStopBlackList(list);
     if (true == result) {
         // user is not allowed to stop the blacklisted application packages
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToForceStopBlackList(list);
     if (true == result) {
         // user is not allowed to stop the blacklisted application packages
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToForceStopWhiteList (List<String> packageList)

Since: API level 5

API to add a list of packages to force stop whitelist.

Parameters
packageList List of packages to be added to the force stop whitelist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to let users stop certain packages. An administrator provides a list of packages that are to be added to the force stop whitelist. The whitelist is the exception to the blacklist. If a package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToForceStopWhiteList(list);
     if (true == result) {
         // application force stop is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToForceStopWhiteList(list);
     if (true == result) {
         // application force stop is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToForceStopWhiteList (List<String> packageList, boolean defaultBlackList)

Since: API level 11

API to add a whitelist of applications that the user will be allowed to stop along with blacklisting all other packages, if defaultBlackList is passed true.

Parameters
packageList List of packages to be added to the force stop whitelist.
defaultBlackList is used to add "*" into the black list if this bool is true.
Returns
  • true if the application package name is successfully added to the whitelist and * to blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to let users stop certain packages. An administrator provides a list of packages that are to be added to the force stop whitelist and blacklist all other packages by adding * in blacklist as well. Administrator could use this one to blacklist everything except the whitelisted packages. The whitelist is the exception to the blacklist. If a package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToForceStopWhiteList(list,true);
     if (true == result) {
         // application force stop is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     boolean result = appPolicy.addPackagesToForceStopWhiteList(list,true);
     if (true == result) {
         // application force stop is allowed
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addPackagesToNotificationBlackList (List<String> packageList)

Since: API level 5

API to add a list of package names to notification blacklist.

Parameters
packageList Application package name blacklist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can use this API to prevent an application notification based on the package name. An application with a matching package name is prevented from showing status bar notifications. An administrator can choose the prevention mode for the notifications (see setApplicationNotificationMode(int)). Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object. If a package name matches the package name pattern in both the blacklist and whitelist, the whitelist takes priority, and the application notification can be shown.

For Container:
NOTE 1: Telephony notifications, as incoming messages or missing calls, are notified with package "com.samsung.knox.rcp.components" at container.

NOTE 2: The container switcher, which resides at notification bar and allows user enter/exit KNOX mode, is identified by "com.sec.knox.switcher" package.

 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.addPackagesToNotificationBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.addPackagesToNotificationBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToNotificationWhiteList (List<String> packageList, boolean defaultBlackList)

Since: API level 11

API to add a list of package names allowed to show status bar notifications whitelist along with blacklisting all other packages, if defaultBlackList is passed true.

Parameters
packageList Application package name whitelist.
defaultBlackList is used to add "*" into the black list if this bool is true.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can use this API to allow application notifications based on the package name and blacklist all other packages by adding * in blacklist as well. Administrator could use this one to blacklist everything except the whitelisted packages. An applications with a matching package name is an exception from the blacklist. Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object. If the package name of an application matches the package name pattern in both the blacklist and whitelist, the whitelist takes priority, and the application can show status bar notifications.

For Container:
NOTE 1: Telephony notifications, as incoming messages or missing calls, are notified with package "com.samsung.knox.rcp.components" at container.

NOTE 2: The container switcher, which resides at notification bar and allows user enter/exit KNOX mode, is identified by "com.sec.knox.switcher" package.

 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.addPackagesToNotificationWhiteList(packageList,true);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.addPackagesToNotificationWhiteList(packageList,true);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addPackagesToNotificationWhiteList (List<String> packageList)

Since: API level 5

API to add a list of package names to the notification whitelist.

Parameters
packageList Application package name whitelist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can use this API to allow application notifications based on the package name. An applications with a matching package name is an exception from the blacklist. Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object. If the package name of an application matches the package name pattern in both the blacklist and whitelist, the whitelist takes priority, and the application can show status bar notifications.

For Container:
NOTE 1: Telephony notifications, as incoming messages or missing calls, are notified with package "com.samsung.knox.rcp.components" at container.

NOTE 2: The container switcher, which resides at notification bar and allows user enter/exit KNOX mode, is identified by "com.sec.knox.switcher" package.

 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.addPackagesToNotificationWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.addPackagesToNotificationWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> addPackagesToPreventStartBlackList (List<String> packageList)

Since: API level 11

API to add a list of packages to the prevent start blacklist.

Parameters
packageList List of packages that should be added to the prevent start blacklist.
Returns
  • List of packages effectively added to the prevent start blacklist.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to prevent user (or another administrator) from launching activities which pertain to the provided package(s). The administrator provides a list of packages that should be added to the blacklist. Package name specifications containing wildcard characters (e.g., "com.xyz.*" or "*") will not be added to blacklist. In case a package has already been added to the blacklist by other administrator, that package will also not be added to the blacklist.

Once a package has been added to the blacklist, that application is force stopped. Only activities pertaining to a specific package are prevented from starting, not other application components (Services, Broadcast receivers and Content providers). In case user tries to start an activity from a package that is at prevent start blacklist, ACTION_PREVENT_APPLICATION_START intent is broadcasted. Administrator can launch an activity which has been added to the prevent start blacklist by calling startApp(String, String). Once an activity from that package is running, user will be able to start other activities from that same package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     List<String> addedList = appPolicy.addPackagesToPreventStartBlackList(list);
     if (!addedList.isEmpty()) {
         // user will not be able to start activites from the provided package(s)
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 List<String> list = new ArrayList<String>();
 list.add("com.android.settings");
 list.add("com.rovio.angrybirdsrio");
 try {
     List<String> addedList = appPolicy.addPackagesToPreventStartBlackList(list);
     if (!addedList.isEmpty()) {
         // user will not be able to start activites from the provided package(s)
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addPackagesToWidgetBlackList (List<String> packageList)

Since: API level 5

API to add a list of widget packages to the widget blacklist.

Parameters
packageList The list of package names to be added to the widget blacklist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add a list of packages to the list of blocked widget packages. A user cannot add widgets with package names that match the list, and existent widgets are removed from the launcher home screen. The whitelist is the exception to the blacklist. For any package added to the whitelist using addPackagesToWidgetWhiteList(List), the corresponding widget can still be used. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean addList = appPolicy.addPackagesToWidgetBlackList(packageList);
     if (addList) {
         // widget blacklist set with packages calendar and camera
     } else {
         // widget blacklist is disabled
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean addList = appPolicy.addPackagesToWidgetBlackList(packageList);
     if (addList) {
         // widget blacklist set with packages calendar and camera
     } else {
         // widget blacklist is disabled
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addPackagesToWidgetWhiteList (List<String> packageList, boolean defaultBlackList)

Since: API level 11

API to add a list of allowed widget packages into whitelist along with blacklisting all other packages, if defaultBlackList is passed true.

Parameters
packageList The list of package names to be added to the widget whitelist.
defaultBlackList is used to add "*" into the black list if this bool is true.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add a list of packages to the list of allowed widget packages and blacklist all other packages by adding * in blacklist as well. Administrator could use this one to blacklist everything except the whitelisted packages. The user can add widgets with package names that match the list. The administrator provides a list of packages that are added to the whitelist. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist will takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean addList = appPolicy.addPackagesToWidgetWhiteList(packageList,true);
     if (addList) {
         // widget whitelist is set with packages calendar and camera
     } else {
         // widget whitelist is disabled
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean addList = appPolicy.addPackagesToWidgetWhiteList(packageList,true);
     if (addList) {
         // widget whitelist is set with packages calendar and camera
     } else {
         // widget whitelist is disabled
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean addPackagesToWidgetWhiteList (List<String> packageList)

Since: API level 5

API to add a list of widget packages to the widget whitelist.

Parameters
packageList The list of package names to be added to the widget whitelist.
Returns
  • true if the package list was successfully added, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to add a list of packages to the list of allowed widget packages. The user can add widgets with package names that match the list. The administrator provides a list of packages that are added to the whitelist. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist will takes priority.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean addList = appPolicy.addPackagesToWidgetWhiteList(packageList);
     if (addList) {
         // widget whitelist is set with packages calendar and camera
     } else {
         // widget whitelist is disabled
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean addList = appPolicy.addPackagesToWidgetWhiteList(packageList);
     if (addList) {
         // widget whitelist is set with packages calendar and camera
     } else {
         // widget whitelist is disabled
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean addUsbDevicesForDefaultAccess (String packageName, List<UsbDeviceConfig> deviceConfig)

Since: API level 12

API to grant user permission for one or more usb devices to be used by a particular package.

Parameters
packageName The package name of the application.
deviceConfig List of UsbDeviceConfig to be added for default access.
Returns
  • true if successful else false.
Throws
SecurityException If caller does not have required permissions
Usage
Admin creates a list of usbdevice objects to be permitted for a particular package. And set the list of usbdevice objects.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
   List <UsbDeviceConfig> devices = new ArrayList<UsbDeviceConfig>();
   UsbDeviceConfig usbDeviceConfig = new UsbDeviceConfig();

   usbDeviceConfig.productId = 20;
   usbDeviceConfig.vendorId = 20;
   devices.add(usbDeviceConfig);

   boolean result  = appPolicy.addUsbDevicesForDefaultAccess(packageName, devices);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<UsbDeviceConfig> devices = new ArrayList<UsbDeviceConfig>();
     UsbDeviceConfig usbDeviceConfig = new UsbDeviceConfig();

     usbDeviceConfig.productId = 20;
     usbDeviceConfig.vendorId = 20;
     devices.add(usbDeviceConfig);

     boolean result = appPolicy.addUsbDevicesForDefaultAccess(packageName, devices);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 12
MDM 5.1
Multiuser Environment
User Scope

public int applyRuntimePermissions (AppIdentity appIdentity, List<String> permissions, int permState)

Since: API level 19

Deprecated in API level 30
NOTE: This API is not available since Android 12.

API to apply a permission state (grant or deny or default) to given runtime permissions for a given package

Parameters
appIdentity AppIdentity of the application package.
permissions List of permissions to be granted or revoked or default. Passing null will be considered as all dangerous permissions requested in the application's manifest file being used.
permState Runtime permission grant state
PERMISSION_POLICY_STATE_DEFAULT
PERMISSION_POLICY_STATE_GRANT
PERMISSION_POLICY_STATE_DENY
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to apply grant or deny or default permission state to given runtime permissions for a given package. This API will also work for future installed applications in respective user space. This also applies to future runtimes permissions declared by app updates.

NOTE: Caller application of this API must be built with a targetSdkVersion of M or later.
NOTE: If administrator is applying this policy on a package which is sharing userId with other packages, administrator should apply same policy for those other packages.

 List<String> runtimePermissions = new ArrayList<String>();
 runtimePermissions.add("android.permission.ACCESS_COARSE_LOCATION");
 runtimePermissions.add("android.permission.CALL_PHONE");

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     int ret = appPolicy.applyRuntimePermissions(appIdentity, runtimePermissions, PERMISSION_POLICY_STATE_GRANT);
     if (ret == ApplicationPolicy.ERROR_NONE) {
         Log.w(TAG, "Granted runtime permissions " + runtimePermissions + " to package "com.sta.test" successfully");
     } else {
         Log.d(TAG, "Failed to grant runtime permissions " + runtimePermissions + " to package "com.sta.test"");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 List<String> runtimePermissions = new ArrayList<String>();
 runtimePermissions.add("android.permission.ACCESS_COARSE_LOCATION");
 runtimePermissions.add("android.permission.CALL_PHONE");

 AppIdentity appIdentity = new AppIdentity("com.sta.test", null);
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     int ret = appPolicy.applyRuntimePermissions(appIdentity, runtimePermissions, PERMISSION_POLICY_STATE_GRANT);
     if (ret == ApplicationPolicy.ERROR_NONE) {
         Log.w(TAG, "Granted runtime permissions " + runtimePermissions + " to package "com.sta.test" successfully");
     } else {
         Log.d(TAG, "Failed to grant runtime permissions " + runtimePermissions + " to package "com.sta.test"");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 19
MDM 5.6
Multiuser Environment
User Scope

public boolean changeApplicationIcon (String packageName, byte[] imageData)

Since: API level 2

Deprecated in API level 35

API to change an application's icon.

NOTE:

This API will work only for application level icon not activity level icon.

Parameters
packageName Application's package name
imageData Icon image's byte array. If null then the application icon is changed to its default.
Returns
  • true if the icon is changed successfully else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to change how the icon appears everywhere, including the home screen and the launcher menu. This API supports a maximum icon size of 1 MB. The preferred icon format is Portable Network Graphic (PNG). Since Android N, an icon set by one administrator cannot be overridden by a second administrator.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 String iconPath = "/sdcard/icon.jpg";
 File file = null;
 FileInputStream is = null;
 byte[] bytes = null;
 try {
     file = new File(iconPath);
     is = new FileInputStream(file);
 } catch (Exception e) {
     e.printStackTrace();
 }
 if (null != is) {
     // Get the size of the file
     long length = file.length();
     if (length > Integer.MAX_VALUE) {
         throw new IOException("The file is too big");
     }

     // Create the byte array to hold the data
     bytes = new byte[(int) length];
     // Read in the bytes
     int offset = 0;
     int numRead = 0;
     while (offset < bytes.length
             && (numRead = is.read(bytes, offset, bytes.length - offset)) >= 0) {
         offset += numRead;
     }
     // Ensure all the bytes have been read in
     if (offset < bytes.length) {
         throw new IOException("The file is not completely read: "
                 + file.getName());
     }
     // Close the input stream, all file contents are in the bytes
     // variable
     is.close();
 }
 try {
     String packageName = "com.test.app";
     appPolicy.changeApplicationIcon(packageName, bytes);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String iconPath = "/sdcard/icon.jpg";
 File file = null;
 FileInputStream is = null;
 byte[] bytes = null;
 try {
     file = new File(iconPath);
     is = new FileInputStream(file);
 } catch (Exception e) {
     e.printStackTrace();
 }
 if (null != is) {
     // Get the size of the file
     long length = file.length();
     if (length > Integer.MAX_VALUE) {
         throw new IOException("The file is too big");
     }

     // Create the byte array to hold the data
     bytes = new byte[(int) length];
     // Read in the bytes
     int offset = 0;
     int numRead = 0;
     while (offset < bytes.length
             && (numRead = is.read(bytes, offset, bytes.length - offset)) >= 0) {
         offset += numRead;
     }
     // Ensure all the bytes have been read in
     if (offset < bytes.length) {
         throw new IOException("The file is not completely read: "
                 + file.getName());
     }
     // Close the input stream, all file contents are in the bytes
     // variable
     is.close();
 }
 try {
     String packageName = "com.test.app";
     appPolicy.changeApplicationIcon(packageName, bytes);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean changeApplicationName (String packageName, String newName)

Since: API level 11

Deprecated in API level 35

API to change an application's name.

Parameters
packageName Application's package name
newName Application's new name. If null then the application name is changed to its default.
Returns
  • true if the name is changed successfully else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to change how the name of an application appears everywhere, including the home screen and the launcher menu. Administrator can return an application to its default name by setting null. Until Android N, if two administrators change the name of the same application, the last administrator will override the application's name set by the first. Since Android N, the first administrator cannot be overridden by a second one.

NOTE: In order to refresh the new name, the application is killed when this policy is applied.
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     String packageName = "com.test.app";
     appPolicy.changeApplicationName(packageName, "New Application Name");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     String packageName = "com.test.app";
     appPolicy.changeApplicationName(packageName, "New Application Name");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearAppPackageNameFromList ()

Since: API level 11

API to clear all of the whitelist and the blacklist package names.

Returns
  • true if the all packages are successfully deleted from the whitelist and blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to clear all package names from the blacklist and whitelist that were previously added using addAppPackageNameToBlackList(String) or addAppPackageNameToWhiteList(String). If an administrator calls clear application package from list, all blacklisted and whitelisted packages are removed. This API functionality is the same as removeAppPackageNameFromWhiteList(String) and removeAppPackageNameFromBlackList(String) except that the API removes all packages from blacklist and whitelist instead of removing specific package.

In case of multiple administrators, this API clears only the blacklist and whitelist set by the calling administrator. For example, administrator A sets one set of packages and administrator B sets another set of packages. If administrator A calls this API, all packages set by administrator A are cleared but that of administrator B are still valid and enforced.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     // try to clear all package names from both whitelist and blacklist
     boolean result = appPolicy.clearAppPackageNameFromList();
     if (true == result) {
         //both list cleared
     } else {
         //failed
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     // try to clear all package names from both whitelist and blacklist
     boolean result = appPolicy.clearAppPackageNameFromList();
     if (true == result) {
         //both list cleared
     } else {
         //failed
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearAppSignatureFromList ()

Since: API level 11

API to clear all signature data of the whitelist and the blacklist.

Returns
  • true if the signature is successfully removed from both lists, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to remove all application signature from the signature black and white list. Applications with a matching signature can be installed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     // try to clear all signature data from both whitelist and blacklist
     boolean result = appPolicy.clearAppSignatureFromList();
     if (true == result) {
         //both list cleared
     } else {
         //failed
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     // try to clear all signature data from both whitelist and blacklist
     boolean result = appPolicy.clearAppSignatureFromList();
     if (true == result) {
         //both list cleared
     } else {
         //failed
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearDisableClipboardBlackList ()

Since: API level 11

Deprecated in API level 35

API to remove all packages from disable clipboard blacklist.

Returns
  • true if the package blacklist was successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear all packages from disable clipboard blacklist. Only the packages previously added by the calling administrator will be cleared.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearDisableClipboardBlackList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearDisableClipboardBlackList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearDisableClipboardWhiteList ()

Since: API level 11

API to remove all packages from disable clipboard whitelist.

Returns
  • true if the package white list was successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear all packages from disable clipboard white list. Only the packages previously added by the calling administrator will be cleared.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearDisableClipboardWhiteList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearDisableClipboardWhiteList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearDisableUpdateBlackList ()

Since: API level 11

API to clear the list of packages from disable update blacklist.

Returns
  • true if the list was successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear the list of packages from the disable update blacklist. After the packages are cleared from the list, they can be updated, downgraded or replaced. This API will only clear the packages that the calling administrator has added.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearDisableUpdateBlackList();
     if (true == status) {
         // blacklist is successfully cleared
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean clearDisableUpdateWhiteList ()

Since: API level 11

API to clear the list of packages from disable update whitelist.

Returns
  • true if the list was successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear the list of packages from the disable update whitelist. If any package cleared from the whitelist was already added to the blacklist using addPackagesToDisableUpdateBlackList(List), it will not be able to be updated. This API will only clear the packages that the calling administrator has added.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearDisableUpdateWhiteList();
     if (true == status) {
         // whitelist is successfully cleared
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean clearFocusMonitoringList ()

Since: API level 15

API to remove all packages from focus monitoring list.

Returns
  • true if the monitoring list was successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear all packages from focus monitoring list.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearFocusMonitoringList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearFocusMonitoringList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signatureOrSystem.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public boolean clearNewAdminActivationAppWhiteList ()

Since: API level 11

Deprecated in API level 37

API to clear list of whitelisted applications that can be activated as an administrator.

Returns
  • true if whitelisted administrator activated applications is cleared, false if not cleared.
Usage
An administrator can use this API to clear the list of whitelisted applications that are allowed to be activated as an administrator.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     if (appPolicy.clearNewAdminActivationAppWhiteList()) {
         Log.w(TAG, " Clear new administrator activation whitelist allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean prevent = true;
     if (appPolicy.clearNewAdminActivationAppWhiteList()) {
         Log.w(TAG, " Clear administrator activation whitelist allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission with a protection level of signature.
Since
API level 11
KNOX 2.0
Multiuser Environment
User Scope

public boolean clearPackagesFromDisableClipboardList ()

Since: API level 11

API to remove all packages from both disable clipboard white and black list.

Returns
  • true if the packages from blacklist and whitelist were successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear all packages from disable clipboard blacklist. Only the packages previously added by the calling administrator will be cleared.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearPackagesFromDisableClipboardList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearPackagesFromDisableClipboardList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearPackagesFromDisableUpdateList ()

Since: API level 11

API to remove all packages from both disable update white and black list.

Returns
  • true if the lists were successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear the list of packages from the disable update blacklist and whitelist. After the packages are cleared from the list, they can be updated, downgraded or replaced. This API will only clear the packages that the calling administrator has added.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearPackagesFromDisableUpdateList();
     if (true == status) {
         //  both lists are successfully cleared
     } else {
         // lists removal failed
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean clearPackagesFromForceStopList ()

Since: API level 11

API to remove all packages from both force stop white and black list.

Returns
  • true if all the packages from black and white list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a all of the packages from the force stop blacklist and whitelist. After the packages are removed the user can stop the packages using force stop in the Settings app, stop through third party applications, and stop any service from the package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {;
     boolean status = appPolicy.clearPackagesFromForceStopList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean status = appPolicy.clearPackagesFromForceStopList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearPackagesFromNotificationList ()

Since: API level 11

API to clear all status bar notifications data of the whitelist and the blacklist.

Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can use this API to remove all of the packages from the status bar notification black and white list. After the packages are removed, an application with a matching package name can show status bar notifications.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearPackagesFromNotificationList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean status = appPolicy.clearPackagesFromNotificationList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearPackagesFromWidgetList ()

Since: API level 11

API to clear all allowed widget data of the whitelist and the blacklist.

Returns
  • true if the package list was successfully removed from both, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove all of the packages from the widget black and white list. After the packages are removed, the user can use a widget with a matching package name.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearPackagesFromWidgetList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean status = appPolicy.clearPackagesFromWidgetList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearPreventStartBlackList ()

Since: API level 11

API to remove all packages from prevent start blacklist.

Returns
  • true if the package list was successfully cleared, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to clear all packages from prevent start blacklist. Only the packages previously added by the calling administrator will be cleared.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearPreventStartBlackList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean status = appPolicy.clearPreventStartBlackList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean clearUsbDevicesForDefaultAccess (String packageName)

Since: API level 12

API to clear all the usb devices which are granted user permission for a package

Parameters
packageName The package name of the application.
Returns
  • true if successful else false.
Throws
SecurityException If caller does not have required permissions
Usage
Used to clear the list of all the usb devices which are granted user permission for a package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
  try {
     boolean result = appPolicy.clearUsbDevicesForDefaultAccess(packageName);
  }catch(SecurityException e) {
      Log.w(TAG,"SecurityException: "+e);
   }

 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean result = appPolicy.clearUsbDevicesForDefaultAccess(packageName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 12
MDM 5.1
Multiuser Environment
User Scope

public boolean deleteHomeShortcut (String pkgName, String homePkgName)

Since: API level 5

API to remove an application shortcut from the home screen of user profile.

Parameters
pkgName The package name of the application.
homePkgName The target launcher (null if all launchers). Since Android O, this parameter should be null.
Returns
  • true on delete an application shortcut successfully, else false on failure or if launcher package name is invalid.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to remotely remove an application shortcut from the home screen (on an specific launcher or every launcher available) of an user profile.


NOTES:

- Since Android O, the homePkgName parameter should be null and the shortcut is deleted only in current launcher.
- Since Android O, this API is not supported in third party launchers.

 // administrator wants to remove a browser shortcut from the home screen
 String packageName = "com.android.browser";
 String homePkgName = null;
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     boolean result = applicationPolicy.deleteHomeShortcut(packageName, homePkgName);

     if (result == true) {
         Log.d(TAG, "deleteHomeShortcut has succeeded!");
     } else {
         Log.d(TAG, "deleteHomeShortcut has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // administrator wants to remove a browser shortcut from the home screen
 String packageName = "com.android.browser";
 String homePkgName = null;
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = applicationPolicy.deleteHomeShortcut(packageName, homePkgName);

     if (result == true) {
         Log.d(TAG, "deleteHomeShortcut has succeeded!");
     } else {
         Log.d(TAG, "deleteHomeShortcut has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature and 'com.android.launcher.permission.UNINSTALL_SHORTCUT' permission which has a protection level normal.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public void disableAndroidBrowser ()

Since: API level 2

Deprecated in API level 33

API to disable the native Android browser application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to disable the native browser application silently. Third-party browsers are not affected by this operation. The application can then enabled by enableAndroidBrowser(). The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public void disableAndroidMarket ()

Since: API level 1

Deprecated in API level 33

API to disable the Google Play application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to disable Google Play to prevent a user from installing unauthorized applications on the device. The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public void disableVoiceDialer ()

Since: API level 2

Deprecated in API level 33

API to disable the voice dialer application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to disable the voice dialer application silently. The application can then enabled by enableVoiceDialer(). Third-party voice dialer applications are not affected by this operation. The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public void disableYouTube ()

Since: API level 2

Deprecated in API level 33

API to disable the YouTube application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to disable the YouTube application silently. The application can only then enabled by calling enableYouTube(). The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public void enableAndroidBrowser ()

Since: API level 2

Deprecated in API level 33

API to enable the native Android browser application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to enable the native browser application silently. The application can be disabled by explicit calling disableAndroidBrowser(). Third-party browsers are not affected by this operation. The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public void enableAndroidMarket ()

Since: API level 1

Deprecated in API level 33

API to enable the Google Play application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to enable Google Play to enable the user to install application packages. The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     appPolicy.enableAndroidMarket();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     appPolicy.enableAndroidMarket();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 // Note: For Container, this API will work only from KNOX 2.1. Also administrator needs to whitelist
 // "com.android.vending" package name with addAppPackageNameToWhiteList(String) before calling this API.
 
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public void enableVoiceDialer ()

Since: API level 2

Deprecated in API level 33

API to enable the voice dialer application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to enable the voice dialer application silently. The application can be disabled by explicit calling disableVoiceDialer(). The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String). Third-party voice dialer applications are not affected by the operation of this API.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public void enableYouTube ()

Since: API level 2

Deprecated in API level 33

API to enable the YouTube application.

Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to enable the native YouTube application even if it is disabled by some other means such as a blacklisted permission. The YouTube application can be disabled only by explicitly calling disableYouTube(). The API caller can verify success or failure of the operation by calling getApplicationStateEnabled(String).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public AppInfoLastUsage[] getAllAppLastUsage ()

Since: API level 2

API to get last launch time and last usage duration from applications.

Returns
  • List of AppInfoLastUsage (package name, last launch time and last usage duration are returned and other fields of AppInfoLastUsage will be -1) if successful, else null.
Throws
SecurityException If caller does not have required permissions
Usage
This API gets the last launch time and last usage duration by application.

This task is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures the best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     AppInfoLastUsage[] list = appPolicy.getAllAppLastUsage();
     if (null == list) {
         //return;
     }
     for (AppInfoLastUsage appInfo : list) {
         Log.d(TAG, "Package: " + appInfo.packageName
                                + "LastLaunchTime: " + appInfo.lastLaunchTime
                                + "LastUsageDuration: " + appInfo.lastAppUsage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     AppInfoLastUsage[] list = appPolicy.getAllAppLastUsage();
     if (null == list) {
         //return;
     }
     for (AppInfoLastUsage appInfo : list) {
         Log.d(TAG, "Package: " + appInfo.packageName
                                + "LastLaunchTime: " + appInfo.lastLaunchTime
                                + "LastUsageDuration: " + appInfo.lastAppUsage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public List<DefaultAppConfiguration> getAllDefaultApplications ()

Since: API level 15

Deprecated in API level 32
NOTE: This API is not available since Android 10.

API to get the list of default applications set by all administrators in the device.

Returns
  • List of task types and respectives default applications that will handle such tasks or empty list if no default application has been set by any administrator.
Throws
SecurityException If caller does not have required permissions
Usage

This API can be used to get the list of all task types (as an Intent format) and the respectives default applications, previously set by any administrator of the device, that will handle such tasks. If no default application has been set by any administrator in the device, this API will return an empty list.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<DefaultAppConfiguration> defaultAppsList = appPolicy.getAllDefaultApplications();
     for(DefaultAppConfiguration defaultApp : defaultAppsList) {
         Intent taskType = defaultApp.getTaskType();
         ComponentName componentName = defaultApp.getComponentName();

         Log.w(TAG, "The Intent " + taskType.toString()
                 + " will be handled by " + componentName.flattenToString());
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<DefaultAppConfiguration> defaultAppsList = appPolicy.getAllDefaultApplications();
     for(DefaultAppConfiguration defaultApp : defaultAppsList) {
         Intent taskType = defaultApp.getTaskType();
         ComponentName componentName = defaultApp.getComponentName();

         Log.w(TAG, "The Intent " + taskType.toString()
                 + " will be handled by " + componentName.flattenToString());
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public Map<AppWidgetProviderInfoArrayList<Integer>> getAllWidgets (String pkgName)

Since: API level 5

API to return the list of all widgets currently on the home screen of the specified launcher. For alternative launchers (e.g., GoLauncher EX), this API will not return tied widgets added to home screen. A tied widget is a widget that is available only on the specified launcher.

Parameters
pkgName Package name of the specified launcher application.
Returns
  • A map containing the AppWidgetProviderInfo and the IDs of the widgets added to home screen of the specified launcher.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get a list of all widgets added to a specified launcher home screen of an user profile. The returned information contains package names and IDs.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
   Map<AppWidgetProviderInfo, ArrayList<Integer>> retList = appPolicy.getAllWidgets();
   String allWidgets = "";
   for(Iterator<AppWidgetProviderInfo> it = retList.keySet().iterator(); it.hasNext();) {
       Object key = it.next();
       AppWidgetProviderInfo providerInfo = (AppWidgetProviderInfo) key;
       Object item = retList.get(key);
       allWidgets = allWidgets + "Widget: " + providerInfo.provider.toString()
       + "\nID: " + item.toString() + "\n\n";
   }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
   Map<AppWidgetProviderInfo, ArrayList<Integer>> retList = appPolicy.getAllWidgets();
   String allWidgets = "";
   for(Iterator<AppWidgetProviderInfo> it = retList.keySet().iterator(); it.hasNext();) {
       Object key = it.next();
       AppWidgetProviderInfo providerInfo = (AppWidgetProviderInfo) key;
       Object item = retList.get(key);
       allWidgets = allWidgets + "Widget: " + providerInfo.provider.toString()
       + "\nID: " + item.toString() + "\n\n";
   }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<AppControlInfo> getAppPackageNamesAllBlackLists ()

Since: API level 3

API to get the list of blacklisted application package names for all administrators.

Returns
  • AppControlInfo List of the blacklisted package names along with the controlling administrator application package name if it succeeds, else null.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of application packages names that are blacklisted for all administrators. An application with a matching application package name cannot be installed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 List appList = appPolicy.getAppPackageNamesAllBlackLists();
 if(appList.isEmpty()){
     Log.w(TAG," list of blacklisted application package names for"
             +"all administrators is EMPTY/NULL");
 }else{
     Log.d(TAG,"list of blacklisted application package names for"
             +"all administrators is not EMPTY/NULL !!!");
 }

 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 List appList = appPolicy.getAppPackageNamesAllBlackLists();
 if(appList.isEmpty()){
      Log.w(TAG," list of blacklisted application package names for"
          +"all administrators is EMPTY/NULL");
 }else{
      Log.d(TAG,"list of blacklisted application package names for"
          +"all administrators is not EMPTY/NULL !!!");
 }

 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public List<AppControlInfo> getAppPackageNamesAllWhiteLists ()

Since: API level 3

API to get the list of whitelisted application package names for all administrators.

Returns
  • AppControlInfo List of the whitelisted application package names along with the controlling administrator application package name if it succeeds, else null.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of application package names that are whitelisted for all admninistrators. An application with a matching application package name is an exception to the blacklist and can be installed.

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public List<AppControlInfo> getAppPermissionsAllBlackLists ()

Since: API level 3

API to get the list of blacklisted application package permissions for all administrators.

Returns
  • AppControlInfo List of the blacklisted permissions along with the controlling administrator application package name if it succeeds, else null.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of permissions that are blacklisted for all administrators. An application with matching permissions (permissions requested in 'uses-permission' tag of Android Manifest) cannot be installed. Existing applications on a device with matching permissions are not disabled.

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public String[] getAppPermissionsBlackList ()

Since: API level 2

API to get the list of blacklisted application permissions.

Returns
  • String array of the blacklisted permissions for the calling administrator if it succeeds, else null.
Usage
An administrator can use this API to get the list of permissions that are blacklisted. Applications with matching permissions (permissions requested in 'uses-permission' tag of Android Manifest) cannot be installed.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public List<AppControlInfo> getAppSignaturesAllBlackLists ()

Since: API level 3

API to get the list of blacklisted application package signatures for all administrators.

Returns
  • AppControlInfo List of blacklisted application package signatures along with the controlling administrator application package name if it succeeds, else return null.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get list of blacklisted application package signatures. An application package with a matching signature cannot be installed. An existing application package on the device with a matching signature is not disabled.

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public List<AppControlInfo> getAppSignaturesAllWhiteLists ()

Since: API level 6

API to get the list of whitelisted application package signatures for all administrators.

Returns
  • AppControlInfo list of the whitelisted signatures along with the controlling administrator application package name if it succeeds, else return null.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get list of signatures that are whitelisted for all administrators.

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope

public String[] getAppSignaturesBlackList ()

Since: API level 2

API to get the list of blacklisted application signatures.

Returns
  • String array of the blacklisted signatures for the calling administrator if it succeeds, else null.
Usage
An administrator can use this API to get the list of blacklisted application signatures. Applications with a matching signature cannot be installed.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public String[] getAppSignaturesWhiteList ()

Since: API level 6

API to get the list of whitelisted application signatures.

Returns
  • String array of the whitelisted signatures for the calling administrator if it succeeds, else null.
Usage
An administator can use this API to get the list of whitelisted application signatures.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope

public long getApplicationCacheSize (String packageName)

Since: API level 2

API to get the cache size of an application.

Parameters
packageName The package name of the application
Returns
  • Size in bytes if success, else -1.
Throws
SecurityException If caller does not have required permissions
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public long getApplicationCodeSize (String packageName)

Since: API level 2

API to get the code size of an application.

Parameters
packageName The package name of the application
Returns
  • Size in bytes if success, else -1.
Throws
SecurityException If caller does not have required permissions
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean getApplicationComponentState (ComponentName compName)

Since: API level 11

Deprecated in API level 37

API to get current state (enabled / disabled) of a package's component (activity, receiver, service, provider).

Parameters
compName Name of component whose enabled state has to be retrieved
Returns
  • true if enabled and false if disabled
Usage
An administrator can use this API to get the status of a component of a package. This API returns false if the component is disabled else it returns true.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 ComponentName compName = new ComponentName("com.android.calendar", "com.android.calendar.AllInOneActivity");
 try {
     boolean enable = appPolicy.getApplicationComponentState(compName);
 } catch (SecurityException e) {
     Log.w(TAG, "Failed talking with application policy", e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 ComponentName compName = new ComponentName("com.android.calendar", "com.android.calendar.AllInOneActivity");
 try {
     boolean enable = appPolicy.getApplicationComponentState(compName);
 } catch (SecurityException e) {
     Log.w(TAG, "Failed talking with application policy", e);
 }
 
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public long getApplicationCpuUsage (String packageName)

Since: API level 2

API to get the CPU usage of an application.

Parameters
packageName The package name of the application
Returns
  • CPU usage in percentage if success, else -1.
Throws
SecurityException If caller does not have required permissions
Usage
This API invokes is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public long getApplicationDataSize (String packageName)

Since: API level 2

API to get the data size of an application.

Parameters
packageName The package name of the application
Returns
  • Size in bytes if success, else -1.
Throws
SecurityException If caller does not have required permissions
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean getApplicationInstallationEnabled (String pkg)

Since: API level 2

API to check whether a particular application package can be installed.

Returns
  • true if installation is allowed, else false.
Usage
An administrator can use this API to check whether a particular application package can be installed. If the return value is false, the user cannot install the application package.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public int getApplicationInstallationMode ()

Since: API level 2

API to get the current installation mode for all applications. Default mode is allow (any application package can be installed).

Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public long getApplicationMemoryUsage (String packageName)

Since: API level 2

API to get the RAM memory usage of an application.

Parameters
packageName The package name of the application
Returns
  • Size in bytes if success, else -1.
Throws
SecurityException If caller does not have required permissions
Usage
This API invokes is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public String getApplicationName (String packageName)

Since: API level 1

API to get the application name.

Parameters
packageName The package name of the application
Returns
  • Application name on success, else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get the user-readable string of the application, which is displayed if the application information is viewed.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public List<NetworkStats> getApplicationNetworkStats ()

Since: API level 2

Deprecated in API level 36

API to get a list of network traffic usage and the corresponding UIDs.

Returns
  • List of NetworkStats objects if success, else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get the NetworkStats list, which contains the UID, received mobile bytes,transmitted mobile bytes, received WiFi bytes, and transmitted WiFi bytes.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List list = appPolicy.getApplicationNetworkStats();
     if (null == list) {
         //return;
     }
     for (NetworkStats netUsage : list) {
         Log.d(TAG, "uid :" + netUsage.uid + " bytes received in wi-fi"
                 + netUsage.wifiRxBytes + " bytes sent in wi-fi"
                 + netUsage.wifiTxBytes + " bytes sent in mobile"
                 + netUsage.mobileTxBytes + " bytes sent in mobile"
                 + netUsage.mobileTxBytes);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
  // Sample Output
  // uid wi-fi recvd wi-fi sent Mobile recvd Mobile sent
  // 10051 1254 bytes 1000 bytes 1024 bytes 2048 bytes
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List list = appPolicy.getApplicationNetworkStats();
     if (null == list) {
         //return;
     }
     for (NetworkStats netUsage : list) {
         Log.d(TAG, "uid :" + netUsage.uid + " bytes received in wi-fi"
                 + netUsage.wifiRxBytes + " bytes sent in wi-fi"
                 + netUsage.wifiTxBytes + " bytes sent in mobile"
                 + netUsage.mobileTxBytes + " bytes sent in mobile"
                 + netUsage.mobileTxBytes);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
  // Sample Output
  // uid wi-fi recvd wi-fi sent Mobile recvd Mobile sent
  // 10051 1254 bytes 1000 bytes 1024 bytes 2048 bytes
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public int getApplicationNotificationMode ()

Since: API level 5

API to get block mode for notifications of status bar expansion.

Returns
Throws
SecurityException If caller does not have required permissions.
Usage
An administrator can use this API to get the block mode for notifications of status bar expansion.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     int mode  = appPolicy.getApplicationNotificationMode();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     int mode  = appPolicy.getApplicationNotificationMode();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public Bundle getApplicationRestrictions (ComponentName admin, String packageName)

Since: API level 20

API to get the application restrictions for a target application.

Parameters
admin The component name of administrator this request is associated with (must not be null).
packageName The name of the package to fetch restrictions.
Returns
  • Bundle of restrictions corresponding to what was set last time, or an empty Bundle if no restrictions have been set.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the application restrictions for a target application.

It is a wrapper for DevicePolicyManager::getApplicationRestrictions() API, but an administrator does not need to be a device or profile owner to call it.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 ComponentName deviceAdmin = new ComponentName(getApplicationContext(), MDMAdmin.class);
 String packageName = "com.android.chrome";
 try {
     Bundle restrictions = appPolicy.getApplicationRestrictions(deviceAdmin, packageName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 ComponentName deviceAdmin = new ComponentName(getApplicationContext(), MDMAdmin.class);
 String packageName = "com.android.chrome";
 try {
     Bundle restrictions = appPolicy.getApplicationRestrictions(deviceAdmin, packageName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 20
MDM 5.7
Multiuser Environment
User Scope

public boolean getApplicationStateEnabled (String packageName)

Since: API level 1

API to check whether a given application package is enabled or disabled.

Parameters
packageName The package name of the application
Returns
  • true if given application package is enabled, else false.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public String[] getApplicationStateList (boolean state)

Since: API level 2

API to get the list of enabled or disabled applications based on state.

Parameters
state Specifies whether the list identifies disabled applications or enabled applications. If the state value is false, the list identifies disabled applications, and if the state value is true, the list identifies enabled applications.
Returns
  • String array of enabled or disabled applications if successful, else null.
Throws
SecurityException If caller does not have required permissions
Usage
This task is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures the best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public long getApplicationTotalSize (String packageName)

Since: API level 2

API to get the total size of an application package.

Parameters
packageName The package name of the application
Returns
  • Size in bytes if success, else -1.
Throws
SecurityException If caller does not have required permissions
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Usage
An administrator can use this API to get the total size of an installed application package. The total size includes application package's cache size, code size, and data size.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public int getApplicationUid (String packageName)

Since: API level 12

API to get the application uid.

Parameters
packageName The package name of the application
Returns
  • Application uid on success, else -1
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get the uid of the application.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 12
MDM 5.1
Multiuser Environment
User Scope

public boolean getApplicationUninstallationEnabled (String pkg)

Since: API level 1

Deprecated in API level 36

API to check whether a particular application package can be uninstalled.

Returns
  • true if uninstallation is allowed, else false.
Usage
An administrator can use this API to check whether a particular application package can be uninstalled. If the return value is false, the user cannot uninstall the application.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public int getApplicationUninstallationMode ()

Since: API level 4

API to get the current uninstallation mode for all applications. The default mode is to allow any application package to be uninstalled.

Returns
Since
API level 4
MDM 2.2
Multiuser Environment
User Scope

public String getApplicationVersion (String packageName)

Since: API level 1

API to get the application version.

Parameters
packageName The package name of the application
Returns
  • Application version if success, else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administration can use this API to get the user-readable string of the application version, which is displayed if the application information is viewed.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public int getApplicationVersionCode (String packageName)

Since: API level 11

API to get the application version code.

Parameters
packageName The package name of the application
Returns
  • Application version code if success, else -1
Throws
SecurityException If caller does not have required permissions
Usage
An administration can use this API to get the version code of the application version, which is displayed if the application information is viewed.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public AppInfoLastUsage[] getAvgNoAppUsagePerMonth ()

Since: API level 2

API to get a list of application launch counts per month.

Returns
  • List of AppInfoLastUsage (package name and launch count per month is returned and other fields of AppInfoLastUsage will be -1) if successful, else null.
Throws
SecurityException If caller does not have required permissions
Usage
This API gets the launch count per month by application.

This task is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures the best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     AppInfoLastUsage[] list = appPolicy.getAvgNoAppUsagePerMonth();
     if (null == list) {
         //return;
     }
     for (AppInfoLastUsage appInfo : list) {
         Log.d(TAG, "package :" + appInfo.mPackageName + "usage per month :"
                 + appInfo.launchCountPerMonth);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
  // Sample Output
  // com.android.browser 5 (/month)
  // com.android.phone 2(/month)
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     AppInfoLastUsage[] list = appPolicy.getAvgNoAppUsagePerMonth();
     if (null == list) {
         //return;
     }
     for (AppInfoLastUsage appInfo : list) {
         Log.d(TAG, "package :" + appInfo.mPackageName + "usage per month :"
                 + appInfo.launchCountPerMonth);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
  // Sample Output
  // com.android.browser 5 (/month)
  // com.android.phone 2(/month)
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean getConcentrationMode ()

Since: API level 35

API to get concentration mode

Returns
  • true if concentraion mode is on, otherwise false
Usage

An administrator can use this API to get concentration mode.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 boolean result = appPolicy.getConcentrationMode();
 
Since
API level 35
KNOX 3.8

public ComponentName getDefaultApplication (Intent intent)

Since: API level 15

Deprecated in API level 32
NOTE: This API is not available since Android 10.

API to get the default application configured to execute the given task type.

Parameters
intent Intent that is normally sent to execute a desired task (e.g. send SMS/MMS, open URL).
Returns
  • ComponentName containing the package name and activity name that handle the given task type. Returns null if no application has been set to execute this task as default.
Throws
SecurityException If caller does not have required permissions or caller is in a guest user trying to get the default application of a task that can be performed only on owner space (e.g. SMS_MMS_TASK or OPEN_DIALER_TASK).
Usage

This API can be used to get the default application previously set by any administrator to execute a given task type. Android framework will automatically handle the given Intent with the ComponentName returned by this API. If no default application has been set by any administrator in the device, this API will return null.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     ComponentName componentName = appPolicy.getDefaultApplication(ApplicationPolicy.SMS_MMS_TASK);
     if(componentName != null) {
         Log.w(TAG, "Default App: " + componentName.flattenToString());
     } else {
         Log.w(TAG, "No Default App set for this task");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     ComponentName componentName = appPolicy.getDefaultApplication(ApplicationPolicy.SMS_MMS_TASK);
     if(componentName != null) {
         Log.w(TAG, "Default App: " + componentName.flattenToString());
     } else {
         Log.w(TAG, "No Default App set for this task");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
NOTE: This API will throw a SecurityException if caller is in container trying to get the default application of a task that can be performed only on owner space (e.g. SMS_MMS_TASK or OPEN_DIALER_TASK).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public List<ComponentName> getHomeShortcuts (String pkgName, boolean includeHotSeat)

Since: API level 11

API to get all shortcuts from homescreen.

Parameters
pkgName package name of the installed home screen. null for default/kiosk home screen.
includeHotSeat if true, include Hotseat items in the home screen, if false, not include hotseat items.
Returns
  • all the ComponentName of shortcuts
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get a list of all shortcuts added to the default launcher of an user profile. This API returns a list of ComponentName objects, which contain specific information about the shortcuts.

NOTES:
This API will fail for third party launchers.

 String TAG = "getHomeShortcuts";
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
      List<ComponentName> shortcuts = appPolicy.getHomeShortcuts(null, true);
      for (ComponentName shortcut : shortcuts){
          if(shortcut != null)
             Log.i(TAG, shortcut.getPackageName() + "/" + shortcut.getClassName());
      }
     Log.i(TAG, getHomeShortcuts); // Shows a string with the home shortcuts.
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
     // Security Exception should be handled here
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 String TAG = "getHomeShortcuts";
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
      List<ComponentName> shortcuts = appPolicy.getHomeShortcuts(null, true);
      for (ComponentName shortcut : shortcuts){
          if(shortcut != null)
             Log.i(TAG, shortcut.getPackageName() + "/" + shortcut.getClassName());
      }
     Log.i(TAG, getHomeShortcuts); // Shows a string with the home shortcuts.
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
     // Security Exception should be handled here
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public String[] getInstalledApplicationsIDList ()

Since: API level 1

API to get a list of all installed application packages.

Returns
  • List of installed application packages name that are unique in Android. List is produced if successful (e.g., 'com.company.app'), else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get a list of all application packages installed on the device, including system application packages and uninstalled application packages whose data has not been cleared. The list includes both managed and non-managed applications.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public List<AppInfo> getMostCpuUsageApps (int appCount, boolean showAllProcess)

Since: API level 2

API to get a list of application packages or processes with the highest CPU usage.

Parameters
appCount Number of applications to be returned. If appCount is less than 0 or greater than the number of available applications then the list size is equal to the total number of available applications.
showAllProcess If true, then all processes including system process are shown, else only installed application processes.
Returns
  • Sorted list of CPU information if successful (the usage field contains the CPU usage percentage), else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get CPU usage information for all processes and sort it by CPU usage order. If CPU usage is the same, sorting is performed in alphabetical order.

This task is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures the best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     int appCount = 5;
     List list = appPolicy.getMostCpuUsageApps(appCount, false);
     if (null == list) {
         //return;
     }
     for (Appinfo appInfo : list) {
         Log.d(TAG, "CPU usage package :" + appInfo.packageName
                 + " CPU usage :" + appInfo.usage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }

  // Sample Output (in %)
  // com.android.browser 4
  // com.android.phone 2
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     int appCount = 5;
     List list = appPolicy.getMostCpuUsageApps(appCount, false);
     if (null == list) {
         //return;
     }
     for (Appinfo appInfo : list) {
         Log.d(TAG, "CPU usage package :" + appInfo.packageName
                 + " CPU usage :" + appInfo.usage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }

  // Sample Output (in %)
  // com.android.browser 4
  // com.android.phone 2
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public List<AppInfo> getMostDataUsageApps (int appCount)

Since: API level 2

API to get list of application packages with most data size.

Parameters
appCount Number of applications to be returned. If appCount is less than 0 or greater than the number of available applications then the list size is equal to the total number of available applications.
Returns
  • List of data information for all processes (the usage field contains the file system usage in bytes), else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get persistent storage size information for all applications and sort it in usage order. If usage values are the same then sorting is by alphabetical order.

This task is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures the best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     int appCount = 2;
     List list = appPolicy.getMostDataUsageApps(appCount);
     if (null == list) {
         //return;
     }
     for (Appinfo appInfo : list) {
         Log.d(TAG, "package :" + appInfo.packageName + " data usage :"
                 + appInfo.usage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
  // Sample Output
  // com.android.browser 2097152 (2MB)
  // com.android.phone 1048576 (1MB)
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     int appCount = 2;
     List list = appPolicy.getMostDataUsageApps(appCount);
     if (null == list) {
         //return;
     }
     for (Appinfo appInfo : list) {
         Log.d(TAG, "package :" + appInfo.packageName + " data usage :"
                 + appInfo.usage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
  // Sample Output
  // com.android.browser 2097152 (2MB)
  // com.android.phone 1048576 (1MB)
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public List<AppInfo> getMostMemoryUsageApps (int appCount, boolean showAllProcess)

Since: API level 2

API to get a list of application packages or processes with the highest memory usage.

Parameters
appCount Number of applications to be returned. If appCount is less than 0 or greater than the number of available applications then the list size is equal to the total number of available applications.
showAllProcess All processes including system process are shown if true, else only installed application processes.
Returns
  • List of memory information for all processes if successful (the usage field contains the RAM memory usage in bytes), else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get the RAM memory information for all processes and sort it by memory usage order. If memory usage is the same then sorting is by alphabetical order.

This task is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     int appCount = 2;
     List list = appPolicy.getMostMemoryUsageApps(appCount, false);
     if (null == list) {
         //return;
     }
     for (Appinfo appInfo : list) {
         Log.d(TAG, "package :" + appInfo.packageName + " memory usage :"
                 + appInfo.usage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }

  // Sample Output
  // com.android.browser 102400 (100KB)
  // com.android.phone 92160 (90KB)
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     int appCount = 2;
     List list = appPolicy.getMostMemoryUsageApps(appCount, false);
     if (null == list) {
         //return;
     }
     for (Appinfo appInfo : list) {
         Log.d(TAG, "package :" + appInfo.packageName + " memory usage :"
                 + appInfo.usage);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }

  // Sample Output
  // com.android.browser 102400 (100KB)
  // com.android.phone 92160 (90KB)
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public List<String> getNewAdminActivationAppWhiteList ()

Since: API level 11

Deprecated in API level 37

API to get list of whitelisted applications that can be activated as an administrator.

Returns
  • list of whitelisted applications.
Usage
An administrator can use this API to get current list of whitelisted applications that are allowed to be activated as an administrator.
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission with a protection level of signature.
Since
API level 11
KNOX 2.0
Multiuser Environment
User Scope

public List<String> getPackagesFromBatteryOptimizationWhiteList ()

Since: API level 20

API to get the list of packages from the Battery Optimization whitelist.

Returns
  • package list of the Battery Optimization whitelist.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages from the Battery Optimization whitelist.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String>  packageNames = appPolicy.getPackagesFromBatteryOptimizationWhiteList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String>  packageNames = appPolicy.getPackagesFromBatteryOptimizationWhiteList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 20
MDM 5.7
Multiuser Environment
User Scope

public List<String> getPackagesFromBlackList (int type)

Since: API level 24

API to get all packages for a given type of blacklist.

Parameters
type Type of blacklist.
TYPE_APPROVED_APP_INSTALLER
TYPE_EXTERNAL_STORAGE_ACCESS
Returns
  • List of application package names if successful, else null.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get all packages for a given type of blacklist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageYouWantedBlocked is standard java.lang.String object.

NOTE: TYPE_EXTERNAL_STORAGE_ACCESS is not available since API level 33.

TYPE_APPROVED_APP_INSTALLER
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List packages = appPolicy.getPackagesFromBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List packages = appPolicy.getPackagesFromBlackList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS);

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }

 
For Container:
TYPE_APPROVED_APP_INSTALLER
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List packages = appPolicy.getPackagesFromBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List packages = appPolicy.getPackagesFromBlackList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 24
KNOX 3.0

public List<String> getPackagesFromClearCacheBlackList ()

Since: API level 5

API to get the list of blacklisted packages in clear cache blacklist.

Returns
  • List of packages that the user cannot clear cache. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the clear cache blacklist. The user cannot clear cache for an application with a matching package name. The actions include clear cache in Settings app, clearing cache through third-party applications, and clearing service cache from the application. The user can still clear cache the application through its interface or back key. For any package added on the whitelist using addPackagesToClearCacheWhiteList(List), the application cache can be cleared. The whitelist is the exception to the blacklist. If a package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearCacheBlackList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearCacheBlackList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromClearCacheWhiteList ()

Since: API level 5

API to get the list of whitelisted packages in clear cache whitelist.

Returns
  • List of packages that the user can clear cache. This list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of package names that are in the clear cache whitelist. The user can clear cache for applications with matching package names. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearCacheWhiteList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearCacheWhiteList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromClearDataBlackList ()

Since: API level 5

API to get the list of blacklisted packages in clear data blacklist.

Returns
  • List of packages that the user cannot clear data. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the clear data blacklist. The user cannot clear data for an application with a matching package name. The actions include clear data in Settings app, clearing data through third-party applications, and clearing service data from the application. The user can still clear data the application through its interface or back key. For any package added on the whitelist using addPackagesToClearDataWhiteList(List), the application data can be cleared. The whitelist is the exception to the blacklist. If a package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearDataBlackList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearDataBlackList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromClearDataWhiteList ()

Since: API level 5

API to get the list of whitelisted packages in clear data whitelist.

Returns
  • List of packages that the user can clear data. This list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of package names that are in the clear data whitelist. The user can clear data for applications with matching package names. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearDataWhiteList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromClearDataWhiteList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromDisableClipboardBlackList ()

Since: API level 11

Deprecated in API level 35

API to get packages from disable clipboard blacklist.

Returns
  • List of application packages whose clipboard cannot be used by user. This list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the disable clipboard blacklist. User will not be able to use application`s clipboard whose package is on this list.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromDisableClipboardBlackList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromDisableClipboardBlackList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public List<String> getPackagesFromDisableClipboardWhiteList ()

Since: API level 11

API to get packages from disable clipboard white list.

Returns
  • List of application packages whose clipboard can be used by user even if any of these packages are in disable clipboard black list. This list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the disable clipboard white list. User will be able to use application`s clipboard whose package is on this list even if the given package is also on disable clipboard blacklist.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromDisableClipboardWhiteList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromDisableClipboardWhiteList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public List<String> getPackagesFromDisableUpdateBlackList ()

Since: API level 11

API to get the list of blacklisted packages in disable update blacklist.

Returns
  • List of packages that cannot be upgraded. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the disable update blacklist. An application with a matching package name cannot be upgraded. It also prevents the application from being downgraded (installing an older version) or being replaced (installing another apk with same version number). If a package on the blacklist is also added to the whitelist using addPackagesToDisableUpdateWhiteList(List), the application can still be upgraded. The whitelist is the exception to the blacklist of the same administrator. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority. The whitelist has no priority over blacklists of other administrators and it has no effect if blacklist is empty.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromDisableUpdateBlackList();
     if (appList != null) {
         Iterator it = appList.iterator();
         while (it.hasNext()) {
             String value = (String) it.next();
             System.out.println("Value: " + value);
         }
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public List<String> getPackagesFromDisableUpdateWhiteList ()

Since: API level 11

API to get the list of whitelisted packages in disable update whitelist.

Returns
  • List of packages that can be updated. This list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of package names that are in the disable update whitelist. Applications with matching package names can be updated. The whitelist is the exception to the blacklist of the same administrator. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority. The whitelist has no priority over blacklists of other administrators and it has no effect if blacklist is empty.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromDisableUpdateWhiteList();
     if (appList != null) {
         Iterator it = appList.iterator();
         while (it.hasNext()) {
             String value = (String) it.next();
             System.out.println("Value: " + value);
         }
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public List<String> getPackagesFromFocusMonitoringList ()

Since: API level 15

API to get packages from focus monitoring list.

Returns
  • List of packages whose activities are monitored for focus changes.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the focus monitoring list.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromFocusMonitoringList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromFocusMonitoringList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signatureOrSystem.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public List<String> getPackagesFromForceStopBlackList ()

Since: API level 5

API to get the list of blacklisted packages in force stop blacklist.

Returns
  • List of packages that the user cannot stop. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the force stop blacklist. The user cannot stop an application with a matching package name. The stop actions include force stop in Settings app, stopping through third-party applications, and stopping any service from the application. The user can still stop the application through its interface or back key. For any package added on the whitelist using addPackagesToForceStopWhiteList(List), the application can still be stopped. The whitelist is the exception to the blacklist. If a package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromForceStopBlackList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> appList = appPolicy.getPackagesFromForceStopBlackList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromForceStopWhiteList ()

Since: API level 5

API to get the list of whitelisted packages in force stop whitelist.

Returns
  • List of packages that the user can stop. This list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of package names that are in the force stop whitelist. The user can stop applications with matching package names. The whitelist is the exception to the blacklist. If the package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> appList = appPolicy.getPackagesFromForceStopWhiteList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> appList = appPolicy.getPackagesFromForceStopWhiteList();
     Iterator it = appList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromNotificationBlackList ()

Since: API level 5

API to get the list of blacklisted package names in the notification blacklist.

Returns
  • List of the applications blocked from showing status bar notifications. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can use this API to get the list of blacklisted package names An application with a matching package name cannot show status bar notifications.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = appPolicy.getPackagesFromNotificationBlackList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = appPolicy.getPackagesFromNotificationBlackList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromNotificationWhiteList ()

Since: API level 5

API to get the list of whitelisted application package names in the notification whitelist.

Returns
  • List of the applications allowed to show status bar notifications. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can use this API to get the list of whitelisted package names. An applications with a matching package name in the whitelist is considered an exception to the configured blacklist, which allow notifications to be shown.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> list = appPolicy.getPackagesFromNotificationWhiteList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> list = appPolicy.getPackagesFromNotificationWhiteList();
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromPreventStartBlackList ()

Since: API level 11

API to get packages from prevent start blacklist.

Returns
  • List of packages whose activities can not be started neither by user nor by administrators who have not added that package to the black list.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of packages that are in the prevent start blacklist. User will not be able to launch activities which pertain to the package(s) on this list.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromPreventStartBlackList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> pkgList = appPolicy.getPackagesFromPreventStartBlackList();
     Iterator it = pkgList.iterator();
     while (it.hasNext()) {
         String pkg = (String) it.next();
         System.out.println("Package: " + pkg);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public List<String> getPackagesFromWhiteList (int type)

Since: API level 24

API to get list of application packages for a given type of whitelist.

Returns
  • List of application package names if successful, else null.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get list of application packages for a given type of whitelist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

NOTE: TYPE_EXTERNAL_STORAGE_ACCESS is not available since API level 33.

TYPE_APPROVED_APP_INSTALLER
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     List result = appPolicy.getPackagesFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List result = appPolicy.getPackagesFromWhiteList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_CALL_RECORDING
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List result = appPolicy.getPackagesFromWhiteList(ApplicationPolicy.TYPE_CALL_RECORDING);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
TYPE_APPROVED_APP_INSTALLER
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List result = appPolicy.getPackagesFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List result = appPolicy.getPackagesFromWhiteList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 24
KNOX 3.0

public List<String> getPackagesFromWidgetBlackList ()

Since: API level 5

API to get a list of blacklisted widget packages in widget blacklist.

Returns
  • List of the widget packages that are blacklisted. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of package names in the widget blacklist. A user cannot use a widgets with a matching package name. The whitelist is the exception to the blacklist. If the widget package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> blackList = appPolicy.getPackagesFromWidgetBlackList();
     Iterator it = blackList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> blackList = appPolicy.getPackagesFromWidgetBlackList();
     Iterator it = blackList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getPackagesFromWidgetWhiteList ()

Since: API level 5

API to get the list of whitelisted widget packages in the widget whitelist.

Returns
  • List of the whitelisted widget packages. The list contains packages added by all administrators without distinction.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to get the list of package names in the widget whitelist. The user can use widgets with matching package names. The whitelist is the exception to the blacklist. If the widget package name matches the pattern in both the blacklist and whitelist, the whitelist takes priority.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> allowedList = appPolicy.getPackagesFromWidgetWhiteList();
     Iterator it = allowedList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> allowedList = appPolicy.getPackagesFromWidgetWhiteList();
     Iterator it = allowedList.iterator();
     while (it.hasNext()) {
         String value = (String) it.next();
         System.out.println("Value: " + value);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public List<String> getRuntimePermissions (String packageName, int permState)

Since: API level 19

Deprecated in API level 30

API to get list of runtime permissions with the given permission grant state for a given package

Parameters
packageName The package name of the application
permState Runtime permission grant state
PERMISSION_POLICY_STATE_DEFAULT
PERMISSION_POLICY_STATE_GRANT
PERMISSION_POLICY_STATE_DENY
Returns
  • List of permissions if succesful, else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to get list of runtime permissions that were granted or denied or default for a given package.

Note: Caller application of this API must be built with a targetSdkVersion of M or later.

 List<String> runtimePermissions = new ArrayList<String>();
 runtimePermissions.add("android.permission.ACCESS_COARSE_LOCATION");
 runtimePermissions.add("android.permission.CALL_PHONE");

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> runtimePermissions = appPolicy.getRuntimePermissions("com.sta.test", PERMISSION_POLICY_STATE_GRANT);
     Log.w(TAG, "Granted runtime permissions list is " + runtimePermissions);

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 List<String> runtimePermissions = new ArrayList<String>();
 runtimePermissions.add("android.permission.ACCESS_COARSE_LOCATION");
 runtimePermissions.add("android.permission.CALL_PHONE");

 AppIdentity appIdentity = new AppIdentity("com.sta.test");
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> runtimePermissions = appPolicy.getRuntimePermissions("com.sta.test", PERMISSION_POLICY_STATE_GRANT);
     Log.w(TAG, "Granted runtime permissions list is " + runtimePermissions);

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 19
MDM 5.6
Multiuser Environment
User Scope

public List<UsbDeviceConfig> getUsbDevicesForDefaultAccess (String packageName)

Since: API level 12

API to retrieve the list of usb devices which are granted user permission for a particular package.

Parameters
packageName The package name of the application.
Returns
  • List of UsbDevice objects that are user permitted for a package
Throws
SecurityException If caller does not have required permissions
Usage
Used to get list of permitted usb devices for a particular package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
    List devices  = appPolicy.getUsbDevicesForDefaultAccess(packageName);
  }catch(SecurityException e) {
      Log.w(TAG,"SecurityException: "+e);
   }

 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List devices = appPolicy.getUsbDevicesForDefaultAccess(packageName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 12
MDM 5.1
Multiuser Environment
User Scope

public boolean installApplication (String packageName)

Since: API level 12

Deprecated in API level 36

API to install an application package.

Parameters
packageName Package name of the application to be updated/installed on the device
Returns
  • true if application package installation is a success, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to silently install any existing application without user interaction. This can be used to install an existing application in a different user space.
 //sample test package name
 String testpackageName = "com.sample.packagename";
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.installApplication(testpackageName);
     if (true == result) {
         Log.d(TAG, "Installing an application package has been successful!");
     } else {
         Log.w(TAG, "Installing an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 //sample test package name
 String testpackageName = "com.sample.packagename";
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.installApplication(testpackageName);
     if (true == result) {
         Log.d(TAG, "Installing an application package has been successful!");
     } else {
         Log.w(TAG, "Installing an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 12
MDM 5.1
Multiuser Environment
User Scope

public boolean installApplication (String apkFilePath, boolean installOnSDCard)

Since: API level 1

Deprecated in API level 36

API to install an application package.

Parameters
apkFilePath Path of the APK file on the file system (e.g., /data/example.apk)
installOnSDCard Flag to indicate where the application package should be installed. If true, installed on SD card, else on internal phone storage.
Returns
  • true if application package installation is a success, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to silently install any managed application without user interaction. The location where the application package is to be installed (SD card/device memory) can be specified.

NOTE:

Android version 4.0 and above does not support installing applications on SD card.

 //sample test application package  path
 String testAppInternalMemoryPath = "/data/system/HelloTest.apk";
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.installApplication(testAppInternalMemoryPath,
                      true);
     if (true == result) {
         Log.d(TAG, "Installing an application package has been successful!");
     } else {
         Log.w(TAG, "Installing an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 //sample test application package  path
 String testAppInternalMemoryPath = "/data/system/HelloTest.apk";
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.installApplication(testAppInternalMemoryPath, true);
     if (true == result) {
         Log.d(TAG, "Installing an application package has been successful!");
     } else {
         Log.w(TAG, "Installing an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean isApplicationInstalled (String pkgName)

Since: API level 1

API to check if an application package is installed.

Returns
  • true if application package is installed on the device successfully, else false if application package is not installed on the device.
Usage
This API checks whether a particular application package is currently installed on the device. This operation does not indicate whether the application package is currently enabled, disabled, or running.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean isApplicationRunning (String pkgName)

Since: API level 1

API to check if an application package is currently running.

Returns
  • true if application package is running, false if application package is not running.
Usage
This API checks whether a particular application package process is currently running on the device.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean isNewAdminActivationEnabled (boolean showMsg)

Since: API level 11

Deprecated in API level 37

API to check whether new administrator activation is enabled.

Parameters
showMsg Flag to show a warning toast when new administrator activation is disabled
Returns
  • true if administrator activation is enabled, false if administrator activation is disabled
Usage
An administrator can use this API to check if a new administrator can be activated or not.
Since
API level 11
KNOX 2.0
Multiuser Environment
User Scope

public boolean isNewAdminInstallationEnabled (boolean showMsg)

Since: API level 11

API to check whether new administrator installation is enabled.

Parameters
showMsg Flag to show a warning toast when new administrator installation is disabled
Returns
  • true if administrator installation is enabled, false if administrator installation is disabled
Usage
An administrator can use this API to check if a new administrator can be installed or not.
Since
API level 11
KNOX 2.0
Multiuser Environment
User Scope

public boolean preventNewAdminActivation (boolean prevent)

Since: API level 11

Deprecated in API level 37

API to prevent activation of another administrator application.

Parameters
prevent true to prevent administrator activation, false to allow administrator activation.
Returns
  • true if operation is successful, else false.
Throws
SecurityException If caller does not have required permissions.
Usage
An administrator can prevent activation of another administrator application unless the application is part of the whitelisted applications. This policy can only be applied if there are no other administrators activated (with the exception of the administrators added by addNewAdminActivationAppWhiteList(List)).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     boolean prevent = true;
     if (appPolicy.preventNewAdminActivation(prevent)) {
         Log.w(TAG, " Prevent new administrator activation allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     boolean prevent = true;
     if (appPolicy.preventNewAdminActivation(prevent)) {
         Log.w(TAG, " Prevent new administrator activation allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission with a protection level of signature.
Since
API level 11
KNOX 2.0
Multiuser Environment
User Scope

public boolean preventNewAdminInstallation (boolean prevent)

Since: API level 11

API to prevent installation of another administrator application.

Parameters
prevent true to prevent administrator installation, false to allow administrator installation.
Returns
  • true if operation is successful, else false.
Throws
SecurityException If caller does not have required permissions.
Usage
An administrator can prevent installation of another administrator application from all sources unless the application installation is done by the administrator enforcing this policy. This policy can only be applied if there are no other administrators activated (with the exception of the administrators added by addNewAdminActivationAppWhiteList(List)).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     boolean prevent = true;
     if (appPolicy.preventNewAdminInstallation(prevent)) {
         Log.w(TAG, " Prevent new administrator installation allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean prevent = true;
     if (appPolicy.preventNewAdminInstallation(prevent)) {
         Log.w(TAG, " Prevent new administrator installation allowed");
     } else {
         Log.w(TAG, "Failed to set the policy.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "Exception" + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission with a protection level of signature.
Since
API level 11
KNOX 2.0
Multiuser Environment
User Scope

public boolean removeAppPackageNameFromBlackList (String packageName)

Since: API level 3

API to remove application package name from application package name blacklist.

Parameters
packageName The application package name to be removed from the blacklist
Returns
  • true if the application package name was successfully removed from blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove an application package name from the blacklist. An application with a matching application package name can then be installed.

  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  ApplicationPolicy appPolicy = edm.getApplicationPolicy();
  try {
      boolean result = appPolicy.removeAppPackageNameFromBlackList(
                                  "com.test.app");
      if( true == result){
         Log.d(TAG," removing application package name from blacklist is successful!");
      }else{
         Log.w(TAG,"removing application package name from blacklist failed.");
      }
  }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
  }
 
For Container:
  // When you create container successfully, containerID will be returned via intent.
  // Use this containerID in below API.
  EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
  KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
  ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

  try {
      boolean result = appPolicy.removeAppPackageNameFromBlackList(
                                 "com.test.app");
      if( true == result){
          Log.d(TAG," removing application package name from blacklist is successful!");
      }else{
          Log.w(TAG,"removing application package name from blacklist failed.");
      }
  }catch(SecurityException e) {
         Log.w(TAG,"SecurityException: "+e);
  }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public boolean removeAppPackageNameFromWhiteList (String packageName)

Since: API level 3

API to remove application package name from application package name whitelist.

Parameters
packageName The application package name to be removed from the whitelist.
Returns
  • true if the application package name is successfully removed from the whitelist, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove an application package name from the whitelist.

  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  ApplicationPolicy appPolicy = edm.getApplicationPolicy();
  try {
      boolean result = appPolicy.removeAppPackageNameFromWhiteList
                       ("com.test.app");

      if( true == result){
          Log.d(TAG," remove application package name from application"
              "+package name whitelist has been successful!");
      }else{
          Log.w(TAG,"remove application package name from application"
              "+package name whitelist has failed.");
      }
  }catch(SecurityException e) {
      Log.w(TAG,"SecurityException: "+ e);
  }
 
For Container:
  // When you create container successfully, containerID will be returned via intent.
  // Use this containerID in below API.
  EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
  KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
  ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

  try {
      boolean result = appPolicy.removeAppPackageNameFromWhiteList
                       ("com.test.app");

      if( true == result){
          Log.d(TAG," remove application package name from application"
              "+package name whitelist has been successful!");
      }else{
          Log.w(TAG,"remove application package name from application"
              "+package name whitelist has failed.");
      }
  }catch(SecurityException e) {
      Log.w(TAG,"SecurityException: "+ e);
  }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 3
MDM 2.1
Multiuser Environment
User Scope

public boolean removeAppPermissionFromBlackList (String appPermission)

Since: API level 2

API to remove a permission from the application permission blacklist.

Parameters
appPermission Application permission needs to be removed from blacklist.
Returns
  • >true if the permission is successfully removed from blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to remove an application permission from the blacklist. Applications with matching permissions (permissions requested in 'uses-permission' tag of Android manifest) can be installed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 //permission to be removed from blacklist.
 String permission = "android.permission.GET_ACCOUNTS";
 try {
     boolean result = appPolicy.removeAppPermissionFromBlackList(permission);
     if (true == result) {
         //permission removed from blacklist
     } else {
         //permission is still blacklisted
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 //permission to be removed from blacklist.
 String permission = "android.permission.GET_ACCOUNTS";
 try {
     boolean result = appPolicy.removeAppPermissionFromBlackList(permission);
     if (true == result) {
         //permission removed from blacklist
     } else {
         //permission is still blacklisted
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean removeAppSignatureFromBlackList (String appSignature)

Since: API level 2

API to remove signature from application signature blacklist.

Parameters
appSignature The application signature to be removed from blacklist.
Returns
  • true if the signature is successfully removed from blacklist, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to remove an application signature from the signature blacklist. Applications with a matching signature can be installed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 //try to get signature of the apk to be installed
 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.removeAppSignatureFromBlackList(signature);
     if (true == result) {
         //signature removed from blacklist
     } else {
         //signature is still blacklisted
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 //try to get signature of the apk to be installed
 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.removeAppSignatureFromBlackList(signature);
     if (true == result) {
         //signature removed from blacklist
     } else {
         //signature is still blacklisted
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean removeAppSignatureFromWhiteList (String appSignature)

Since: API level 6

API to remove signature from application signature whitelist.

Parameters
appSignature The application signature to be removed from whitelist.
Returns
  • true if the signature is successfully removed from whitelist, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to remove an application signature from the whitelist. If the signature was added to the blacklist using addAppSignatureToBlackList(String), the user cannot install any application that has a matching signature.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.removeAppSignatureFromWhiteList(signature);
     if (true == result) {
         // signature removal from whitelist succeeded.
     } else {
         // signature removal from whitelist failed.
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String signature = "3082024d308201b6a00302010202044dc96abf30...";
 try {
     boolean result = appPolicy.removeAppSignatureFromWhiteList(signature);
     if (true == result) {
         // signature removal from whitelist succeeded.
     } else {
         // signature removal from whitelist failed.
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 6
MDM 4.0
Multiuser Environment
User Scope

public boolean removeDefaultApplication (Intent intent, ComponentName componentName)

Since: API level 15

Deprecated in API level 32
NOTE: This API is not available since Android 10.

API to disassociate a default application from executing some kind of task.

Parameters
intent Intent that is normally sent to execute the desired task (e.g. send SMS/MMS, open URL).
componentName ComponentName containing the package name and activity name that handles the given task type.
Returns
  • true if the given task type was successfully disassociated from the ComponentName, false otherwise.
Throws
SecurityException If caller does not have required permissions or caller is in a guest user trying to remove a task that can be performed only on owner space (e.g. SMS_MMS_TASK or OPEN_DIALER_TASK).
Usage

An administrator can use this API to disassociate a default application from executing some type of task. Only applications previously set by the calling administrator will be disassociated from its task.

If the administrator passes null for Intent (task type) parameter, then the given ComponentName will no longer perfom any task type previously set as default by the calling administrator. In the same way, passing null for ComponentName parameter, the given Intent (task type) will not be associated to any application previously set as default by the calling administrator. Finally, if null is passed for both parameters, all associations previously made by this administrator will be removed.

If the administrator disassociates some default application from executing one of the four types of SMS/MMS Schemes , then all other three Intent task types will be automatically removed from MDM database.

If the administrator disassociates some default application from executing one of http and https Schemes , then both of Intent task types will be automatically removed from MDM database.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 Intent taskType = ApplicationPolicy.SMS_MMS_TASK;
 ComponentName componentName = new ComponentName("com.android.mms", "com.android.mms.ui.ConversationComposer");
 try {
     boolean retValue = appPolicy.removeDefaultApplication(taskType, componentName);
     if (retValue) {
         // Task type has been successfully disassociated from the given ComponentName
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 Intent taskType = ApplicationPolicy.SMS_MMS_TASK;
 ComponentName componentName = new ComponentName("com.android.mms", "com.android.mms.ui.ConversationComposer");
 try {
     boolean retValue = appPolicy.removeDefaultApplication(taskType, componentName);
     if (retValue) {
         // Task type has been successfully disassociated from the given ComponentName
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
NOTE: This API will throw a SecurityException if caller is in container trying to remove a task that can be performed only on owner space (e.g. SMS_MMS_TASK or OPEN_DIALER_TASK).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public int removePackageFromBatteryOptimizationWhiteList (AppIdentity appIdentity)

Since: API level 20

API to remove a package from the Battery Optimization whitelist.

Parameters
appIdentity An AppIdentity of the application.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a package from Battery Optimization whitelist.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 AppIdentity appIdentity = new AppIdentity("com.abc.xyz", "appSignature");
 try {
     boolean result = appPolicy.removePackageFromBatteryOptimizationWhiteList(appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.

 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 AppIdentity appIdentity = new AppIdentity("com.abc.xyz", "appSignature");
 try {
     boolean result = appPolicy.removePackageFromBatteryOptimizationWhiteList(appIdentity);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 

Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 20
MDM 5.7
Multiuser Environment
User Scope

public int removePackageFromBlackList (int type, String pkgName)

Since: API level 24

API to remove a package from a given type of blacklist.

Parameters
type Type of blacklist.
TYPE_APPROVED_APP_INSTALLER
TYPE_EXTERNAL_STORAGE_ACCESS
pkgName Package name of the application.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a package from a given type of blacklist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. Also, "*" and ".*" both means the same for this API i.e. all the packages, "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageYouWantedBlocked is standard java.lang.String object.

NOTE: TYPE_EXTERNAL_STORAGE_ACCESS is not available since API level 33.

TYPE_APPROVED_APP_INSTALLER
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromBlackList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, pkgName);

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
TYPE_APPROVED_APP_INSTALLER
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromBlackList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromBlackList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 24
KNOX 3.0

public int removePackageFromWhiteList (int type, String pkgName)

Since: API level 24

API to remove a package from a given type of whitelist.

Parameters
type Type of whitelist.
TYPE_APPROVED_APP_INSTALLER
TYPE_EXTERNAL_STORAGE_ACCESS
TYPE_CALL_RECORDING
pkgName Package name of the application.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove package from a given type of whitelist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. "*" and ".*" mean the same thing i.e. all the packages. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

NOTE: TYPE_EXTERNAL_STORAGE_ACCESS is not available since API level 33.

TYPE_APPROVED_APP_INSTALLER
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromWhiteList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_CALL_RECORDING
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromWhiteList(ApplicationPolicy.TYPE_CALL_RECORDING, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
TYPE_APPROVED_APP_INSTALLER
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromWhiteList(ApplicationPolicy.TYPE_APPROVED_APP_INSTALLER, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
TYPE_EXTERNAL_STORAGE_ACCESS
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 String pkgName = "com.android.settings";
 try {
     int result = appPolicy.removePackageFromWhiteList(ApplicationPolicy.TYPE_EXTERNAL_STORAGE_ACCESS, pkgName);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 24
KNOX 3.0

public boolean removePackagesFromClearCacheBlackList (List<String> packageList)

Since: API level 5

API to remove a list of packages from clear cache blacklist.

Parameters
packageList List of packages to be removed from the clear cache blacklist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the clear cache blacklist. After the packages are removed the user can clear cache the packages using clear cache in the Settings app, clear cache through third party applications, and clearing service cache from the package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearCacheBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearCacheBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromClearCacheWhiteList (List<String> packageList)

Since: API level 5

API to remove a list of packages from clear cache whitelist.

Parameters
packageList The list of packages to be removed from the clear cache whitelist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the clear cache whitelist. For any package name added to the blacklist using addPackagesToClearCacheBlackList(List), the user cannot clear cache it using the clear cache option in Settings app, clear cache it through third party applications, or clearing service cache from the package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearCacheWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearCacheWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromClearDataBlackList (List<String> packageList)

Since: API level 5

API to remove a list of packages from clear data blacklist.

Parameters
packageList List of packages to be removed from the clear data blacklist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the clear data blacklist. After the packages are removed the user can clear data the packages using clear data in the Settings app, clear data through third party applications, and clear service data from the package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearDataBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearDataBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromClearDataWhiteList (List<String> packageList)

Since: API level 5

API to remove a list of packages from clear data whitelist.

Parameters
packageList The list of packages to be removed from the clear data whitelist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the clear data whitelist. For any package name added to the blacklist using addPackagesToClearDataBlackList(List), the user cannot clear data it using the clear data option in Settings app, clear data through third party applications, or clearing service data from the package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearDataWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromClearDataWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromDisableClipboardBlackList (List<String> packageList)

Since: API level 11

Deprecated in api level 35

API to remove a list of packages from disable clipboard blacklist.

Parameters
packageList List of packages to be removed from the disable clipboard blacklist.
Returns
  • true if package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the disable clipboard blacklist. Only the packages previously added by the calling administrator will be removed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     list.add("com.android.chrome");
     list.add("com.samsung.android.snote");
     boolean status = appPolicy.removePackagesFromDisableClipboardBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     list.add("com.android.chrome");
     list.add("com.samsung.android.snote");
     boolean status = appPolicy.removePackagesFromDisableClipboardBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean removePackagesFromDisableClipboardWhiteList (List<String> packageList)

Since: API level 11

API to remove a list of packages from disable clipboard white list.

Parameters
packageList List of packages to be removed from the disable clipboard white list.
Returns
  • true if package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the disable clipboard white list. Only the packages previously added by the calling administrator will be removed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     list.add("com.android.chrome");
     list.add("com.samsung.android.snote");
     boolean status = appPolicy.removePackagesFromDisableClipboardWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     list.add("com.android.chrome");
     list.add("com.samsung.android.snote");
     boolean status = appPolicy.removePackagesFromDisableClipboardWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean removePackagesFromDisableUpdateBlackList (List<String> packageList)

Since: API level 11

API to remove a list of packages from disable update blacklist.

Parameters
packageList List of packages to be removed from the disable update blacklist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the disable update blacklist. After the packages are removed from the list, they can be updated, downgraded or replaced.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromDisableUpdateBlackList(packageList);
     if (true == status) {
         // applications are successfully removed from the blacklist
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean removePackagesFromDisableUpdateWhiteList (List<String> packageList)

Since: API level 11

API to remove a list of packages from disable update whitelist.

Parameters
packageList The list of packages to be removed from the disable update whitelist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the disable update whitelist. If any package removed from the whitelist was already added to the blacklist using addPackagesToDisableUpdateBlackList(List), it will not be able to be updated.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromDisableUpdateWhiteList(packageList);
     if (true == status) {
         // applications are successfully removed from the whitelist
     } else {
         // previous behaviour for device still prevails
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
Global Scope

public boolean removePackagesFromFocusMonitoringList (List<String> packageList)

Since: API level 15

API to remove a list of packages from focus monitoring list.

Parameters
packageList List of packages to be removed from focus monitoring list.
Returns
  • true if package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from focus monitoring list.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromFocusMonitoringList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromFocusMonitoringList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signatureOrSystem.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public boolean removePackagesFromForceStopBlackList (List<String> packageList)

Since: API level 5

API to remove a list of packages from force stop blacklist.

Parameters
packageList List of packages to be removed from the force stop blacklist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the force stop blacklist. After the packages are removed the user can stop the packages using force stop in the Settings app, stop through third party applications, and stop any service from the package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromForceStopBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromForceStopBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromForceStopWhiteList (List<String> packageList)

Since: API level 5

API to remove a list of packages from force stop whitelist.

Parameters
packageList The list of packages to be removed from the force stop whitelist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the force stop whitelist. For any package name added to the blacklist using addPackagesToForceStopBlackList(List), the user cannot stop it using the force stop option in Settings app, stop it through third party applications, or stop any service from the package.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromForceStopWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromForceStopWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromNotificationBlackList (List<String> packageList)

Since: API level 5

API to remove a list of package names from the notification blacklist.

Parameters
packageList Application package name blacklist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can this API to remove a list of packages from the status bar notification blacklist. After the list is removed, an application with a matching package name can show status bar notifications.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromNotificationBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromNotificationBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromNotificationWhiteList (List<String> packageList)

Since: API level 5

API to remove a list of package names from the notification whitelist.

Parameters
packageList Application package name whitelist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions.
Usage

An administrator can use this API to remove package names from notification whitelist.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromNotificationWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromNotificationWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromPreventStartBlackList (List<String> packageList)

Since: API level 11

API to remove a list of packages from prevent start blacklist.

Parameters
packageList List of packages to be removed from the prevent start blacklist.
Returns
  • true if package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the prevent start blacklist. Only the packages previously added by the calling administrator will be removed.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.settings");
     packageList.add("com.rovio.angrybirdsrio");
     boolean status = appPolicy.removePackagesFromPreventStartBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.settings");
     packageList.add("com.rovio.angrybirdsrio");
     boolean status = appPolicy.removePackagesFromPreventStartBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public boolean removePackagesFromWidgetBlackList (List<String> packageList)

Since: API level 5

API to remove a list of widget packages from the widget blacklist.

Parameters
packageList The list of package names to be removed from the widget blacklist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the widget blacklist. After the packages are removed, the user can use a widget with a matching package name.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromWidgetBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromWidgetBlackList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public boolean removePackagesFromWidgetWhiteList (List<String> packageList)

Since: API level 5

API to remove a list of widget packages from the widget whitelist.

Parameters
packageList The list of package names to be removed from the widget whitelist.
Returns
  • true if the package list was successfully removed, else false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to remove a list of packages from the widget whitelist. For any package name added to the blacklist using addPackagesToWidgetBlackList(List), the user cannot use the corresponding widget with a matching package name.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromWidgetWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> packageList = new ArrayList<String>();
     packageList.add("com.android.calendar");
     packageList.add("com.android.camera");
     boolean status = appPolicy.removePackagesFromWidgetWhiteList(packageList);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public int setAfWProxy (boolean enable, AppIdentity proxy, Bundle data)

Since: API level 19

Deprecated in API level 33

API to enable or disable an application to proxy as a Profile Owner.

Parameters
enable A boolean indicating whether the proxy is to be enabled or disabled for the purpose defined by the PROXY_FLAGS entry in the data Bundle.
proxy An AppIdentity of the application identifying the proxy. The signature in the AppIdentity is mandatory. For owner (User 0) this param is optional, in this case package name and signature of the administrator application is used.
data Bundle to pass extra configuration information in. Currently the only extra information passed is the PROXY_FLAGS value.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to set an application that will be used as a proxy for a Profile Owner for certain Android for Work (AfW) behavior.

NOTE: This API is impacted by changes made to the Workspace container in Knox 3.0. For more information, please see New container architecture overview.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();

 AppIdentity proxyAdminIdentity = new AppIdentity("com.abc.xyz", signatureBytes);
 Bundle dataBundle = new Bundle();
 dataBundle.putInt(PROXY_FLAGS, FLAG_ALLOW_PROXY_FOR_PFW);
 try {
     int result = appPolicy.setAfWProxy(true, proxyAdminIdentity, dataBundle);
     if (ApplicationPolicy.ERROR_NONE == result) {
         Log.d(TAG, "Proxy was successfully set.");
     } else {
         Log.w(TAG, "Proxy setting failed due to error: " + result);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
NOTE: This API is not supported for Android guest users.
For Container:
Note:
A Knox container does not have a Profile Owner in the same sense as a Managed Profile does, so in order to allow the container to participate in certain behaviors (as if it is a Managed Profile), the administrator can designate a proxy. The proxy will be granted limited responsibilities in this case.

 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 AppIdentity proxyAdminIdentity = new AppIdentity("com.abc.xyz", signatureBytes);
 Bundle dataBundle = new Bundle();
 dataBundle.putInt(PROXY_FLAGS, FLAG_ALLOW_PROXY_FOR_PFW);
 try {
     int result = appPolicy.setAfWProxy(true, proxyAdminIdentity, dataBundle);
     if (ApplicationPolicy.ERROR_NONE == result) {
         Log.d(TAG, "Proxy was successfully set.");
     } else {
         Log.w(TAG, "Proxy setting failed due to error: " + result);
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 19
MDM 5.6
Multiuser Environment
User Scope

public boolean setApplicationComponentState (ComponentName compName, boolean enable)

Since: API level 11

Deprecated in API level 37

API to set the application component (activity, receiver, service, provider) to the enabled or disabled state.

Parameters
compName Name of component that has to to be enabled/disabled
enable false will disable component, true will enable the component
Returns
  • true if success, false otherwise.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to enable or disbale a component of a specific package. If the state is false the component of that package is disabled else it is enabled

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 ComponentName compName = new ComponentName("com.android.calendar", "com.android.calendar.AllInOneActivity");
 boolean enable = false;
 try {
     boolean success = appPolicy.setApplicationComponentState(compName, enable);
 } catch (SecurityException e) {
     Log.w(TAG, "Failed talking with application policy", e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 ComponentName compName = new ComponentName("com.android.calendar", "com.android.calendar.AllInOneActivity");
 boolean enable = false;
 try {
     boolean success = appPolicy.setApplicationComponentState(compName, enable);
 } catch (SecurityException e) {
     Log.w(TAG, "Failed talking with application policy", e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 11
MDM 5.0
Multiuser Environment
User Scope

public void setApplicationInstallationDisabled (String packageName)

Since: API level 1

API to disable the installation of an application package by adding the package name to a blacklist.

Parameters
packageName The package name of the application whose installation is to be disabled (e.g., com.abc.xyz) Note: Since MDM 5.7, passing 'packageName' as null will reset all previous package's state for this policy set by Administrator.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to silently disable the installation of an application package without user interaction. This API is useful in disabling the installation of malware or unauthorized application packages forbidden by enterprises. The user cannot install the blacklisted application packages through Google Play, side-loading, or any other way. All application packages appear by default in the whitelist; this API creates a blacklist.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

Installing via ADB installs package to all users by default in multi user enabled devices. So if administrator has disabled the package installation for any user then for all users installations will be blocked via ADB.

Note: This API will add a packageName to the application packageName blacklist, calling this API is the same as calling addAppPackageNameToBlackList(String).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     appPolicy.setApplicationInstallationDisabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     appPolicy.setApplicationInstallationDisabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public void setApplicationInstallationEnabled (String packageName)

Since: API level 1

API to enable the installation of an application package that was previously disabled.

Parameters
packageName The package name of the application whose installation is to be enabled (e.g., com.abc.xyz) Note: Since MDM 5.7, passing 'packageName' as null will reset all previous package's state for this policy set by Administrator.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to silently enable the installation of an application package that was previously disabled using setApplicationInstallationDisabled(String). In a multiple administrator environment, disabling installation of an application package takes precedence over enabling installation. For example, if Admin1 disables installation of an application package (com.test.one) and Admin2 enables installation of the same application package, the final result is that installation of com.test.one is disabled. All administrators must enable installation of the application package for it to be installed.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

Note: This API will add a packageName to the application packageName whitelist, calling this API is the same as calling addAppPackageNameToWhiteList(String).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     appPolicy.setApplicationInstallationEnabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 try {
     appPolicy.setApplicationInstallationEnabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean setApplicationInstallationMode (int installationMode)

Since: API level 2

API to set the default mode for application installation.

Parameters
installationMode mode to be set, one of APPLICATION_INSTALLATION_MODE_ALLOW or APPLICATION_INSTALLATION_MODE_DISALLOW
Returns
  • true if installation mode is set, else false.
Throws
SecurityException If caller does not have required permissions
Usage

If the mode is set to APPLICATION_INSTALLATION_MODE_DISALLOW, no application can be installed on the device unless otherwise specified.

If the mode set to APPLICATION_INSTALLATION_MODE_ALLOW, all applications can be installed unless otherwise specified. In ALLOW MODE, an administrator can disable the installation of individual applications using setApplicationInstallationDisabled(String).

Note: On APPLICATION_INSTALLATION_MODE_DISALLOW mode this API will add a packageName on application packageName blacklist, this is the same as calling addAppPackageNameToBlackList(String). On APPLICATION_INSTALLATION_MODE_ALLOW mode this API will remove a packageName from application packageName blacklist, this is the same as calling removeAppPackageNameFromBlackList(String).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy
             .setApplicationInstallationMode(ApplicationPolicy.
                           APPLICATION_INSTALLATION_MODE_ALLOW);
     if (true == result) {
         //application packages can be installed on device
     } else {
         //application packages cannot be installed on device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy
             .setApplicationInstallationMode(ApplicationPolicy.
                           APPLICATION_INSTALLATION_MODE_ALLOW);
     if (true == result) {
         //application packages can be installed on device
     } else {
         //application packages cannot be installed on device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean setApplicationNotificationMode (int mode)

Since: API level 5

API to set notification mode to be used in blocking the notifications of status bar expansion.

Parameters
mode Mode used to block notifications of status bar expansion.
Returns
  • true if the operation is successful, else false.
Throws
SecurityException If caller does not have required permissions.
Usage
An administrator can use this API to choose the block mode used for notifications of status bar expansion:

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean status  = appPolicy.setApplicationNotificationMode(
                                   ApplicationPolicy.NOTIFICATION_MODE_BLOCK_TEXT_AND_SOUND);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean status  = appPolicy.setApplicationNotificationMode(
                                   ApplicationPolicy.NOTIFICATION_MODE_BLOCK_TEXT_AND_SOUND);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 5
MDM 3.0
Multiuser Environment
User Scope

public void setApplicationRestrictions (ComponentName admin, String packageName, Bundle settings)

Since: API level 20

Deprecated in API level 35

API to set the application restrictions for a target application.

Parameters
admin The component name of administrator this request is associated with (must not be null).
packageName The name of the package where the restrictions will be applied.
settings Bundle containing the restrictions, to be parsed by the target application. Passing null will reset application restrictions if already set.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to set the application restrictions for a target application.

It is a wrapper for DevicePolicyManager::setApplicationRestrictions() API, but an administrator does not need to be a device or profile owner to call it. This API does not have multiple administrator's support and the restrictions set by the administrator that calls it at last will prevail.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 ComponentName deviceAdmin = new ComponentName(getApplicationContext(), MDMAdmin.class);
 Bundle restrictions = new Bundle();
 restrictions.putString("EditBookmarksEnabled", false);
 restrictions.putString("IncognitoModeAvailability", "1");
 restrictions.putString("AutoFillEnabled", true);
 String packageName = "com.android.chrome";
 try {
     appPolicy.setApplicationRestrictions(deviceAdmin, packageName, restrictions);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
NOTE: Before uninstalling/disabling administrator, please make sure you clean up/reset application restrictions. They will not be reverted back when administrator is uninstalled/disabled.
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 ComponentName deviceAdmin = new ComponentName(getApplicationContext(), MDMAdmin.class);
 Bundle restrictions = new Bundle();
 restrictions.putString("EditBookmarksEnabled", false);
 restrictions.putString("IncognitoModeAvailability", "1");
 restrictions.putString("AutoFillEnabled", true);
 String packageName = "com.android.chrome";
 try {
     appPolicy.setApplicationRestrictions(deviceAdmin, packageName, restrictions);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 20
MDM 5.7
Multiuser Environment
User Scope

public String[] setApplicationStateList (String[] pkgList, boolean state)

Since: API level 2

API to set the list of application package names to the enabled or disabled state.

Parameters
pkgList List of application packages to be enabled or disabled
state Specifies whether the applications are to be enabled or disabled. If the state value is false, all applications are disabled, else if the state value is true all applications are enabled.
Returns
  • String array of successfully enabled or disabled applications, null on failure.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to obtain an array of application package names and set the state of all names to the specified state value. If the value is set to false, all application names are disabled, else enabled.

This task is a long-running operation and should be called from a worker thread rather than the main UI thread, which ensures the best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.

NOTE: Due to Android N (7.0) changes, do not use this API to disable Settings application package because it will cause booting conflict.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     String[] pkgList = appPolicy.setApplicationStateList(new String[] {
             "com.test.app", "com.android.test" }, false);
     if (null = pkgList) {
         //none of the package is disabled
     } else {
         //list of packages that is disabled
         for (String lpkgName : pkgList) {
             //packages disabled
         }
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     String[] pkgList = appPolicy.setApplicationStateList(new String[] {
             "com.test.app", "com.android.test" }, false);
     if (null = pkgList) {
         //none of the package is disabled
     } else {
         //list of packages that is disabled
         for (String lpkgName : pkgList) {
             //packages disabled
         }
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public void setApplicationUninstallationDisabled (String packageName)

Since: API level 1

Deprecated in API level 36

API to disable uninstallation of an application package.

Parameters
packageName The package name of the application whose uninstallation is to be disabled (e.g., com.abc.xyz) Note: Since MDM 5.7, passing 'packageName' as null will reset all previous package's state for this policy set by Administrator.
Throws
SecurityException If caller does not have required permissions
Usage

By default the user can uninstall all application packages. An administrator can use this API to silently disable uninstallation of an application without user interaction. Administrators can use this API to disable uninstallation of essential managed applications, including the administration application package itself, that are required for proper functioning and management of the device. The user cannot uninstall applications for which the administrator has disabled uninstallation.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     appPolicy.setApplicationUninstallationDisabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     appPolicy.setApplicationUninstallationDisabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public void setApplicationUninstallationEnabled (String packageName)

Since: API level 1

Deprecated in API level 36

API to enable uninstallation of an application package if uninstallation was previously disabled

Parameters
packageName The package name of the application whose uninstallation is to be enabled (e.g., com.abc.xyz) Note: Since MDM 5.7, passing 'packageName' as null will reset all previous package's state for this policy set by Administrator.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to silently enable uninstallation of an application package if uninstallation was previously disabled using setApplicationUninstallationDisabled(String). The administrator must call this API before trying to uninstall an managed application package if uninstallation was previously disabled.

Wildcard characters like "com.xyz.*"can be used to specify multiple application package names. The wildcards "*" and "?" have the same meaning as these would have in a regular expression i.e. "*" means that the character preeceding it can be used any number of times. When ".*" is used this translates to using any character or characters. "?" means that the character before it will be used exactly zero or 1 time. All the app package names that match the regular expression set by the admin will be affected. Run a quick test using packageName.matches(patternSetByAdmin) to see if this package will be affected where packageName is standard java.lang.String object.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     appPolicy.setApplicationUninstallationEnabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     appPolicy.setApplicationUninstallationEnabled("com.test.app");
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean setApplicationUninstallationMode (int uninstallationMode)

Since: API level 4

API to set the default mode for application uninstallation.

Parameters
uninstallationMode mode to be set, one of APPLICATION_UNINSTALLATION_MODE_ALLOW or APPLICATION_UNINSTALLATION_MODE_DISALLOW
Returns
  • true if uninstallation mode is set else false.
Throws
SecurityException If caller does not have required permissions
Usage

If the mode is set to APPLICATION_UNINSTALLATION_MODE_DISALLOW, no application can be uninstalled from the device unless otherwise specified. In DISALLOW MODE, an administrator can enable the uninstallation of individual applications using setApplicationUninstallationEnabled(String).

If the mode is set to APPLICATION_UNINSTALLATION_MODE_ALLOW, all applications can be uninstalled from the device unless otherwise specified. In ALLOW MODE, an administrator can disable uninstallation of individual applications using setApplicationUninstallationDisabled(String).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy
             .setApplicationUninstallationMode(ApplicationPolicy.
                           APPLICATION_UNINSTALLATION_MODE_ALLOW);
     if (true == result) {
         //application packages can be uninstalled from device
     } else {
         //application packages cannot be uninstalled from device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy
             .setApplicationUninstallationMode(ApplicationPolicy.
                           APPLICATION_UNINSTALLATION_MODE_ALLOW);
     if (true == result) {
         //application packages can be uninstalled from device
     } else {
         //application packages cannot be uninstalled from device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 4
MDM 2.2
Multiuser Environment
User Scope

public boolean setConcentrationMode (List<String> packageSuspendExclusiveList, boolean enable)

Since: API level 35

API to enable or disable concentration mode Basically, all packages in launcher are suspended unless otherwise mentioned.

Parameters
packageSuspendExclusiveList packages not to be suspended
enable true to turn concentraion mode on, false to turn concentraion mode off
Returns
  • true if concentration mode is set successfully, otherwise false.
Throws
SecurityException If caller does not have required permissions
Usage

An administrator can use this API to enable or disable concentration mode.

Enable Concentration mode

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     ArrayList exclusiveApps = new ArrayList<>();
     String packageName1 = "your.package1.com";
     String packageName2 = "your.package2.com";
     exclusiveApps.add(packageName1);
     exclusiveApps.add(packageName2);
     boolean result = appPolicy.setConcentrationMode(exclusiveApps, true);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Disable Concentration mode
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> exclusiveApps = new ArrayList<String>();
     boolean result = appPolicy.setConcentrationMode(exclusiveApps, false);
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Since
API level 35
KNOX 3.8

public boolean setDefaultApplication (Intent intent, ComponentName componentName)

Since: API level 15

Deprecated in API level 32
NOTE: This API is not available since Android 10.

API to set an application to execute a given type of task as default.

Parameters
intent Intent that is normally sent to execute the desired task (e.g. send SMS/MMS, open URL).
componentName ComponentName containing the package name and activity name that should handle the given task type as default.
Returns
  • true if the task type has been successfully assigned to the given ComponentName, false otherwise.
Throws
SecurityException If caller does not have required permissions or caller is in a guest user trying to set a task that can be performed only on owner space (e.g. SMS_MMS_TASK, OPEN_DIALER_TASK, DEVICE_ASSISTANCE_ACTIVITY_TASK or DEVICE_ASSISTANCE_SERVICE_TASK).
Usage

An administrator can use this API to set an application to execute a given type of task, passed as parameter in its Intent format. The most commonly used types of task have been defined in constants: SMS_MMS_TASK, LAUNCHER_TASK, OPEN_URL_TASK, OPEN_PDF_TASK, OPEN_DIALER_TASK, PLAY_AUDIO_TASK, PLAY_VIDEO_TASK, DEVICE_ASSISTANCE_ACTIVITY_TASK, DEVICE_ASSISTANCE_SERVICE_TASK. If it is necessary to build your own type of task in an Intent format you might want to see this link. In case a task type has already been assigned to a ComponentName by other administrator, that task will not be re-associated with the new ComponentName.

Once an Intent is associated with a ComponentName, the Android framework will always try to use that ComponentName to handle such Intent. The administrator may check if a ComponentName can handle the given Intent by using this Android API. If an activity that cannot handle the Intent is passed to this API, the chooser dialog will be normally prompted when that Intent is thrown so that the user itself can choose the best activity to perform such task.

If the administrator sets SMS_MMS_TASK to some application, then all the four types of SMS/MMS Schemes will be automatically added into the MDM database.

If the administrator sets OPEN_URL_TASK to some application, then both http and https Schemes will be automatically added into the MDM database.

NOTE 1: This API will not block explicit Intents to perform some kind of task by an application that has not been set as default by the administrator. For example when the user sends an Intent to open an URL by expliciting passing the browser ComponentName that should handle such task.

NOTE 2: From MDM 5.6 on, this API supports DEVICE_ASSISTANCE_ACTIVITY_TASK and DEVICE_ASSISTANCE_SERVICE_TASK. Since they are both related to Device Assistance, they will overwrite each other in case that the administrator sets a Default Device Assistance application and there is already one defined as default by this MDM policy.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 Intent taskType = ApplicationPolicy.SMS_MMS_TASK;
 ComponentName componentName = new ComponentName("com.android.mms", "com.android.mms.ui.ConversationComposer");
 try {
     boolean retValue = appPolicy.setDefaultApplication(taskType, componentName);
     if (retValue) {
         // Task type has been successfully assigned to the given ComponentName
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();
 Intent taskType = ApplicationPolicy.SMS_MMS_TASK;
 ComponentName componentName = new ComponentName("com.android.mms", "com.android.mms.ui.ConversationComposer");
 try {
     boolean retValue = appPolicy.setDefaultApplication(taskType, componentName);
     if (retValue) {
         // Task type has been successfully assigned to the given ComponentName
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
NOTE: This API will throw a SecurityException if caller is in container trying to set a task that can be performed only on owner space (e.g. SMS_MMS_TASK or OPEN_DIALER_TASK).
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 15
MDM 5.4
Multiuser Environment
User Scope

public boolean setDisableApplication (String packageName)

Since: API level 1

Deprecated in API level 37

API to disable a application package without uninstallation.

Parameters
packageName The package name of the application to be disabled (e.g., com.abc.xyz)
Returns
  • true if application package disabling is successful, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to silently disable any application package without user interaction. The disabled application package is not uninstalled but the device user cannot use it. The API returns false if the application package is not currently installed on the device. The API does not affect the future application package state.
If the disabled application package is uninstalled and then re-installed, it is enabled again. To avoid this use case, the administrator can disable the application package and prevent re-installation using setApplicationInstallationDisabled(String). Due to Android N (7.0) changes, do not use this API to disable Settings application package because it will cause booting conflict. Alternatively use addPackagesToPreventStartBlackList(List) or allowSettingsChanges(boolean) Note: Disabling an application that is an administrator is not allowed.

  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  ApplicationPolicy appPolicy = edm.getApplicationPolicy();
  try {
      boolean result = appPolicy.setDisableApplication("com.test.app");
      if( true == result){
          Log.d(TAG,"Disabling an application package without
               uninstallation has been successful!");
      }else{
          Log.w(TAG,"Disabling an application package without
               uninstallation has failed.");
      }
  } catch(SecurityException e) {
            Log.w(TAG,"SecurityException: "+e);
  }
 
For Container:
  // When you create container successfully, containerID will be returned via intent.
  // Use this containerID in below API.
  EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
  KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
  ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

  try {
      boolean result = appPolicy.setDisableApplication("com.test.app");
      if( true == result){
          Log.d(TAG,"Disabling an application package without
               uninstallation has been successful!");
      }else{
          Log.w(TAG,"Disabling an application package without
               uninstallation has failed.");
      }
  } catch(SecurityException e) {
            Log.w(TAG,"SecurityException: "+e);
  }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean setEnableApplication (String packageName)

Since: API level 1

Deprecated in API level 37

API to enable a application package that was previously disabled.

Parameters
packageName The package name of the application to be enabled (e.g., com.abc.xyz)
Returns
  • true if application package enabled successfully, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to silently enable any application package that was previously disabled using setDisableApplication(String).

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.setEnableApplication("com.test.app");
     if (true == result) {
         Log.d(TAG, " Enabling an application package has been successful!");
     } else {
         Log.w(TAG, " Enabling an application package has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.setEnableApplication("com.test.app");
     if (true == result) {
         Log.d(TAG, " Enabling an application package has been successful!");
     } else {
         Log.w(TAG, " Enabling an application package has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean startApp (String pkgName, String className)

Since: API level 2

API to remotely start an application. The application process is started.

Parameters
className Class name of the activity to be started. If null, starts the main activity of the package.
Returns
  • true if the application is successfully started, else false.
Throws
SecurityException If caller does not have required permissions
Usage

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.startApp("com.android.test", null);
     if (true == result) {
         // application package is running on device
     } else {
         // application package is not running on device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.startApp("com.android.test", null);
     if (true == result) {
         // application package is running on device
     } else {
         // application package is not running on device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope
See Also

public boolean stopApp (String pkgName)

Since: API level 2

API to remotely stop an application. The application process is killed.

Returns
  • true if the application is successfully stopped, else false.
Throws
SecurityException If caller does not have required permissions.
Usage

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.stopApp("com.android.test");
     if (true == result) {
         // application package is no longer running on the device
     } else {
         // application package is still running on the device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.stopApp("com.android.test");
     if (true == result) {
         // application package is no longer running on the device
     } else {
         // application package is still running on the device
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 2
MDM 2.0
Multiuser Environment
User Scope

public boolean uninstallApplication (String packageName, boolean keepDataAndCache)

Since: API level 1

API to uninstall an application package.

Parameters
packageName The package name of the application to be uninstalled (e.g., com.abc.xyz)
keepDataAndCache Flag to indicate whether cache and data should be retained even after uninstallation. true to retain, false to remove.
Returns
  • true if application package uninstallation (removal) was successful, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to silently uninstall any nonsystem applications (that is, not part of system image) without user interaction. The administrator can specify whether the data and cache of the application package should be removed or retained.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.uninstallApplication("com.test.app", false);
     if (true == result) {
         Log.d(TAG, "Uninstallation of an application package has been successful!");
     } else {
         Log.w(TAG, "Uninstallation of an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.uninstallApplication("com.test.app", false);
     if (true == result) {
         Log.d(TAG, "Uninstallation of an application package has been successful!");
     } else {
         Log.w(TAG, "Uninstallation of an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public List<String> uninstallApplications (List<String> packageList)

Since: API level 1

API for bulk uninstallation of application packages.

Parameters
packageList List of application packages names that are to be uninstalled
Returns
  • List of application packages names if successful, else null.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to perform bulk silent uninstallation of a collection of nonsystem applications (that is, not part of the system image) from the device. The application package cache and data are also uninstalled. The uninstallation of application packages takes place in the background with no user interaction.

This task is a long running operation that should be called from a worker thread rather than the main UI thread to ensure best UI performance. You can use AsyncTask or Handler to communicate with the main UI thread.

 String[] uninstallPkgNames = { "com.test.one", "com.test.two",
         "com.test.three" };
 List<String> pkgsList = Arrays.asList(uninstallPkgNames);
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     List<String> uninstalledPkgs = appPolicy.uninstallApplications(pkgsList);
     if (uninstalledPkgs.isEmpty()) {
         Log.w(TAG, "Uninstalling of application packages has failed.");
     } else {
         Log.d(TAG, "Uninstalling of application packages has been successful!");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 String[] uninstallPkgNames = { "com.test.one", "com.test.two",
         "com.test.three" };
 List<String> pkgsList = Arrays.asList(uninstallPkgNames);
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     List<String> uninstalledPkgs = appPolicy.uninstallApplications(pkgsList);
     if (uninstalledPkgs.isEmpty()) {
         Log.w(TAG, "Uninstalling of application packages has failed.");
     } else {
         Log.d(TAG, "Uninstalling of application packages has been successful!");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean updateApplication (String apkFilePath)

Since: API level 1

API to update an application package.

Parameters
apkFilePath Path of the APK file on the file system (e.g., /data/example.apk)
Returns
  • true if application package update is successful, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to silently update any managed application without user interaction. The existing data of the application package is not removed.

 //sample test application package to update
 String testAppPkgPath = "/data/system/HelloTestUpdate.apk";
 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.updateApplication(testAppPkgPath);
     if (true == result) {
         Log.d(TAG, "Updating an application package has been successful!");
     } else {
         Log.w(TAG, "Updating an application package has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 //sample test application package to update
 String testAppPkgPath = "/data/system/HelloTestUpdate.apk";
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.updateApplication(testAppPkgPath);
     if (true == result) {
         Log.d(TAG, "Updating an application package has been successful!");
     } else {
         Log.w(TAG, "Updating an application package has failed.");
     }
 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope

public boolean wipeApplicationData (String pkgName)

Since: API level 1

API to wipe the data of an application package.

Returns
  • true if operation is successful, else false.
Throws
SecurityException If caller does not have required permissions
Usage
An administrator can use this API to clear the data and cache of an application package to reset the application package to its initial state or free up memory. The application package is wiped silently in the background with no user interaction.

 EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
 ApplicationPolicy appPolicy = edm.getApplicationPolicy();
 try {
     boolean result = appPolicy.wipeApplicationData("com.test.app");
     if (true == result) {
         Log.d(TAG, " Wiping the data of an application package has been successful!");
     } else {
         Log.w(TAG, " Wiping the data of an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
For Container:
 // When you create container successfully, containerID will be returned via intent.
 // Use this containerID in below API.
 EnterpriseKnoxManager ekm = EnterpriseKnoxManager.getInstance(context);
 KnoxContainerManager kcm = ekm.getKnoxContainerManager(containerID);
 ApplicationPolicy appPolicy = kcm.getApplicationPolicy();

 try {
     boolean result = appPolicy.wipeApplicationData("com.test.app");
     if (true == result) {
         Log.d(TAG, " Wiping the data of an application package has been successful!");
     } else {
         Log.w(TAG, " Wiping the data of an application package has failed.");
     }

 } catch (SecurityException e) {
     Log.w(TAG, "SecurityException: " + e);
 }
 
Permission
The use of this API requires the caller to have the "com.samsung.android.knox.permission.KNOX_APP_MGMT" permission which has a protection level of signature.
Since
API level 1
MDM 1.0
Multiuser Environment
User Scope