public class

HdmManager

extends Object
java.lang.Object
   ↳ com.samsung.android.knox.hdm.HdmManager

Class Overview

This class provides APIs to handle Hypervisor Device Manager. The APIs has the following functions:

- Apply a Policy to Device
- Get HDM ID to Apply a Policy
- Get Current Policy Applied based on a Service Name

Use getSystemService(java.lang.String) with argument "hdm_service" to get an instance of this class.

Since
API level 31
Version 3.5

Summary

Public Methods
String getHdmId(String requestId)
API to get ID that is used for HDM.
String getHdmPolicy(String requestId, String serviceName)
API to get Current HDM Policy based on a service.
String setHdmPolicy(String hdmPolicy)
API to apply a HDM Policy on device.
[Expand]
Inherited Methods
From class java.lang.Object

Public Methods

public String getHdmId (String requestId)

Since: API Level 30

API to get ID that is used for HDM.

Parameters
requestId Request ID
Returns
  • the JWS encoded in Base64 response to be verified by the server
Throws
RemoteException RemoteException
Usage
An administrator can get a HDM ID before sending a policy. This API was included to provide an alternative in case Device Owner is not enabled in the device. The API is added since : Android 10 removed the permissions to access the device's non-resettable identifiers 
  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  HdmManager mHdmManager = edm.getHypervisorDeviceManager();
  try {
     String response = mHdmManager.getHdmId(requestId);
  } catch (NoSuchMethodError e) {
     e.printStackTrace();
  } catch (SecurityException e) {
     e.printStackTrace();
  } catch (NullPointerException e) {
     e.printStackTrace();
  } catch (RemoteException e) {
     e.printStackTrace();
  }
Since
API level 31
Version 3.5

public String getHdmPolicy (String requestId, String serviceName)

Since: API Level 30

API to get Current HDM Policy based on a service.

Parameters
requestId Request ID
serviceName Service Name
Returns
  • the JWS encoded in Base64 response to be verified by the server
Throws
RemoteException RemoteException
Usage
An administrator can get the current policy applied to a specific service name 
  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  HdmManager mHdmManager = edm.getHypervisorDeviceManager();
  try {
     String response = mHdmManager.getHdmPolicy(requestId, serviceName);
  } catch (NoSuchMethodError e) {
     e.printStackTrace();
  } catch (SecurityException e) {
     e.printStackTrace();
  } catch (NullPointerException e) {
     e.printStackTrace();
  } catch (RemoteException e) {
     e.printStackTrace();
  }
Since
API level 31
Version 3.5

public String setHdmPolicy (String hdmPolicy)

Since: API Level 30

API to apply a HDM Policy on device.

Parameters
hdmPolicy HDM Policy JWS
Returns
  • the JWS encoded in Base64 response to be verified by the server
Throws
RemoteException RemoteException
Usage
An administrator can send a policy, in JWS encoded in Base64 format, properly signed by HDM server, to control which sub systems will be blocked or allowed. 
  EnterpriseDeviceManager edm = EnterpriseDeviceManager.getInstance(context);
  HdmManager mHdmManager = edm.getHypervisorDeviceManager();
  try {
     String response = mHdmManager.setHdmPolicy(policyJws);
  } catch (NoSuchMethodError e) {
     e.printStackTrace();
  } catch (SecurityException e) {
     e.printStackTrace();
  } catch (NullPointerException e) {
     e.printStackTrace();
  } catch (RemoteException e) {
     e.printStackTrace();
  }
Since
API level 31
Version 3.5
Permission
The use of this feature requires the caller to have the "com.samsung.android.knox.permission.KNOX_HDM" permission which has a protection level of signature.
Multiuser Environment
Global Scope