{
	"id": "0f636231-7fb0-4049-a87f-87ef4f768884",
	"created_at": "2026-04-06T00:10:31.369171Z",
	"updated_at": "2026-04-10T13:12:42.633013Z",
	"deleted_at": null,
	"sha1_hash": "5ad1a5db4dca3cc38caf58662510a1ffa2cb691a",
	"title": "DevicePolicyManager  |  API reference  |  Android Developers",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 5555362,
	"plain_text": "DevicePolicyManager  |  API reference  |  Android Developers\r\nArchived: 2026-04-05 23:49:26 UTC\r\nDevicePolicyManager Stay organized with collections Save and categorize content\r\nbased on your preferences.\r\npublic class DevicePolicyManager\r\nextends Object\r\nManages device policy and restrictions applied to the user of the device or apps running on the device.\r\nThis class contains three types of methods:\r\n1. Those aimed at managing apps\r\n2. Those aimed at the Device Policy Management Role Holder\r\n3. Those aimed at apps which wish to respect device policy\r\nThe intended caller for each API is indicated in its Javadoc.\r\nManaging Apps\r\nApps can be made capable of setting device policy (\"Managing Apps\") either by being set as a Device Administrator,\r\nbeing set as a Device Policy Controller, or by holding the appropriate Permissions.\r\nA Device Administrator is an app which is able to enforce device policies that it has declared in its device admin XML\r\nfile. An app can prompt the user to give it device administrator privileges using the ACTION_ADD_DEVICE_ADMIN action.\r\nFor more information about Device Administration, read the Device Administration developer guide.\r\nDevice Administrator apps can also be recognised as Device Policy Controllers. Device Policy Controllers can be one\r\nof two types:\r\nA Device Owner, which only ever exists on the System User or Main User, is the most powerful type of Device\r\nPolicy Controller and can affect policy across the device.\r\nA Profile Owner, which can exist on any user, can affect policy on the user it is on, and when it is running on a\r\nprofile has limited ability to affect policy on its parent.\r\nAdditional capabilities can be provided to Device Policy Controllers in the following circumstances:\r\nA Profile Owner on an organization owned device has access to additional abilities, both affecting policy on the\r\nprofile's parent and also the profile itself.\r\nA Profile Owner running on the System User has access to additional capabilities which affect the System\r\nUser and also the whole device.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 1 of 279\n\nA Profile Owner running on an affiliated user has capabilities similar to that of a Device Owner\r\nFor more information, see Building a Device Policy Controller.\r\nPermissions are generally only given to apps fulfilling particular key roles on the device (such as managing device\r\nlocks ).\r\nDevice Policy Management Role Holder\r\nOne app on the device fulfills the Device Policy Management Role and is trusted with managing the overall state of\r\nDevice Policy. This has access to much more powerful methods than managing apps.\r\nQuerying Device Policy\r\nIn most cases, regular apps do not need to concern themselves with device policy, and restrictions will be enforced\r\nautomatically. There are some cases where an app may wish to query device policy to provide a better user experience.\r\nOnly a small number of policies allow apps to query them directly. These APIs will typically have no special required\r\npermissions.\r\nManaged Provisioning\r\nManaged Provisioning is the process of recognising an app as a Device Owner or Profile Owner. It involves presenting\r\neducation and consent screens to the user to ensure they are aware of the capabilities this grants the Device Policy\r\nController\r\nFor more information on provisioning, see Building a Device Policy Controller.\r\nA Managed Profile enables data separation. For example to use a device both for personal and corporate usage. The\r\nmanaged profile and its parent share a launcher.\r\nAffiliation\r\nUsing the setAffiliationIds(ComponentName, Set) method, a Device Owner can set a list of affiliation ids for the\r\nSystem User . Any Profile Owner on the same device can also call setAffiliationIds(ComponentName, Set) to set\r\naffiliation ids for the user it is on. When there is the same ID present in both lists, the user is said to be \"affiliated\"\r\nand we can refer to the Profile Owner as a \"profile owner on an affiliated user\" or an \"affiliated profile owner\".\r\nBecoming affiliated grants the Profile Owner capabilities similar to that of the Device Owner. It also allows use of the\r\nbindDeviceAdminServiceAsUser(ComponentName, Intent, ServiceConnection, BindServiceFlags, UserHandle) APIs\r\nfor direct communication between the Device Owner and affiliated Profile Owners.\r\nOrganization Owned\r\nAn organization owned device is one which is not owned by the person making use of the device and is instead owned\r\nby an organization such as their employer or education provider. These devices are recognised as being organization\r\nowned either by the presence of a device owner or of a profile which has a profile owner is marked as\r\norganization owned .\r\nProfile owners running on an organization owned device can exercise additional capabilities using the\r\ngetParentProfileInstance(ComponentName) API which apply to the parent user. Each API will indicate if it is usable\r\nin this way.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 2 of 279\n\nAndroid Automotive\r\nOn \"Android Automotive builds\" , some methods can throw \"an exception\" if an action is unsafe (for example, if\r\nthe vehicle is moving). Callers running on \"Android Automotive builds\" should always check for this exception.\r\nRestricted for SDK Runtime environment in API level 34.\r\nRequires the PackageManager#FEATURE_DEVICE_ADMIN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nSummary\r\nNested classes\r\nclass\r\nDevicePolicyManager.InstallSystemUpdateCallback\r\nCallback used in DevicePolicyManager.installSystemUpdate(ComponentName, Uri, Executor,\r\nInstallSystemUpdateCallback) to indicate that there was an error while trying to install an update. \r\ninterface\r\nDevicePolicyManager.OnClearApplicationUserDataListener\r\nCallback used in DevicePolicyManager.clearApplicationUserData(ComponentName, String,\r\nExecutor, OnClearApplicationUserDataListener) to indicate that the clearing of an application's\r\nuser data is done. \r\nConstants\r\nString\r\nACTION_ADD_DEVICE_ADMIN\r\nActivity action: ask the user to add a new device administrator to the system.\r\nString\r\nACTION_ADMIN_POLICY_COMPLIANCE\r\nActivity action: Starts the administrator to show policy compliance for the provisioning.\r\nString\r\nACTION_APPLICATION_DELEGATION_SCOPES_CHANGED\r\nBroadcast Action: Sent after application delegation scopes are changed.\r\nString\r\nACTION_CHECK_POLICY_COMPLIANCE\r\nActivity action: launch the DPC to check policy compliance.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 3 of 279\n\nString\r\nACTION_DEVICE_ADMIN_SERVICE\r\nService action: Action for a service that device owner and profile owner can optionally own.\r\nString\r\nACTION_DEVICE_FINANCING_STATE_CHANGED\r\nBroadcast Action: Broadcast sent to indicate that the device financing state has changed.\r\nString\r\nACTION_DEVICE_OWNER_CHANGED\r\nBroadcast action: sent when the device owner is set, changed or cleared.\r\nString\r\nACTION_DEVICE_POLICY_RESOURCE_UPDATED\r\nBroadcast action: notify system apps (e.g. settings, SysUI, etc) that the device management resources\r\nwith IDs EXTRA_RESOURCE_IDS has been updated, the updated resources can be retrieved using\r\nDevicePolicyResourcesManager.getDrawable and DevicePolicyResourcesManager.getString .\r\nString\r\nACTION_GET_PROVISIONING_MODE\r\nActivity action: Starts the administrator to get the mode for the provisioning.\r\nString\r\nACTION_MANAGED_PROFILE_PROVISIONED\r\nBroadcast Action: This broadcast is sent to indicate that provisioning of a managed profile has\r\ncompleted successfully.\r\nString\r\nACTION_PROFILE_OWNER_CHANGED\r\nBroadcast action: sent when the profile owner is set, changed or cleared.\r\nString\r\nACTION_PROVISIONING_SUCCESSFUL\r\nActivity action: This activity action is sent to indicate that provisioning of a managed profile or\r\nmanaged device has completed successfully.\r\nString\r\nACTION_PROVISION_MANAGED_DEVICE\r\nThis constant was deprecated in API level 31. to support Build.VERSION_CODES.S and later, admin\r\napps must implement activities with intent filters for the ACTION_GET_PROVISIONING_MODE and\r\nACTION_ADMIN_POLICY_COMPLIANCE intent actions; using ACTION_PROVISION_MANAGED_DEVICE to start\r\nprovisioning will cause the provisioning to fail; to additionally support pre- Build.VERSION_CODES.S ,\r\nadmin apps must also continue to use this constant.\r\nString ACTION_PROVISION_MANAGED_PROFILE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 4 of 279\n\nActivity action: Starts the provisioning flow which sets up a managed profile.\r\nString\r\nACTION_SET_NEW_PARENT_PROFILE_PASSWORD\r\nActivity action: have the user enter a new password for the parent profile.\r\nString\r\nACTION_SET_NEW_PASSWORD\r\nActivity action: have the user enter a new password.\r\nString\r\nACTION_START_ENCRYPTION\r\nActivity action: begin the process of encrypting data on the device.\r\nString\r\nACTION_SYSTEM_UPDATE_POLICY_CHANGED\r\nBroadcast action: notify that a new local system update policy has been set by the device owner.\r\nint\r\nAPP_FUNCTIONS_DISABLED\r\nIndicates that AppFunctionManager is controlled and disabled by policy, i.e.\r\nint\r\nAPP_FUNCTIONS_DISABLED_CROSS_PROFILE\r\nIndicates that AppFunctionManager is controlled and disabled by a policy for cross profile interactions\r\nonly, i.e.\r\nint\r\nAPP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY\r\nIndicates that AppFunctionManager is not controlled by policy.\r\nint\r\nAUTO_TIME_DISABLED\r\nSpecifies the \"disabled\" auto time state.\r\nint\r\nAUTO_TIME_ENABLED\r\nSpecifies the \"enabled\" auto time state.\r\nint\r\nAUTO_TIME_NOT_CONTROLLED_BY_POLICY\r\nSpecifies that the auto time state is not controlled by device policy.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 5 of 279\n\nint\r\nAUTO_TIME_ZONE_DISABLED\r\nSpecifies the \"disabled\" auto time zone state.\r\nint\r\nAUTO_TIME_ZONE_ENABLED\r\nSpecifies the \"enabled\" auto time zone state.\r\nint\r\nAUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY\r\nSpecifies that the auto time zone state is not controlled by device policy.\r\nint\r\nCONTENT_PROTECTION_DISABLED\r\nIndicates that content protection is controlled and disabled by a policy (default).\r\nint\r\nCONTENT_PROTECTION_ENABLED\r\nIndicates that content protection is controlled and enabled by a policy.\r\nint\r\nCONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY\r\nIndicates that content protection is not controlled by policy, allowing user to choose.\r\nString\r\nDELEGATION_APP_RESTRICTIONS\r\nDelegation of application restrictions management.\r\nString\r\nDELEGATION_BLOCK_UNINSTALL\r\nDelegation of application uninstall block.\r\nString\r\nDELEGATION_CERT_INSTALL\r\nDelegation of certificate installation and management.\r\nString\r\nDELEGATION_CERT_SELECTION\r\nGrants access to selection of KeyChain certificates on behalf of requesting apps.\r\nString\r\nDELEGATION_ENABLE_SYSTEM_APP\r\nDelegation for enabling system apps.\r\nString DELEGATION_INSTALL_EXISTING_PACKAGE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 6 of 279\n\nDelegation for installing existing packages.\r\nString\r\nDELEGATION_KEEP_UNINSTALLED_PACKAGES\r\nDelegation of management of uninstalled packages.\r\nString\r\nDELEGATION_NETWORK_LOGGING\r\nGrants access to setNetworkLoggingEnabled(ComponentName, boolean) ,\r\nisNetworkLoggingEnabled(ComponentName) and retrieveNetworkLogs(ComponentName, long) .\r\nString\r\nDELEGATION_PACKAGE_ACCESS\r\nDelegation of package access state.\r\nString\r\nDELEGATION_PERMISSION_GRANT\r\nDelegation of permission policy and permission grant state.\r\nString\r\nDELEGATION_SECURITY_LOGGING\r\nGrants access to setSecurityLoggingEnabled(ComponentName, boolean) ,\r\nisSecurityLoggingEnabled(ComponentName) , retrieveSecurityLogs(ComponentName) , and\r\nretrievePreRebootSecurityLogs(ComponentName) .\r\nint\r\nENCRYPTION_STATUS_ACTIVATING\r\nThis constant was deprecated in API level 34. This result code has never actually been used, so there is\r\nno reason for apps to check for it.\r\nint\r\nENCRYPTION_STATUS_ACTIVE\r\nResult code for setStorageEncryption(ComponentName, boolean) and\r\ngetStorageEncryptionStatus() : indicating that encryption is active.\r\nint\r\nENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY\r\nResult code for getStorageEncryptionStatus() : indicating that encryption is active, but the\r\nencryption key is not cryptographically protected by the user's credentials.\r\nint\r\nENCRYPTION_STATUS_ACTIVE_PER_USER\r\nResult code for getStorageEncryptionStatus() : indicating that encryption is active and the\r\nencryption key is tied to the user or profile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 7 of 279\n\nint\r\nENCRYPTION_STATUS_INACTIVE\r\nResult code for setStorageEncryption(ComponentName, boolean) and\r\ngetStorageEncryptionStatus() : indicating that encryption is supported, but is not currently active.\r\nint\r\nENCRYPTION_STATUS_UNSUPPORTED\r\nResult code for setStorageEncryption(ComponentName, boolean) and\r\ngetStorageEncryptionStatus() : indicating that encryption is not supported.\r\nString\r\nEXTRA_ADD_EXPLANATION\r\nAn optional CharSequence providing additional explanation for why the admin is being added.\r\nString\r\nEXTRA_DELEGATION_SCOPES\r\nAn ArrayList\u003cString\u003e corresponding to the delegation scopes given to an app in the\r\nACTION_APPLICATION_DELEGATION_SCOPES_CHANGED broadcast.\r\nString\r\nEXTRA_DEVICE_ADMIN\r\nThe ComponentName of the administrator component.\r\nString\r\nEXTRA_DEVICE_PASSWORD_REQUIREMENT_ONLY\r\nA boolean extra for ACTION_SET_NEW_PARENT_PROFILE_PASSWORD requesting that only device password\r\nrequirement is enforced during the parent profile password enrolment flow.\r\nString\r\nEXTRA_PASSWORD_COMPLEXITY\r\nAn integer indicating the complexity level of the new password an app would like the user to set when\r\nlaunching the action ACTION_SET_NEW_PASSWORD .\r\nString\r\nEXTRA_PROVISIONING_ACCOUNT_TO_MIGRATE\r\nAn Account extra holding the account to migrate during managed profile provisioning.\r\nString\r\nEXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE\r\nA Parcelable extra of type PersistableBundle that is passed directly to the Device Policy\r\nController after provisioning.\r\nString\r\nEXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES\r\nAn ArrayList of Integer extra specifying the allowed provisioning modes.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 8 of 279\n\nString\r\nEXTRA_PROVISIONING_ALLOW_OFFLINE\r\nA boolean extra indicating whether offline provisioning should be used.\r\nString\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME\r\nA ComponentName extra indicating the device admin receiver of the application that will be set as\r\nthe Device Policy Controller.\r\nString\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_MINIMUM_VERSION_CODE\r\nAn int extra holding a minimum required version code for the device admin package.\r\nString\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM\r\nA String extra holding the URL-safe base64 encoded SHA-256 hash of the file at download location\r\nspecified in EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION .\r\nString\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER\r\nA String extra holding a http cookie header which should be used in the http request to the url specified\r\nin EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION .\r\nString\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION\r\nA String extra holding a url that specifies the download location of the device admin package.\r\nString\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME\r\nThis constant was deprecated in API level 23. Use\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME .\r\nString\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM\r\nA String extra holding the URL-safe base64 encoded SHA-256 checksum of any signature of the\r\nandroid package archive at the download location specified in\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION .\r\nString\r\nEXTRA_PROVISIONING_DISCLAIMERS\r\nA Bundle [] extra consisting of list of disclaimer headers and disclaimer contents.\r\nString\r\nEXTRA_PROVISIONING_DISCLAIMER_CONTENT\r\nA Uri extra pointing to disclaimer content.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 9 of 279\n\nString\r\nEXTRA_PROVISIONING_DISCLAIMER_HEADER\r\nA String extra of localized disclaimer header.\r\nString\r\nEXTRA_PROVISIONING_EMAIL_ADDRESS\r\nThis constant was deprecated in API level 26. From Build.VERSION_CODES.O , never used while\r\nprovisioning the device.\r\nString\r\nEXTRA_PROVISIONING_IMEI\r\nA string extra holding the IMEI (International Mobile Equipment Identity) of the device.\r\nString\r\nEXTRA_PROVISIONING_KEEP_ACCOUNT_ON_MIGRATION\r\nBoolean extra to indicate that the migrated account should be kept.\r\nString\r\nEXTRA_PROVISIONING_KEEP_SCREEN_ON\r\nThis constant was deprecated in API level 34. from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the flag\r\nwouldn't be functional. The screen is kept on throughout the provisioning flow.\r\nString\r\nEXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED\r\nA Boolean extra that can be used by the mobile device management application to skip the disabling of\r\nsystem apps during provisioning when set to true .\r\nString\r\nEXTRA_PROVISIONING_LOCALE\r\nA String extra holding the Locale that the device will be set to.\r\nString\r\nEXTRA_PROVISIONING_LOCAL_TIME\r\nA Long extra holding the wall clock time (in milliseconds) to be set on the device's AlarmManager .\r\nString\r\nEXTRA_PROVISIONING_LOGO_URI\r\nThis constant was deprecated in API level 33. Logo customization is no longer supported in the\r\nprovisioning flow.\r\nString\r\nEXTRA_PROVISIONING_MAIN_COLOR\r\nThis constant was deprecated in API level 31. Color customization is no longer supported in the\r\nprovisioning flow.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 10 of 279\n\nString\r\nEXTRA_PROVISIONING_MODE\r\nAn intent extra holding the provisioning mode returned by the administrator.\r\nString\r\nEXTRA_PROVISIONING_SENSORS_PERMISSION_GRANT_OPT_OUT\r\nA boolean extra indicating the admin of a fully-managed device opts out of controlling permission\r\ngrants for sensor-related permissions, see\r\nsetPermissionGrantState(ComponentName,String,String,int) .\r\nString\r\nEXTRA_PROVISIONING_SERIAL_NUMBER\r\nA string extra holding the serial number of the device.\r\nString\r\nEXTRA_PROVISIONING_SHOULD_LAUNCH_RESULT_INTENT\r\nA boolean extra that determines whether the provisioning flow should launch the resulting launch\r\nintent, if one is supplied by the device policy management role holder via\r\nEXTRA_RESULT_LAUNCH_INTENT .\r\nString\r\nEXTRA_PROVISIONING_SKIP_EDUCATION_SCREENS\r\nA boolean extra indicating if the education screens from the provisioning flow should be skipped.\r\nString\r\nEXTRA_PROVISIONING_SKIP_ENCRYPTION\r\nA boolean extra indicating whether device encryption can be skipped as part of provisioning.\r\nString\r\nEXTRA_PROVISIONING_SKIP_USER_CONSENT\r\nThis constant was deprecated in API level 31. this extra is no longer relevant as device owners cannot\r\ncreate managed profiles\r\nString\r\nEXTRA_PROVISIONING_TIME_ZONE\r\nA String extra holding the time zone AlarmManager that the device will be set to.\r\nString\r\nEXTRA_PROVISIONING_USE_MOBILE_DATA\r\nA boolean extra indicating if mobile data should be used during the provisioning flow for downloading\r\nthe admin app.\r\nString\r\nEXTRA_PROVISIONING_WIFI_ANONYMOUS_IDENTITY\r\nThe anonymous identity of the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 11 of 279\n\nString\r\nEXTRA_PROVISIONING_WIFI_CA_CERTIFICATE\r\nThe CA certificate of the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_PROVISIONING_WIFI_DOMAIN\r\nThe domain of the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_PROVISIONING_WIFI_EAP_METHOD\r\nThe EAP method of the wifi network in EXTRA_PROVISIONING_WIFI_SSID and could be one of PEAP ,\r\nTLS , TTLS , PWD , SIM , AKA or AKA_PRIME .\r\nString\r\nEXTRA_PROVISIONING_WIFI_HIDDEN\r\nA boolean extra indicating whether the wifi network in EXTRA_PROVISIONING_WIFI_SSID is hidden or\r\nnot.\r\nString\r\nEXTRA_PROVISIONING_WIFI_IDENTITY\r\nThe identity of the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_PROVISIONING_WIFI_PAC_URL\r\nA String extra holding the proxy auto-config (PAC) URL for the wifi network in\r\nEXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_PROVISIONING_WIFI_PASSWORD\r\nA String extra holding the password of the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_PROVISIONING_WIFI_PHASE2_AUTH\r\nThe phase 2 authentication of the wifi network in EXTRA_PROVISIONING_WIFI_SSID and could be one\r\nof NONE , PAP , MSCHAP , MSCHAPV2 , GTC , SIM , AKA or AKA_PRIME .\r\nString\r\nEXTRA_PROVISIONING_WIFI_PROXY_BYPASS\r\nA String extra holding the proxy bypass for the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_PROVISIONING_WIFI_PROXY_HOST\r\nA String extra holding the proxy host for the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString EXTRA_PROVISIONING_WIFI_PROXY_PORT\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 12 of 279\n\nAn int extra holding the proxy port for the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_PROVISIONING_WIFI_SECURITY_TYPE\r\nA String extra indicating the security type of the wifi network in EXTRA_PROVISIONING_WIFI_SSID and\r\ncould be one of NONE , WPA , WEP or EAP .\r\nString\r\nEXTRA_PROVISIONING_WIFI_SSID\r\nA String extra holding the ssid of the wifi network that should be used during nfc device owner\r\nprovisioning for downloading the mobile device management application.\r\nString\r\nEXTRA_PROVISIONING_WIFI_USER_CERTIFICATE\r\nThe user certificate of the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nString\r\nEXTRA_RESOURCE_IDS\r\nAn integer array extra for ACTION_DEVICE_POLICY_RESOURCE_UPDATED to indicate which resource IDs\r\n(i.e.\r\nString\r\nEXTRA_RESOURCE_TYPE\r\nAn int extra for ACTION_DEVICE_POLICY_RESOURCE_UPDATED to indicate the type of the resource\r\nbeing updated, the type can be EXTRA_RESOURCE_TYPE_DRAWABLE or EXTRA_RESOURCE_TYPE_STRING\r\nint\r\nEXTRA_RESOURCE_TYPE_DRAWABLE\r\nA int value for EXTRA_RESOURCE_TYPE to indicate that a resource of type Drawable is being\r\nupdated.\r\nint\r\nEXTRA_RESOURCE_TYPE_STRING\r\nA int value for EXTRA_RESOURCE_TYPE to indicate that a resource of type String is being updated.\r\nString\r\nEXTRA_RESULT_LAUNCH_INTENT\r\nAn Intent result extra specifying the Intent to be launched after provisioning is finalized.\r\nint\r\nFLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY\r\nFlag for lockNow(int) : also evict the user's credential encryption key from the keyring.\r\nint FLAG_MANAGED_CAN_ACCESS_PARENT\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 13 of 279\n\nFlag used by addCrossProfileIntentFilter(ComponentName, IntentFilter, int) to allow activities\r\nin the managed profile to access intents sent from the parent profile.\r\nint\r\nFLAG_PARENT_CAN_ACCESS_MANAGED\r\nFlag used by addCrossProfileIntentFilter(ComponentName, IntentFilter, int) to allow activities\r\nin the parent profile to access intents sent from the managed profile.\r\nint\r\nID_TYPE_BASE_INFO\r\nSpecifies that the device should attest its manufacturer details.\r\nint\r\nID_TYPE_IMEI\r\nSpecifies that the device should attest its IMEI.\r\nint\r\nID_TYPE_INDIVIDUAL_ATTESTATION\r\nSpecifies that the device should attest using an individual attestation certificate.\r\nint\r\nID_TYPE_MEID\r\nSpecifies that the device should attest its MEID.\r\nint\r\nID_TYPE_SERIAL\r\nSpecifies that the device should attest its serial number.\r\nint\r\nINSTALLKEY_REQUEST_CREDENTIALS_ACCESS\r\nSpecifies that the calling app should be granted access to the installed credentials immediately.\r\nint\r\nINSTALLKEY_SET_USER_SELECTABLE\r\nSpecifies that a user can select the key via the Certificate Selection prompt.\r\nint\r\nKEYGUARD_DISABLE_BIOMETRICS\r\nDisable all biometric authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nint\r\nKEYGUARD_DISABLE_FACE\r\nDisable face authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nint KEYGUARD_DISABLE_FEATURES_ALL\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 14 of 279\n\nDisable all current and future keyguard customizations.\r\nint\r\nKEYGUARD_DISABLE_FEATURES_NONE\r\nWidgets are enabled in keyguard\r\nint\r\nKEYGUARD_DISABLE_FINGERPRINT\r\nDisable fingerprint authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nint\r\nKEYGUARD_DISABLE_IRIS\r\nDisable iris authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nint\r\nKEYGUARD_DISABLE_REMOTE_INPUT\r\nThis constant was deprecated in API level 33. This flag was added in version\r\nBuild.VERSION_CODES.N , but it never had any effect.\r\nint\r\nKEYGUARD_DISABLE_SECURE_CAMERA\r\nDisable the camera on secure keyguard screens (e.g. PIN/Pattern/Password)\r\nint\r\nKEYGUARD_DISABLE_SECURE_NOTIFICATIONS\r\nDisable showing all notifications on secure keyguard screens (e.g. PIN/Pattern/Password)\r\nint\r\nKEYGUARD_DISABLE_SHORTCUTS_ALL\r\nDisable all keyguard shortcuts.\r\nint\r\nKEYGUARD_DISABLE_TRUST_AGENTS\r\nDisable trust agents on secure keyguard screens (e.g. PIN/Pattern/Password).\r\nint\r\nKEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS\r\nOnly allow redacted notifications on secure keyguard screens (e.g. PIN/Pattern/Password)\r\nint\r\nKEYGUARD_DISABLE_WIDGETS_ALL\r\nDisable all keyguard widgets.\r\nint LEAVE_ALL_SYSTEM_APPS_ENABLED\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 15 of 279\n\nFlag used by createAndManageUser(ComponentName, String, ComponentName, PersistableBundle,\r\nint) to specify that the newly created user should skip the disabling of system apps during\r\nprovisioning.\r\nint\r\nLOCK_TASK_FEATURE_BLOCK_ACTIVITY_START_IN_TASK\r\nEnable blocking of non-allowlisted activities from being started into a locked task.\r\nint\r\nLOCK_TASK_FEATURE_GLOBAL_ACTIONS\r\nEnable the global actions dialog during LockTask mode.\r\nint\r\nLOCK_TASK_FEATURE_HOME\r\nEnable the Home button during LockTask mode.\r\nint\r\nLOCK_TASK_FEATURE_KEYGUARD\r\nEnable the keyguard during LockTask mode.\r\nint\r\nLOCK_TASK_FEATURE_NONE\r\nDisable all configurable SystemUI features during LockTask mode.\r\nint\r\nLOCK_TASK_FEATURE_NOTIFICATIONS\r\nEnable notifications during LockTask mode.\r\nint\r\nLOCK_TASK_FEATURE_OVERVIEW\r\nEnable the Overview button and the Overview screen during LockTask mode.\r\nint\r\nLOCK_TASK_FEATURE_SYSTEM_INFO\r\nEnable the system info area in the status bar during LockTask mode.\r\nint\r\nMAKE_USER_EPHEMERAL\r\nFlag used by createAndManageUser(ComponentName, String, ComponentName, PersistableBundle,\r\nint) to specify that the user should be created ephemeral.\r\nString\r\nMIME_TYPE_PROVISIONING_NFC\r\nThis MIME type is used for starting the device owner provisioning.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 16 of 279\n\nint\r\nMTE_DISABLED\r\nRequire that MTE be disabled on the device.\r\nint\r\nMTE_ENABLED\r\nRequire that MTE be enabled on the device, if supported.\r\nint\r\nMTE_NOT_CONTROLLED_BY_POLICY\r\nAllow the user to choose whether to enable MTE on the device.\r\nint\r\nNEARBY_STREAMING_DISABLED\r\nIndicates that nearby streaming is disabled.\r\nint\r\nNEARBY_STREAMING_ENABLED\r\nIndicates that nearby streaming is enabled.\r\nint\r\nNEARBY_STREAMING_NOT_CONTROLLED_BY_POLICY\r\nIndicates that nearby streaming is not controlled by policy, which means nearby streaming is allowed.\r\nint\r\nNEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY\r\nIndicates that nearby streaming is enabled only to devices offering a comparable level of security, with\r\nthe same authenticated managed account.\r\nint\r\nOPERATION_SAFETY_REASON_DRIVING_DISTRACTION\r\nIndicates that a UnsafeStateException was thrown because the operation would distract the driver of\r\nthe vehicle.\r\nint\r\nPASSWORD_COMPLEXITY_HIGH\r\nConstant for getPasswordComplexity() and setRequiredPasswordComplexity(int) .\r\nint\r\nPASSWORD_COMPLEXITY_LOW\r\nConstant for getPasswordComplexity() and setRequiredPasswordComplexity(int) .\r\nint\r\nPASSWORD_COMPLEXITY_MEDIUM\r\nConstant for getPasswordComplexity() and setRequiredPasswordComplexity(int) .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 17 of 279\n\nint\r\nPASSWORD_COMPLEXITY_NONE\r\nConstant for getPasswordComplexity() and setRequiredPasswordComplexity(int) : no password.\r\nint\r\nPASSWORD_QUALITY_ALPHABETIC\r\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password\r\ncontaining at least alphabetic (or other symbol) characters.\r\nint\r\nPASSWORD_QUALITY_ALPHANUMERIC\r\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password\r\ncontaining at least both\u003e numeric and alphabetic (or other symbol) characters.\r\nint\r\nPASSWORD_QUALITY_BIOMETRIC_WEAK\r\nConstant for setPasswordQuality(ComponentName, int) : the policy allows for low-security biometric\r\nrecognition technology.\r\nint\r\nPASSWORD_QUALITY_COMPLEX\r\nConstant for setPasswordQuality(ComponentName, int) : allows the admin to set precisely how many\r\ncharacters of various types the password should contain to satisfy the policy.\r\nint\r\nPASSWORD_QUALITY_NUMERIC\r\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password\r\ncontaining at least numeric characters.\r\nint\r\nPASSWORD_QUALITY_NUMERIC_COMPLEX\r\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password\r\ncontaining at least numeric characters with no repeating (4444) or ordered (1234, 4321, 2468)\r\nsequences.\r\nint\r\nPASSWORD_QUALITY_SOMETHING\r\nConstant for setPasswordQuality(ComponentName, int) : the policy requires some kind of password\r\nor pattern, but doesn't care what it is.\r\nint\r\nPASSWORD_QUALITY_UNSPECIFIED\r\nConstant for setPasswordQuality(ComponentName, int) : the policy has no requirements for the\r\npassword.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 18 of 279\n\nint\r\nPERMISSION_GRANT_STATE_DEFAULT\r\nRuntime permission state: The user can manage the permission through the UI.\r\nint\r\nPERMISSION_GRANT_STATE_DENIED\r\nRuntime permission state: The permission is denied to the app and the user cannot manage the\r\npermission through the UI.\r\nint\r\nPERMISSION_GRANT_STATE_GRANTED\r\nRuntime permission state: The permission is granted to the app and the user cannot manage the\r\npermission through the UI.\r\nint\r\nPERMISSION_POLICY_AUTO_DENY\r\nPermission policy to always deny new permission requests for runtime permissions.\r\nint\r\nPERMISSION_POLICY_AUTO_GRANT\r\nPermission policy to always grant new permission requests for runtime permissions.\r\nint\r\nPERMISSION_POLICY_PROMPT\r\nPermission policy to prompt user for new permission requests for runtime permissions.\r\nint\r\nPERSONAL_APPS_NOT_SUSPENDED\r\nReturn value for getPersonalAppsSuspendedReasons(ComponentName) when personal apps are not\r\nsuspended.\r\nint\r\nPERSONAL_APPS_SUSPENDED_EXPLICITLY\r\nFlag for getPersonalAppsSuspendedReasons(ComponentName) return value.\r\nint\r\nPERSONAL_APPS_SUSPENDED_PROFILE_TIMEOUT\r\nFlag for getPersonalAppsSuspendedReasons(ComponentName) return value.\r\nString\r\nPOLICY_DISABLE_CAMERA\r\nConstant to indicate the feature of disabling the camera.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 19 of 279\n\nString\r\nPOLICY_DISABLE_SCREEN_CAPTURE\r\nConstant to indicate the feature of disabling screen captures.\r\nint\r\nPRIVATE_DNS_MODE_OFF\r\nSpecifies that Private DNS was turned off completely.\r\nint\r\nPRIVATE_DNS_MODE_OPPORTUNISTIC\r\nSpecifies that the device owner requested opportunistic DNS over TLS\r\nint\r\nPRIVATE_DNS_MODE_PROVIDER_HOSTNAME\r\nSpecifies that the device owner configured a specific host to use for Private DNS.\r\nint\r\nPRIVATE_DNS_MODE_UNKNOWN\r\nSpecifies that the Private DNS setting is in an unknown state.\r\nint\r\nPRIVATE_DNS_SET_ERROR_FAILURE_SETTING\r\nGeneral failure to set the Private DNS mode, not due to one of the reasons listed above.\r\nint\r\nPRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING\r\nIf the privateDnsHost provided was of a valid hostname but that host was found to not support DNS-over-TLS.\r\nint\r\nPRIVATE_DNS_SET_NO_ERROR\r\nThe selected mode has been set successfully.\r\nint\r\nPROVISIONING_MODE_FULLY_MANAGED_DEVICE\r\nThe provisioning mode for fully managed device.\r\nint\r\nPROVISIONING_MODE_MANAGED_PROFILE\r\nThe provisioning mode for managed profile.\r\nint\r\nPROVISIONING_MODE_MANAGED_PROFILE_ON_PERSONAL_DEVICE\r\nThe provisioning mode for a managed profile on a personal device.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 20 of 279\n\nint\r\nRESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT\r\nFlag for resetPasswordWithToken(ComponentName, String, byte, int) and resetPassword(String,\r\nint) : don't ask for user credentials on device boot.\r\nint\r\nRESET_PASSWORD_REQUIRE_ENTRY\r\nFlag for resetPasswordWithToken(ComponentName, String, byte, int) and resetPassword(String,\r\nint) : don't allow other admins to change the password again until the user has entered it.\r\nint\r\nSKIP_SETUP_WIZARD\r\nFlag used by createAndManageUser(ComponentName, String, ComponentName, PersistableBundle,\r\nint) to skip setup wizard after creating a new user.\r\nint\r\nWIFI_SECURITY_ENTERPRISE_192\r\nConstant for getMinimumRequiredWifiSecurityLevel() and\r\nsetMinimumRequiredWifiSecurityLevel(int) : enterprise 192 bit network.\r\nint\r\nWIFI_SECURITY_ENTERPRISE_EAP\r\nConstant for getMinimumRequiredWifiSecurityLevel() and\r\nsetMinimumRequiredWifiSecurityLevel(int) : enterprise EAP network.\r\nint\r\nWIFI_SECURITY_OPEN\r\nConstant for getMinimumRequiredWifiSecurityLevel() and\r\nsetMinimumRequiredWifiSecurityLevel(int) : no minimum security level.\r\nint\r\nWIFI_SECURITY_PERSONAL\r\nConstant for getMinimumRequiredWifiSecurityLevel() and\r\nsetMinimumRequiredWifiSecurityLevel(int) : personal network such as WEP, WPA2-PSK.\r\nint\r\nWIPE_EUICC\r\nFlag for wipeDevice(int) : also erase the device's eUICC data.\r\nint\r\nWIPE_EXTERNAL_STORAGE\r\nFlag for wipeData(int) : also erase the device's adopted external storage (such as adopted SD cards).\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 21 of 279\n\nint\r\nWIPE_RESET_PROTECTION_DATA\r\nFlag for wipeData(int) : also erase the factory reset protection data.\r\nint\r\nWIPE_SILENTLY\r\nFlag for wipeData(int) : won't show reason for wiping to the user.\r\nPublic methods\r\nvoid\r\nacknowledgeDeviceCompliant()\r\nCalled by a profile owner of an organization-owned managed profile to acknowledge that the\r\ndevice is compliant and the user can turn the profile off if needed according to the maximum\r\ntime off policy.\r\nvoid\r\naddCrossProfileIntentFilter(ComponentName admin, IntentFilter filter, int flags)\r\nCalled by the profile owner of a managed profile so that some intents sent in the managed\r\nprofile can also be resolved in the parent, or vice versa.\r\nboolean\r\naddCrossProfileWidgetProvider(ComponentName admin, String packageName)\r\nCalled by the profile owner of a managed profile or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION to enable widget\r\nproviders from a given package to be available in the parent profile.\r\nint\r\naddOverrideApn(ComponentName admin, ApnSetting apnSetting)\r\nCalled by device owner or managed profile owner to add an override APN.\r\nvoid\r\naddPersistentPreferredActivity(ComponentName admin, IntentFilter filter, Component\r\nName activity)\r\nCalled by a profile owner or device owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_LOCK_TASK .\r\nvoid\r\naddUserRestriction(ComponentName admin, String key)\r\nCalled by a profile owner, device owner or a holder of any permission that is associated with a\r\nuser restriction to set a user restriction specified by the key.\r\nvoid addUserRestrictionGlobally(String key)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 22 of 279\n\nCalled by a profile owner, device owner or a holder of any permission that is associated with a\r\nuser restriction to set a user restriction specified by the provided key globally on all users.\r\nboolean\r\nbindDeviceAdminServiceAsUser(ComponentName admin, Intent serviceIntent, Service\r\nConnection conn, int flags, UserHandle targetUser)\r\nCalled by a device owner to bind to a service from a secondary managed user or vice versa.\r\nboolean\r\nbindDeviceAdminServiceAsUser(ComponentName admin, Intent serviceIntent, Service\r\nConnection conn, Context.BindServiceFlags flags, UserHandle targetUser)\r\nSee\r\nbindDeviceAdminServiceAsUser(ComponentName,Intent,ServiceConnection,int,UserHandle) .\r\nboolean\r\ncanAdminGrantSensorsPermissions()\r\nReturns true if the caller is running on a device where an admin can grant permissions related to\r\ndevice sensors.\r\nboolean\r\ncanUsbDataSignalingBeDisabled()\r\nReturns whether enabling or disabling USB data signaling is supported on the device.\r\nvoid\r\nclearApplicationUserData(ComponentName admin, String packageName, Executor executor,\r\nDevicePolicyManager.OnClearApplicationUserDataListener listener)\r\nCalled by the device owner or profile owner to clear application user data of a given package.\r\nvoid\r\nclearCrossProfileIntentFilters(ComponentName admin)\r\nCalled by a profile owner of a managed profile to remove the cross-profile intent filters that go\r\nfrom the managed profile to the parent, or from the parent to the managed profile.\r\nvoid\r\nclearDeviceOwnerApp(String packageName)\r\nThis method was deprecated in API level 26. This method is expected to be used for testing\r\npurposes only. The device owner will lose control of the device and its data after calling it. In\r\norder to protect any sensitive data that remains on the device, it is advised that the device\r\nowner factory resets the device instead of calling this method. See wipeData(int) .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 23 of 279\n\nvoid\r\nclearPackagePersistentPreferredActivities(ComponentName admin, String packageName)\r\nCalled by a profile owner or device owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_LOCK_TASK to remove all persistent intent\r\nhandler preferences associated with the given package that were set by\r\naddPersistentPreferredActivity(ComponentName, IntentFilter, ComponentName) .\r\nvoid\r\nclearProfileOwner(ComponentName admin)\r\nThis method was deprecated in API level 26. This method is expected to be used for testing\r\npurposes only. The profile owner will lose control of the user and its data after calling it. In\r\norder to protect any sensitive data that remains on this user, it is advised that the profile owner\r\ndeletes it instead of calling this method. See wipeData(int) .\r\nboolean\r\nclearResetPasswordToken(ComponentName admin)\r\nCalled by a profile, device owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_RESET_PASSWORD to revoke the current password\r\nreset token.\r\nvoid\r\nclearUserRestriction(ComponentName admin, String key)\r\nCalled by a profile owner, device owner or a holder of any permission that is associated with a\r\nuser restriction to clear a user restriction specified by the key.\r\nIntent\r\ncreateAdminSupportIntent(String restriction)\r\nCalled by any app to display a support dialog when a feature was disabled by an admin.\r\nUserHandle\r\ncreateAndManageUser(ComponentName admin, String name, ComponentName profileOwner,\r\nPersistableBundle adminExtras, int flags)\r\nCalled by a device owner to create a user with the specified name and a given component of the\r\ncalling package as profile owner.\r\nint\r\nenableSystemApp(ComponentName admin, Intent intent)\r\nRe-enable system apps by intent that were disabled by default when the user was initialized.\r\nvoid\r\nenableSystemApp(ComponentName admin, String packageName)\r\nRe-enable a system app that was disabled by default when the user was initialized.\r\nAttestedKeyPair generateKeyPair(ComponentName admin, String algorithm, KeyGenParameterSpec keySpec,\r\nint idAttestationFlags)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 24 of 279\n\nThis API can be called by the following to generate a new private/public key pair:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES\r\npermission\r\nIf the device supports key generation via secure hardware, this method is useful for creating a\r\nkey in KeyChain that never left the secure hardware.\r\nString[]\r\ngetAccountTypesWithManagementDisabled()\r\nGets the array of accounts for which account management is disabled by the profile owner or\r\ndevice owner.\r\nList\u003cComponent\r\nName\u003e\r\ngetActiveAdmins()\r\nReturn a list of all currently active device administrators' component names.\r\nSet\u003cString\u003e\r\ngetAffiliationIds(ComponentName admin)\r\nReturns the set of affiliation ids previously set via setAffiliationIds(ComponentName, Set) ,\r\nor an empty set if none have been set.\r\nSet\u003cString\u003e\r\ngetAlwaysOnVpnLockdownWhitelist(ComponentName admin)\r\nCalled by device or profile owner to query the set of packages that are allowed to access the\r\nnetwork directly when always-on VPN is in lockdown mode but not connected.\r\nString\r\ngetAlwaysOnVpnPackage(ComponentName admin)\r\nCalled by a device or profile owner to read the name of the package administering an always-on\r\nVPN connection for the current user.\r\nint\r\ngetAppFunctionsPolicy()\r\nReturns the current AppFunctionManager policy.\r\nBundle\r\ngetApplicationRestrictions(ComponentName admin, String packageName)\r\nRetrieves the application restrictions for a given target application running in the calling user.\r\nString getApplicationRestrictionsManagingPackage(ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 25 of 279\n\nThis method was deprecated in API level 26. From Build.VERSION_CODES.O . Use\r\ngetDelegatePackages(ComponentName, String) with the DELEGATION_APP_RESTRICTIONS\r\nscope instead.\r\nboolean\r\ngetAutoTimeEnabled(ComponentName admin)\r\nReturns true if auto time is enabled on the device.\r\nint\r\ngetAutoTimePolicy()\r\nReturns current auto time policy's state.\r\nboolean\r\ngetAutoTimeRequired()\r\nThis method was deprecated in API level 30. From Build.VERSION_CODES.R . Use\r\ngetAutoTimeEnabled(ComponentName)\r\nboolean\r\ngetAutoTimeZoneEnabled(ComponentName admin)\r\nReturns true if auto time zone is enabled on the device.\r\nint\r\ngetAutoTimeZonePolicy()\r\nReturns auto time zone policy's current state.\r\nList\u003cUserHandle\u003e\r\ngetBindDeviceAdminTargetUsers(ComponentName admin)\r\nReturns the list of target users that the calling device owner or owner of secondary user can use\r\nwhen calling bindDeviceAdminServiceAsUser(ComponentName, Intent, ServiceConnection,\r\nBindServiceFlags, UserHandle) .\r\nboolean\r\ngetBluetoothContactSharingDisabled(ComponentName admin)\r\nCalled by a profile owner of a managed profile to determine whether or not Bluetooth devices\r\ncannot access enterprise contacts.\r\nboolean\r\ngetCameraDisabled(ComponentName admin)\r\nDetermine whether or not the device's cameras have been disabled for this user, either by the\r\ncalling admin, if specified, or all admins.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 26 of 279\n\nString\r\ngetCertInstallerPackage(ComponentName admin)\r\nThis method was deprecated in API level 26. From Build.VERSION_CODES.O . Use\r\ngetDelegatePackages(ComponentName, String) with the DELEGATION_CERT_INSTALL scope\r\ninstead.\r\nint\r\ngetContentProtectionPolicy(ComponentName admin)\r\nReturns the current content protection policy.\r\nPackagePolicy\r\ngetCredentialManagerPolicy()\r\nCalled by a device owner or profile owner of a managed profile to retrieve the credential\r\nmanager policy.\r\nSet\u003cString\u003e\r\ngetCrossProfileCalendarPackages(ComponentName admin)\r\nThis method was deprecated in API level 34. Use\r\nsetCrossProfilePackages(ComponentName,Set) .\r\nboolean\r\ngetCrossProfileCallerIdDisabled(ComponentName admin)\r\nThis method was deprecated in API level 34. starting with\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE , use getManagedProfileCallerIdAccessPolicy()\r\ninstead\r\nboolean\r\ngetCrossProfileContactsSearchDisabled(ComponentName admin)\r\nThis method was deprecated in API level 34. From Build.VERSION_CODES.UPSIDE_DOWN_CAKE\r\nuse getManagedProfileContactsAccessPolicy()\r\nSet\u003cString\u003e\r\ngetCrossProfilePackages(ComponentName admin)\r\nReturns the set of package names that the admin has previously set as allowed to request user\r\nconsent for cross-profile communication, via setCrossProfilePackages(ComponentName,Set) .\r\nList\u003cString\u003e\r\ngetCrossProfileWidgetProviders(ComponentName admin)\r\nCalled by the profile owner of a managed profile or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION to query providers from\r\nwhich packages are available in the parent profile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 27 of 279\n\nint\r\ngetCurrentFailedPasswordAttempts()\r\nRetrieve the number of times the user has failed at entering a password since that last successful\r\npassword entry.\r\nList\u003cString\u003e\r\ngetDelegatePackages(ComponentName admin, String delegationScope)\r\nCalled by a profile owner or device owner to retrieve a list of delegate packages that were\r\ngranted a delegation scope.\r\nList\u003cString\u003e\r\ngetDelegatedScopes(ComponentName admin, String delegatedPackage)\r\nCalled by a profile owner or device owner to retrieve a list of the scopes given to a delegate\r\npackage.\r\nCharSequence getDeviceOwnerLockScreenInfo()\r\nString\r\ngetDevicePolicyManagementRoleHolderPackage()\r\nReturns the package name of the device policy management role holder.\r\nCharSequence\r\ngetEndUserSessionMessage(ComponentName admin)\r\nReturns the user session end message.\r\nString\r\ngetEnrollmentSpecificId()\r\nReturns an enrollment-specific identifier of this device, which is guaranteed to be the same\r\nvalue for the same device, enrolled into the same organization by the same managing app.\r\nFactoryReset\r\nProtectionPolicy\r\ngetFactoryResetProtectionPolicy(ComponentName admin)\r\nCallable by device owner or profile owner of an organization-owned device, to retrieve the\r\ncurrent factory reset protection (FRP) policy set previously by\r\nsetFactoryResetProtectionPolicy(ComponentName, FactoryResetProtectionPolicy) .\r\nString\r\ngetGlobalPrivateDnsHost(ComponentName admin)\r\nReturns the system-wide Private DNS host.\r\nint\r\ngetGlobalPrivateDnsMode(ComponentName admin)\r\nReturns the system-wide Private DNS mode.\r\nList\u003cbyte[]\u003e getInstalledCaCerts(ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 28 of 279\n\nReturns all CA certificates that are currently trusted, excluding system CA certificates.\r\nList\u003cString\u003e\r\ngetKeepUninstalledPackages(ComponentName admin)\r\nGet the list of apps to keep around as APKs even if no user has currently installed it.\r\nMap\u003cInteger,\r\nSet\u003cString\u003e\u003e\r\ngetKeyPairGrants(String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been\r\ndelegated the DELEGATION_CERT_SELECTION privilege), to query which apps have access to a\r\ngiven KeyChain key.\r\nint\r\ngetKeyguardDisabledFeatures(ComponentName admin)\r\nDetermine whether or not features have been disabled in keyguard either by the calling admin,\r\nif specified, or all admins that set restrictions on this user and its participating profiles.\r\nint\r\ngetLockTaskFeatures(ComponentName admin)\r\nGets which system features are enabled for LockTask mode.\r\nString[]\r\ngetLockTaskPackages(ComponentName admin)\r\nReturns the list of packages allowed to start the lock task mode.\r\nCharSequence\r\ngetLongSupportMessage(ComponentName admin)\r\nCalled by a device admin to get the long support message.\r\nPackagePolicy\r\ngetManagedProfileCallerIdAccessPolicy()\r\nCalled by a profile owner of a managed profile to retrieve the caller id policy.\r\nPackagePolicy\r\ngetManagedProfileContactsAccessPolicy()\r\nCalled by a profile owner of a managed profile to determine the current policy applied to\r\nmanaged profile contacts.\r\nlong\r\ngetManagedProfileMaximumTimeOff(ComponentName admin)\r\nCalled by a profile owner of an organization-owned managed profile to get maximum time the\r\nprofile is allowed to be turned off.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 29 of 279\n\nManaged\r\nSubscriptions\r\nPolicy\r\ngetManagedSubscriptionsPolicy()\r\nReturns the current ManagedSubscriptionsPolicy .\r\nint\r\ngetMaximumFailedPasswordsForWipe(ComponentName admin)\r\nRetrieve the current maximum number of login attempts that are allowed before the device or\r\nprofile is wiped, for a particular admin or all admins that set restrictions on this user and its\r\nparticipating profiles.\r\nlong\r\ngetMaximumTimeToLock(ComponentName admin)\r\nRetrieve the current maximum time to unlock for a particular admin or all admins that set\r\nrestrictions on this user and its participating profiles.\r\nList\u003cString\u003e\r\ngetMeteredDataDisabledPackages(ComponentName admin)\r\nCalled by a device or profile owner to retrieve the list of packages which are restricted by the\r\nadmin from using metered data.\r\nint\r\ngetMinimumRequiredWifiSecurityLevel()\r\nReturns the current Wi-Fi minimum security level.\r\nint\r\ngetMtePolicy()\r\nCalled by a device owner, profile owner of an organization-owned device to get the Memory\r\nTagging Extension (MTE) policy Learn more about MTE\r\nint\r\ngetNearbyAppStreamingPolicy()\r\nReturns the current runtime nearby app streaming policy set by the device or profile owner.\r\nint\r\ngetNearbyNotificationStreamingPolicy()\r\nReturns the current runtime nearby notification streaming policy set by the device or profile\r\nowner.\r\nint\r\ngetOrganizationColor(ComponentName admin)\r\nThis method was deprecated in API level 31. From Build.VERSION_CODES.R , the organization\r\ncolor is never used as the background color of the confirm credentials screen.\r\nCharSequence getOrganizationName(ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 30 of 279\n\nCalled by the device owner (since API 26) or profile owner (since API 24) or holders of the\r\npermission Manifest.permission.MANAGE_DEVICE_POLICY_ORGANIZATION_IDENTITY to retrieve\r\nthe name of the organization under management.\r\nList\u003cApnSetting\u003e\r\ngetOverrideApns(ComponentName admin)\r\nCalled by device owner or managed profile owner to get all override APNs inserted by device\r\nowner or managed profile owner previously using addOverrideApn(ComponentName,\r\nApnSetting) .\r\nDevicePolicy\r\nManager\r\ngetParentProfileInstance(ComponentName admin)\r\nCalled by the profile owner of a managed profile or other apps in a managed profile to obtain a\r\nDevicePolicyManager whose calls act on the parent profile.\r\nint\r\ngetPasswordComplexity()\r\nReturns how complex the current user's screen lock is.\r\nlong\r\ngetPasswordExpiration(ComponentName admin)\r\nGet the current password expiration time for a particular admin or all admins that set\r\nrestrictions on this user and its participating profiles.\r\nlong\r\ngetPasswordExpirationTimeout(ComponentName admin)\r\nGet the password expiration timeout for the given admin.\r\nint\r\ngetPasswordHistoryLength(ComponentName admin)\r\nRetrieve the current password history length for a particular admin or all admins that set\r\nrestrictions on this user and its participating profiles.\r\nint\r\ngetPasswordMaximumLength(int quality)\r\nReturn the maximum password length that the device supports for a particular password quality.\r\nint\r\ngetPasswordMinimumLength(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 31 of 279\n\nint\r\ngetPasswordMinimumLetters(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nint\r\ngetPasswordMinimumLowerCase(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nint\r\ngetPasswordMinimumNonLetter(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nint\r\ngetPasswordMinimumNumeric(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nint\r\ngetPasswordMinimumSymbols(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nint\r\ngetPasswordMinimumUpperCase(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nint\r\ngetPasswordQuality(ComponentName admin)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nSystemUpdateInfo\r\ngetPendingSystemUpdate(ComponentName admin)\r\nGet information about a pending system update.\r\nint\r\ngetPermissionGrantState(ComponentName admin, String packageName, String permission)\r\nReturns the current grant state of a runtime permission for a specific application.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 32 of 279\n\nint\r\ngetPermissionPolicy(ComponentName admin)\r\nReturns the current runtime permission policy set by the device or profile owner.\r\nList\u003cString\u003e\r\ngetPermittedAccessibilityServices(ComponentName admin)\r\nReturns the list of permitted accessibility services set by this device or profile owner.\r\nList\u003cString\u003e\r\ngetPermittedCrossProfileNotificationListeners(ComponentName admin)\r\nReturns the list of packages installed on the primary user that allowed to use a\r\nNotificationListenerService to receive notifications from this managed profile, as set by\r\nthe profile owner.\r\nList\u003cString\u003e\r\ngetPermittedInputMethods(ComponentName admin)\r\nReturns the list of permitted input methods set by this device or profile owner.\r\nint\r\ngetPersonalAppsSuspendedReasons(ComponentName admin)\r\nCalled by profile owner of an organization-owned managed profile to check whether personal\r\napps are suspended.\r\nList\u003cPreferential\r\nNetworkService\r\nConfig\u003e\r\ngetPreferentialNetworkServiceConfigs()\r\nGet preferential network configuration\r\nint\r\ngetRequiredPasswordComplexity()\r\nGets the password complexity requirement set by setRequiredPasswordComplexity(int) , for\r\nthe current user.\r\nlong\r\ngetRequiredStrongAuthTimeout(ComponentName admin)\r\nDetermine for how long the user will be able to use secondary, non strong auth for\r\nauthentication, since last strong method authentication (password, pin or pattern) was used.\r\nDevicePolicy\r\nResourcesManager\r\ngetResources()\r\nReturns a DevicePolicyResourcesManager containing the required APIs to set, reset, and get\r\ndevice policy related resources.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 33 of 279\n\nboolean\r\ngetScreenCaptureDisabled(ComponentName admin)\r\nDetermine whether or not screen capture has been disabled by the calling admin, if specified, or\r\nall admins.\r\nList\u003cUserHandle\u003e\r\ngetSecondaryUsers(ComponentName admin)\r\nCalled by a device owner to list all secondary users on the device.\r\nCharSequence\r\ngetShortSupportMessage(ComponentName admin)\r\nCalled by a device admin or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE to get the short support\r\nmessage.\r\nCharSequence\r\ngetStartUserSessionMessage(ComponentName admin)\r\nReturns the user session start message.\r\nboolean\r\ngetStorageEncryption(ComponentName admin)\r\nThis method was deprecated in API level 30. This method only returns the value set by\r\nsetStorageEncryption(ComponentName, boolean) . It does not actually reflect the storage\r\nencryption status. Use getStorageEncryptionStatus() for that. Called by an application that\r\nis administering the device to determine the requested setting for secure storage.\r\nint\r\ngetStorageEncryptionStatus()\r\nCalled by an application that is administering the device to determine the current encryption\r\nstatus of the device.\r\nSet\u003cInteger\u003e\r\ngetSubscriptionIds()\r\nReturns the subscription ids of all subscriptions which were downloaded by the calling admin.\r\nSystemUpdate\r\nPolicy\r\ngetSystemUpdatePolicy()\r\nRetrieve a local system update policy set previously by\r\nsetSystemUpdatePolicy(ComponentName, SystemUpdatePolicy) .\r\nPersistable\r\nBundle\r\ngetTransferOwnershipBundle()\r\nReturns the data passed from the current administrator to the new administrator during an\r\nownership transfer.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 34 of 279\n\nList\u003cPersistable\r\nBundle\u003e\r\ngetTrustAgentConfiguration(ComponentName admin, ComponentName agent)\r\nGets configuration for the given trust agent based on aggregating all calls to\r\nsetTrustAgentConfiguration(ComponentName,ComponentName,PersistableBundle) for all\r\ndevice admins.\r\nList\u003cString\u003e\r\ngetUserControlDisabledPackages(ComponentName admin)\r\nReturns the list of packages over which user control is disabled by a device or profile owner or\r\nholders of the permission Manifest.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL .\r\nBundle\r\ngetUserRestrictions(ComponentName admin)\r\nCalled by an admin to get user restrictions set by themselves with\r\naddUserRestriction(ComponentName,String) .\r\nBundle\r\ngetUserRestrictionsGlobally()\r\nCalled by a profile or device owner to get global user restrictions set with\r\naddUserRestrictionGlobally(String) .\r\nString\r\ngetWifiMacAddress(ComponentName admin)\r\nCalled by a device owner or profile owner on organization-owned device to get the MAC\r\naddress of the Wi-Fi device.\r\nWifiSsidPolicy\r\ngetWifiSsidPolicy()\r\nReturns the current Wi-Fi SSID policy.\r\nboolean\r\ngrantKeyPairToApp(ComponentName admin, String alias, String packageName)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been\r\ndelegated the DELEGATION_CERT_SELECTION privilege), to grant an application access to an\r\nalready-installed (or generated) KeyChain key.\r\nboolean\r\ngrantKeyPairToWifiAuth(String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been\r\ndelegated the DELEGATION_CERT_SELECTION privilege), to allow using a KeyChain key pair for\r\nauthentication to Wifi networks.\r\nboolean\r\nhasCaCertInstalled(ComponentName admin, byte[] certBuffer)\r\nReturns whether this certificate is installed as a trusted CA.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 35 of 279\n\nboolean\r\nhasGrantedPolicy(ComponentName admin, int usesPolicy)\r\nReturns true if an administrator has been granted a particular device policy.\r\nboolean\r\nhasKeyPair(String alias)\r\nThis API can be called by the following to query whether a certificate and private key are\r\ninstalled under a given alias:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES\r\npermission\r\nIf called by the credential management app, the alias must exist in the credential management\r\napp's AppUriAuthenticationPolicy .\r\nboolean\r\nhasLockdownAdminConfiguredNetworks(ComponentName admin)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to\r\ndetermine whether the user is prevented from modifying networks configured by the admin.\r\nboolean\r\ninstallCaCert(ComponentName admin, byte[] certBuffer)\r\nInstalls the given certificate as a user CA.\r\nboolean\r\ninstallExistingPackage(ComponentName admin, String packageName)\r\nInstall an existing package that has been installed in another user, or has been kept after\r\nremoval via setKeepUninstalledPackages(ComponentName, List) .\r\nboolean installKeyPair(ComponentName admin, PrivateKey privKey, Certificate[] certs, String\r\nalias, int flags)\r\nThis API can be called by the following to install a certificate chain and corresponding private\r\nkey for the leaf certificate:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES\r\npermission\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 36 of 279\n\nAll apps within the profile will be able to access the certificate chain and use the private key,\r\ngiven direct user approval (if the user is allowed to select the private key).\r\nboolean\r\ninstallKeyPair(ComponentName admin, PrivateKey privKey, Certificate[] certs, String\r\nalias, boolean requestAccess)\r\nThis API can be called by the following to install a certificate chain and corresponding private\r\nkey for the leaf certificate:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES\r\npermission\r\nAll apps within the profile will be able to access the certificate chain and use the private key,\r\ngiven direct user approval.\r\nboolean\r\ninstallKeyPair(ComponentName admin, PrivateKey privKey, Certificate cert, String\r\nalias)\r\nThis API can be called by the following to install a certificate and corresponding private key:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES\r\npermission\r\nAll apps within the profile will be able to access the certificate and use the private key, given\r\ndirect user approval.\r\nvoid\r\ninstallSystemUpdate(ComponentName admin, Uri updateFilePath, Executor executor,\r\nDevicePolicyManager.InstallSystemUpdateCallback callback)\r\nCalled by device owner or profile owner of an organization-owned managed profile to install a\r\nsystem update from the given file.\r\nboolean\r\nisActivePasswordSufficient()\r\nDetermines whether the calling user's current password meets policy requirements (e.g. quality,\r\nminimum length).\r\nboolean isActivePasswordSufficientForDeviceRequirement()\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 37 of 279\n\nCalled by profile owner of a managed profile to determine whether the current device password\r\nmeets policy requirements set explicitly device-wide.\r\nboolean\r\nisAdminActive(ComponentName admin)\r\nReturn true if the given administrator component is currently active (enabled) in the system.\r\nboolean\r\nisAffiliatedUser()\r\nReturns whether this user is affiliated with the device.\r\nboolean\r\nisAlwaysOnVpnLockdownEnabled(ComponentName admin)\r\nCalled by device or profile owner to query whether current always-on VPN is configured in\r\nlockdown mode.\r\nboolean\r\nisApplicationHidden(ComponentName admin, String packageName)\r\nDetermine if a package is hidden.\r\nboolean\r\nisBackupServiceEnabled(ComponentName admin)\r\nReturn whether the backup service is enabled by the device owner or profile owner for the\r\ncurrent user, as previously set by setBackupServiceEnabled(ComponentName,boolean) .\r\nboolean\r\nisCallerApplicationRestrictionsManagingPackage()\r\nThis method was deprecated in API level 26. From Build.VERSION_CODES.O . Use\r\ngetDelegatedScopes(ComponentName, String) instead.\r\nboolean\r\nisCommonCriteriaModeEnabled(ComponentName admin)\r\nReturns whether Common Criteria mode is currently enabled.\r\nboolean\r\nisComplianceAcknowledgementRequired()\r\nCalled by a profile owner of an organization-owned managed profile to query whether it needs\r\nto acknowledge device compliance to allow the user to turn the profile off if needed according\r\nto the maximum profile time off policy.\r\nboolean\r\nisDeviceFinanced()\r\nReturns true if this device is marked as a financed device.\r\nboolean isDeviceIdAttestationSupported()\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 38 of 279\n\nReturns true if the device supports attestation of device identifiers in addition to key\r\nattestation.\r\nboolean\r\nisDeviceOwnerApp(String packageName)\r\nUsed to determine if a particular package has been registered as a Device Owner app.\r\nboolean\r\nisEphemeralUser(ComponentName admin)\r\nChecks if the profile owner is running in an ephemeral user.\r\nboolean\r\nisKeyPairGrantedToWifiAuth(String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been\r\ndelegated the DELEGATION_CERT_SELECTION privilege), to query whether a KeyChain key pair\r\ncan be used for authentication to Wifi networks.\r\nboolean\r\nisLockTaskPermitted(String pkg)\r\nThis function lets the caller know whether the given component is allowed to start the lock task\r\nmode.\r\nboolean\r\nisLogoutEnabled()\r\nReturns whether logout is enabled by a device owner.\r\nboolean\r\nisManagedProfile(ComponentName admin)\r\nReturn if this user is a managed profile of another user.\r\nboolean\r\nisMasterVolumeMuted(ComponentName admin)\r\nCalled by profile or device owners to check whether the global volume mute is on or off.\r\nstatic boolean\r\nisMtePolicyEnforced()\r\nGet the current MTE state of the device.\r\nboolean\r\nisNetworkLoggingEnabled(ComponentName admin)\r\nReturn whether network logging is enabled by a device owner or profile owner of a managed\r\nprofile.\r\nboolean isOrganizationOwnedDeviceWithManagedProfile()\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 39 of 279\n\nApps can use this method to find out if the device was provisioned as organization-owend\r\ndevice with a managed profile.\r\nboolean\r\nisOverrideApnEnabled(ComponentName admin)\r\nCalled by device owner to check if override APNs are currently enabled.\r\nboolean\r\nisPackageSuspended(ComponentName admin, String packageName)\r\nDetermine if a package is suspended.\r\nboolean\r\nisPreferentialNetworkServiceEnabled()\r\nIndicates whether preferential network service is enabled.\r\nboolean\r\nisProfileOwnerApp(String packageName)\r\nUsed to determine if a particular package is registered as the profile owner for the user.\r\nboolean\r\nisProvisioningAllowed(String action)\r\nReturns whether it is possible for the caller to initiate provisioning of a managed profile or\r\ndevice, setting itself as the device or profile owner.\r\nboolean\r\nisResetPasswordTokenActive(ComponentName admin)\r\nCalled by a profile, device owner or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_RESET_PASSWORD to check if the current reset\r\npassword token is active.\r\nboolean\r\nisSafeOperation(int reason)\r\nChecks if it's safe to run operations that can be affected by the given reason .\r\nboolean\r\nisSecurityLoggingEnabled(ComponentName admin)\r\nReturn whether security logging is enabled or not by the admin.\r\nboolean\r\nisStatusBarDisabled()\r\nReturns whether the status bar is disabled/enabled, see setStatusBarDisabled(ComponentName,\r\nboolean) .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 40 of 279\n\nboolean\r\nisUninstallBlocked(ComponentName admin, String packageName)\r\nCheck whether the user has been blocked by device policy from uninstalling a package.\r\nboolean\r\nisUniqueDeviceAttestationSupported()\r\nReturns true if the StrongBox Keymaster implementation on the device was provisioned with\r\nan individual attestation certificate and can sign attestation records using it (as attestation using\r\nan individual attestation certificate is a feature only Keymaster implementations with\r\nStrongBox security level can implement).\r\nboolean\r\nisUsbDataSignalingEnabled()\r\nReturns whether USB data signaling is currently enabled.\r\nboolean\r\nisUsingUnifiedPassword(ComponentName admin)\r\nWhen called by a profile owner of a managed profile returns true if the profile uses unified\r\nchallenge with its parent user.\r\nList\u003cUserHandle\u003e\r\nlistForegroundAffiliatedUsers()\r\nGets the list of affiliated users running on foreground.\r\nvoid\r\nlockNow()\r\nMake the device lock immediately, as if the lock screen timeout has expired at the point of this\r\ncall.\r\nvoid\r\nlockNow(int flags)\r\nMake the device lock immediately, as if the lock screen timeout has expired at the point of this\r\ncall.\r\nint\r\nlogoutUser(ComponentName admin)\r\nCalled by a profile owner of secondary user that is affiliated with the device to stop the calling\r\nuser and switch back to primary user (when the user was\r\nswitchUser(ComponentName,UserHandle) switched to) or stop the user (when it was started\r\nin background .\r\nvoid\r\nreboot(ComponentName admin)\r\nCalled by device owner to reboot the device.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 41 of 279\n\nvoid\r\nremoveActiveAdmin(ComponentName admin)\r\nRemove a current administration component.\r\nboolean\r\nremoveCrossProfileWidgetProvider(ComponentName admin, String packageName)\r\nThis method was deprecated in API level 37. While this API still works to mutate the current\r\nallowlist, please consider switching to setCrossProfileWidgetProviders(Set) for better\r\nperformance.\r\nboolean\r\nremoveKeyPair(ComponentName admin, String alias)\r\nThis API can be called by the following to remove a certificate and private key pair installed\r\nunder a given alias:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API.\r\nboolean\r\nremoveOverrideApn(ComponentName admin, int apnId)\r\nCalled by device owner or managed profile owner to remove an override APN.\r\nboolean\r\nremoveUser(ComponentName admin, UserHandle userHandle)\r\nCalled by a device owner to remove a user/profile and all associated data.\r\nboolean\r\nrequestBugreport(ComponentName admin)\r\nCalled by a device owner to request a bugreport.\r\nboolean\r\nresetPassword(String password, int flags)\r\nThis method was deprecated in API level 30. Please use\r\nresetPasswordWithToken(ComponentName, String, byte, int) instead.\r\nboolean\r\nresetPasswordWithToken(ComponentName admin, String password, byte[] token, int\r\nflags)\r\nCalled by device or profile owner to force set a new device unlock password or a managed\r\nprofile challenge on current user.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 42 of 279\n\nList\u003cNetwork\r\nEvent\u003e\r\nretrieveNetworkLogs(ComponentName admin, long batchToken)\r\nCalled by device owner, profile owner of a managed profile or delegated app with\r\nDELEGATION_NETWORK_LOGGING to retrieve the most recent batch of network logging events.\r\nList\u003cSecurityLog.\r\nSecurityEvent\u003e\r\nretrievePreRebootSecurityLogs(ComponentName admin)\r\nCalled by device owner or profile owner of an organization-owned managed profile to retrieve\r\ndevice logs from before the device's last reboot.\r\nList\u003cSecurityLog.\r\nSecurityEvent\u003e\r\nretrieveSecurityLogs(ComponentName admin)\r\nCalled by device owner or profile owner of an organization-owned managed profile to retrieve\r\nall new security logging entries since the last call to this API after device boots.\r\nboolean\r\nrevokeKeyPairFromApp(ComponentName admin, String alias, String packageName)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been\r\ndelegated the DELEGATION_CERT_SELECTION privilege), to revoke an application's grant to a\r\nKeyChain key pair.\r\nboolean\r\nrevokeKeyPairFromWifiAuth(String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been\r\ndelegated the DELEGATION_CERT_SELECTION privilege), to deny using a KeyChain key pair for\r\nauthentication to Wifi networks.\r\nvoid\r\nsetAccountManagementDisabled(ComponentName admin, String accountType, boolean\r\ndisabled)\r\nCalled by a device owner or profile owner to disable account management for a specific type of\r\naccount.\r\nvoid\r\nsetAffiliationIds(ComponentName admin, Set\u003cString\u003e ids)\r\nIndicates the entity that controls the device.\r\nvoid\r\nsetAlwaysOnVpnPackage(ComponentName admin, String vpnPackage, boolean lockdown\r\nEnabled)\r\nCalled by a device or profile owner to configure an always-on VPN connection through a\r\nspecific application for the current user.\r\nvoid setAlwaysOnVpnPackage(ComponentName admin, String vpnPackage, boolean lockdown\r\nEnabled, Set\u003cString\u003e lockdownAllowlist)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 43 of 279\n\nA version of setAlwaysOnVpnPackage(ComponentName,String,boolean) that allows the admin\r\nto specify a set of apps that should be able to access the network directly when VPN is not\r\nconnected.\r\nvoid\r\nsetAppFunctionsPolicy(int policy)\r\nSets the AppFunctionManager policy which controls app functions operations on the device.\r\nboolean\r\nsetApplicationHidden(ComponentName admin, String packageName, boolean hidden)\r\nHide or unhide packages.\r\nvoid\r\nsetApplicationRestrictions(ComponentName admin, String packageName, Bundle\r\nsettings)\r\nSets the application restrictions for a given target application running in the calling user.\r\nvoid\r\nsetApplicationRestrictionsManagingPackage(ComponentName admin, String packageName)\r\nThis method was deprecated in API level 26. From Build.VERSION_CODES.O . Use\r\nsetDelegatedScopes(ComponentName, String, List) with the\r\nDELEGATION_APP_RESTRICTIONS scope instead.\r\nvoid\r\nsetAutoTimeEnabled(ComponentName admin, boolean enabled)\r\nCalled by a device owner, a profile owner for the primary user or a profile owner of an\r\norganization-owned managed profile to turn auto time on and off.\r\nvoid\r\nsetAutoTimePolicy(int policy)\r\nCalled by a device owner, a profile owner for the primary user or a profile owner of an\r\norganization-owned managed profile to turn auto time on and off i.e.\r\nvoid\r\nsetAutoTimeRequired(ComponentName admin, boolean required)\r\nThis method was deprecated in API level 30. From Build.VERSION_CODES.R . Use\r\nsetAutoTimeEnabled(ComponentName, boolean) to turn auto time on or off and use\r\nUserManager.DISALLOW_CONFIG_DATE_TIME to prevent the user from changing this setting.\r\nvoid\r\nsetAutoTimeZoneEnabled(ComponentName admin, boolean enabled)\r\nCalled by a device owner, a profile owner for the primary user or a profile owner of an\r\norganization-owned managed profile to turn auto time zone on and off.\r\nvoid setAutoTimeZonePolicy(int policy)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 44 of 279\n\nCalled by a device owner, a profile owner for the primary user or a profile owner of an\r\norganization-owned managed profile to turn auto time zone on and off.\r\nvoid\r\nsetBackupServiceEnabled(ComponentName admin, boolean enabled)\r\nAllows the device owner or profile owner to enable or disable the backup service.\r\nvoid\r\nsetBluetoothContactSharingDisabled(ComponentName admin, boolean disabled)\r\nCalled by a profile owner of a managed profile to set whether bluetooth devices can access\r\nenterprise contacts.\r\nvoid\r\nsetCameraDisabled(ComponentName admin, boolean disabled)\r\nCalled by an application that is administering the device to disable all cameras on the device,\r\nfor this user.\r\nvoid\r\nsetCertInstallerPackage(ComponentName admin, String installerPackage)\r\nThis method was deprecated in API level 26. From Build.VERSION_CODES.O . Use\r\nsetDelegatedScopes(ComponentName, String, List) with the DELEGATION_CERT_INSTALL\r\nscope instead.\r\nvoid\r\nsetCommonCriteriaModeEnabled(ComponentName admin, boolean enabled)\r\nCalled by device owner or profile owner of an organization-owned managed profile to toggle\r\nCommon Criteria mode for the device.\r\nvoid\r\nsetConfiguredNetworksLockdownState(ComponentName admin, boolean lockdown)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to\r\ncontrol whether the user can change networks configured by the admin.\r\nvoid\r\nsetContentProtectionPolicy(ComponentName admin, int policy)\r\nSets the content protection policy which controls scanning for deceptive apps.\r\nvoid\r\nsetCredentialManagerPolicy(PackagePolicy policy)\r\nCalled by a device owner or profile owner of a managed profile to set the credential manager\r\npolicy.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 45 of 279\n\nvoid\r\nsetCrossProfileCalendarPackages(ComponentName admin, Set\u003cString\u003e packageNames)\r\nThis method was deprecated in API level 34. Use\r\nsetCrossProfilePackages(ComponentName,Set) .\r\nvoid\r\nsetCrossProfileCallerIdDisabled(ComponentName admin, boolean disabled)\r\nThis method was deprecated in API level 34. starting with\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE , use\r\nsetManagedProfileCallerIdAccessPolicy(PackagePolicy) instead\r\nvoid\r\nsetCrossProfileContactsSearchDisabled(ComponentName admin, boolean disabled)\r\nThis method was deprecated in API level 34. From Build.VERSION_CODES.UPSIDE_DOWN_CAKE\r\nuse setManagedProfileContactsAccessPolicy(PackagePolicy)\r\nvoid\r\nsetCrossProfilePackages(ComponentName admin, Set\u003cString\u003e packageNames)\r\nSets the set of admin-allowlisted package names that are allowed to request user consent for\r\ncross-profile communication.\r\nvoid\r\nsetCrossProfileWidgetProviders(Set\u003cString\u003e packageNames)\r\nCalled by the profile owner of a managed profile or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION to enable widget\r\nproviders from packages to be available in the parent profile.\r\nvoid\r\nsetDefaultDialerApplication(String packageName)\r\nMust be called by a device owner or a profile owner of an organization-owned managed profile\r\nto set the default dialer application for the calling user.\r\nvoid\r\nsetDefaultSmsApplication(ComponentName admin, String packageName)\r\nMust be called by a device owner or a profile owner of an organization-owned managed profile\r\nto set the default SMS application.\r\nvoid\r\nsetDelegatedScopes(ComponentName admin, String delegatePackage, List\u003cString\u003e\r\nscopes)\r\nCalled by a profile owner or device owner to grant access to privileged APIs to another app.\r\nvoid\r\nsetDeviceOwnerLockScreenInfo(ComponentName admin, CharSequence info)\r\nSets the device owner information to be shown on the lock screen.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 46 of 279\n\nvoid\r\nsetEndUserSessionMessage(ComponentName admin, CharSequence endUserSessionMessage)\r\nCalled by a device owner to specify the user session end message.\r\nvoid\r\nsetFactoryResetProtectionPolicy(ComponentName admin, FactoryResetProtectionPolicy\r\npolicy)\r\nCallable by device owner or profile owner of an organization-owned device, to set a factory\r\nreset protection (FRP) policy.\r\nint\r\nsetGlobalPrivateDnsModeOpportunistic(ComponentName admin)\r\nSets the global Private DNS mode to opportunistic.\r\nint\r\nsetGlobalPrivateDnsModeSpecifiedHost(ComponentName admin, String privateDnsHost)\r\nSets the global Private DNS host to be used.\r\nvoid\r\nsetGlobalSetting(ComponentName admin, String setting, String value)\r\nThis method is mostly deprecated.\r\nvoid\r\nsetKeepUninstalledPackages(ComponentName admin, List\u003cString\u003e packageNames)\r\nSet a list of apps to keep around as APKs even if no user has currently installed it.\r\nboolean\r\nsetKeyPairCertificate(ComponentName admin, String alias, List\u003cCertificate\u003e certs,\r\nboolean isUserSelectable)\r\nThis API can be called by the following to associate certificates with a key pair that was\r\ngenerated using generateKeyPair(ComponentName, String, KeyGenParameterSpec, int) , and\r\nset whether the key is available for the user to choose in the certificate selection prompt:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API.\r\nboolean\r\nsetKeyguardDisabled(ComponentName admin, boolean disabled)\r\nCalled by a device owner or profile owner of secondary users that is affiliated with the device\r\nto disable the keyguard altogether.\r\nvoid setKeyguardDisabledFeatures(ComponentName admin, int which)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 47 of 279\n\nCalled by an application that is administering the device to disable keyguard customizations,\r\nsuch as widgets.\r\nvoid\r\nsetLocationEnabled(ComponentName admin, boolean locationEnabled)\r\nCalled by device owners to set the user's global location setting.\r\nvoid\r\nsetLockTaskFeatures(ComponentName admin, int flags)\r\nSets which system features are enabled when the device runs in lock task mode.\r\nvoid\r\nsetLockTaskPackages(ComponentName admin, String[] packages)\r\nSets which packages may enter lock task mode.\r\nvoid\r\nsetLogoutEnabled(ComponentName admin, boolean enabled)\r\nCalled by a device owner to specify whether logout is enabled for all secondary users.\r\nvoid\r\nsetLongSupportMessage(ComponentName admin, CharSequence message)\r\nCalled by a device admin to set the long support message.\r\nvoid\r\nsetManagedProfileCallerIdAccessPolicy(PackagePolicy policy)\r\nCalled by a profile owner of a managed profile to set the packages that are allowed to lookup\r\ncontacts in the managed profile based on caller id information.\r\nvoid\r\nsetManagedProfileContactsAccessPolicy(PackagePolicy policy)\r\nCalled by a profile owner of a managed profile to set the packages that are allowed access to\r\nthe managed profile contacts from the parent user.\r\nvoid\r\nsetManagedProfileMaximumTimeOff(ComponentName admin, long timeoutMillis)\r\nCalled by a profile owner of an organization-owned managed profile to set maximum time the\r\nprofile is allowed to be turned off.\r\nvoid\r\nsetManagedSubscriptionsPolicy(ManagedSubscriptionsPolicy policy)\r\nCalled by a profile owner of an organization-owned device to specify\r\nManagedSubscriptionsPolicy\r\nManaged subscriptions policy controls how SIMs would be associated with the managed\r\nprofile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 48 of 279\n\nvoid\r\nsetMasterVolumeMuted(ComponentName admin, boolean on)\r\nCalled by profile or device owners to set the global volume mute on or off.\r\nvoid\r\nsetMaximumFailedPasswordsForWipe(ComponentName admin, int num)\r\nSetting this to a value greater than zero enables a policy that will perform a device or profile\r\nwipe after too many incorrect device-unlock passwords have been entered.\r\nvoid\r\nsetMaximumTimeToLock(ComponentName admin, long timeMs)\r\nCalled by an application that is administering the device to set the maximum time for user\r\nactivity until the device will lock.\r\nList\u003cString\u003e\r\nsetMeteredDataDisabledPackages(ComponentName admin, List\u003cString\u003e packageNames)\r\nCalled by a device or profile owner to restrict packages from using metered data.\r\nvoid\r\nsetMinimumRequiredWifiSecurityLevel(int level)\r\nCalled by device owner or profile owner of an organization-owned managed profile to specify\r\nthe minimum security level required for Wi-Fi networks.\r\nvoid\r\nsetMtePolicy(int policy)\r\nCalled by a device owner, profile owner of an organization-owned device, to set the Memory\r\nTagging Extension (MTE) policy.\r\nvoid\r\nsetNearbyAppStreamingPolicy(int policy)\r\nCalled by a device/profile owner to set nearby app streaming policy.\r\nvoid\r\nsetNearbyNotificationStreamingPolicy(int policy)\r\nCalled by a device/profile owner to set nearby notification streaming policy.\r\nvoid\r\nsetNetworkLoggingEnabled(ComponentName admin, boolean enabled)\r\nCalled by a device owner, profile owner of a managed profile or delegated app with\r\nDELEGATION_NETWORK_LOGGING to control the network logging feature.\r\nvoid\r\nsetOrganizationColor(ComponentName admin, int color)\r\nThis method was deprecated in API level 31. From Build.VERSION_CODES.R , the organization\r\ncolor is never used as the background color of the confirm credentials screen.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 49 of 279\n\nvoid\r\nsetOrganizationId(String enterpriseId)\r\nSets the Enterprise ID for the work profile or managed device.\r\nvoid\r\nsetOrganizationName(ComponentName admin, CharSequence title)\r\nCalled by the device owner (since API 26) or profile owner (since API 24) to set the name of\r\nthe organization under management.\r\nvoid\r\nsetOverrideApnsEnabled(ComponentName admin, boolean enabled)\r\nCalled by device owner to set if override APNs should be enabled.\r\nString[]\r\nsetPackagesSuspended(ComponentName admin, String[] packageNames, boolean suspended)\r\nCalled by device or profile owners to suspend packages for this user.\r\nvoid\r\nsetPasswordExpirationTimeout(ComponentName admin, long timeout)\r\nCalled by a device admin to set the password expiration timeout.\r\nvoid\r\nsetPasswordHistoryLength(ComponentName admin, int length)\r\nCalled by an application that is administering the device to set the length of the password\r\nhistory.\r\nvoid\r\nsetPasswordMinimumLength(ComponentName admin, int length)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nvoid\r\nsetPasswordMinimumLetters(ComponentName admin, int length)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nvoid\r\nsetPasswordMinimumLowerCase(ComponentName admin, int length)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nvoid\r\nsetPasswordMinimumNonLetter(ComponentName admin, int length)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 50 of 279\n\nvoid\r\nsetPasswordMinimumNumeric(ComponentName admin, int length)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nvoid\r\nsetPasswordMinimumSymbols(ComponentName admin, int length)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nvoid\r\nsetPasswordMinimumUpperCase(ComponentName admin, int length)\r\nThis method was deprecated in API level 31. see setPasswordQuality(ComponentName,int)\r\nfor details.\r\nvoid\r\nsetPasswordQuality(ComponentName admin, int quality)\r\nThis method was deprecated in API level 31. Prefer using\r\nsetRequiredPasswordComplexity(int) , to require a password that satisfies a complexity level\r\ndefined by the platform, rather than specifying custom password requirement. Setting custom,\r\noverly-complicated password requirements leads to passwords that are hard for users to\r\nremember and may not provide any security benefits given as Android uses hardware-backed\r\nthrottling to thwart online and offline brute-forcing of the device's screen lock. Company-owned\r\ndevices (fully-managed and organization-owned managed profile devices) are able to continue\r\nusing this method, though it is recommended that setRequiredPasswordComplexity(int)\r\nshould be used instead.\r\nboolean\r\nsetPermissionGrantState(ComponentName admin, String packageName, String permission,\r\nint grantState)\r\nSets the grant state of a runtime permission for a specific application.\r\nvoid\r\nsetPermissionPolicy(ComponentName admin, int policy)\r\nSet the default response for future runtime permission requests by applications.\r\nboolean\r\nsetPermittedAccessibilityServices(ComponentName admin, List\u003cString\u003e packageNames)\r\nCalled by a profile or device owner to set the permitted AccessibilityService .\r\nboolean setPermittedCrossProfileNotificationListeners(ComponentName admin, List\u003cString\u003e\r\npackageList)\r\nCalled by a profile owner of a managed profile to set the packages that are allowed to use a\r\nNotificationListenerService in the primary user to see notifications from the managed\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 51 of 279\n\nprofile.\r\nboolean\r\nsetPermittedInputMethods(ComponentName admin, List\u003cString\u003e packageNames)\r\nCalled by a profile or device owner or holder of the\r\nManifest.permission.MANAGE_DEVICE_POLICY_INPUT_METHODS permission to set the permitted\r\ninput methods services for this user.\r\nvoid\r\nsetPersonalAppsSuspended(ComponentName admin, boolean suspended)\r\nCalled by a profile owner of an organization-owned managed profile to suspend personal apps\r\non the device.\r\nvoid\r\nsetPreferentialNetworkServiceConfigs(List\u003cPreferentialNetworkServiceConfig\u003e\r\npreferentialNetworkServiceConfigs)\r\nSets preferential network configurations.\r\nvoid\r\nsetPreferentialNetworkServiceEnabled(boolean enabled)\r\nSets whether preferential network service is enabled.\r\nvoid\r\nsetProfileEnabled(ComponentName admin)\r\nSets the enabled state of the profile.\r\nvoid\r\nsetProfileName(ComponentName admin, String profileName)\r\nSets the name of the profile.\r\nvoid\r\nsetRecommendedGlobalProxy(ComponentName admin, ProxyInfo proxyInfo)\r\nSet a network-independent global HTTP proxy.\r\nvoid\r\nsetRequiredPasswordComplexity(int passwordComplexity)\r\nSets a minimum password complexity requirement for the user's screen lock.\r\nvoid\r\nsetRequiredStrongAuthTimeout(ComponentName admin, long timeoutMs)\r\nCalled by a device/profile owner to set the timeout after which unlocking with secondary, non\r\nstrong auth (e.g. fingerprint, face, trust agents) times out, i.e.\r\nboolean setResetPasswordToken(ComponentName admin, byte[] token)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 52 of 279\n\nCalled by a profile or device owner to provision a token which can later be used to reset the\r\ndevice lockscreen password (if called by device owner), or managed profile challenge (if called\r\nby profile owner), via resetPasswordWithToken(ComponentName, String, byte, int) .\r\nvoid\r\nsetRestrictionsProvider(ComponentName admin, ComponentName provider)\r\nDesignates a specific service component as the provider for making permission requests of a\r\nlocal or remote administrator of the user.\r\nvoid\r\nsetScreenCaptureDisabled(ComponentName admin, boolean disabled)\r\nCalled by a device/profile owner to set whether the screen capture is disabled.\r\nvoid\r\nsetSecureSetting(ComponentName admin, String setting, String value)\r\nThis method is mostly deprecated.\r\nvoid\r\nsetSecurityLoggingEnabled(ComponentName admin, boolean enabled)\r\nCalled by device owner or a profile owner of an organization-owned managed profile to control\r\nthe security logging feature.\r\nvoid\r\nsetShortSupportMessage(ComponentName admin, CharSequence message)\r\nCalled by a device admin to set the short support message.\r\nvoid\r\nsetStartUserSessionMessage(ComponentName admin, CharSequence startUserSession\r\nMessage)\r\nCalled by a device owner to specify the user session start message.\r\nboolean\r\nsetStatusBarDisabled(ComponentName admin, boolean disabled)\r\nCalled by device owner or profile owner of secondary users that is affiliated with the device to\r\ndisable the status bar.\r\nint setStorageEncryption(ComponentName admin, boolean encrypt)\r\nThis method was deprecated in API level 30. This method does not actually modify the storage\r\nencryption of the device. It has never affected the encryption status of a device. Called by an\r\napplication that is administering the device to request that the storage system be encrypted.\r\nDoes nothing if the caller is on a secondary user or a managed profile.\r\nWhen multiple device administrators attempt to control device encryption, the most secure,\r\nsupported setting will always be used. If any device administrator requests device encryption, it\r\nwill be enabled; Conversely, if a device administrator attempts to disable device encryption\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 53 of 279\n\nwhile another device administrator has enabled it, the call to disable will fail (most commonly\r\nreturning ENCRYPTION_STATUS_ACTIVE ).\r\nThis policy controls encryption of the secure (application data) storage area. Data written to\r\nother storage areas may or may not be encrypted, and this policy does not require or control\r\nthe encryption of any other storage areas. There is one exception: If\r\nEnvironment.isExternalStorageEmulated() is true , then the directory returned by\r\nEnvironment.getExternalStorageDirectory() must be written to disk within the encrypted\r\nstorage area.\r\nImportant Note: On some devices, it is possible to encrypt storage without requiring the user to\r\ncreate a device PIN or Password. In this case, the storage is encrypted, but the encryption key\r\nmay not be fully secured. For maximum security, the administrator should also require (and\r\ncheck for) a pattern, PIN, or password.\r\nvoid\r\nsetSystemSetting(ComponentName admin, String setting, String value)\r\nCalled by a device or profile owner to update Settings.System settings.\r\nvoid\r\nsetSystemUpdatePolicy(ComponentName admin, SystemUpdatePolicy policy)\r\nCalled by device owners or profile owners of an organization-owned managed profile to set a\r\nlocal system update policy.\r\nboolean\r\nsetTime(ComponentName admin, long millis)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to set\r\nthe system wall clock time.\r\nboolean\r\nsetTimeZone(ComponentName admin, String timeZone)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to set\r\nthe system's persistent default time zone.\r\nvoid\r\nsetTrustAgentConfiguration(ComponentName admin, ComponentName target, Persistable\r\nBundle configuration)\r\nSets a list of configuration features to enable for a trust agent component.\r\nvoid\r\nsetUninstallBlocked(ComponentName admin, String packageName, boolean uninstall\r\nBlocked)\r\nChange whether a user can uninstall a package.\r\nvoid setUsbDataSignalingEnabled(boolean enabled)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 54 of 279\n\nCalled by a device owner or profile owner of an organization-owned managed profile to enable\r\nor disable USB data signaling for the device.\r\nvoid\r\nsetUserControlDisabledPackages(ComponentName admin, List\u003cString\u003e packages)\r\nCalled by a device owner or a profile owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL to disable user control over apps.\r\nvoid\r\nsetUserIcon(ComponentName admin, Bitmap icon)\r\nCalled by profile or device owners to set the user's photo.\r\nvoid\r\nsetWifiSsidPolicy(WifiSsidPolicy policy)\r\nCalled by device owner or profile owner of an organization-owned managed profile to specify\r\nthe Wi-Fi SSID policy ( WifiSsidPolicy ).\r\nint\r\nstartUserInBackground(ComponentName admin, UserHandle userHandle)\r\nCalled by a device owner to start the specified secondary user in background.\r\nint\r\nstopUser(ComponentName admin, UserHandle userHandle)\r\nCalled by a device owner to stop the specified secondary user.\r\nboolean\r\nswitchUser(ComponentName admin, UserHandle userHandle)\r\nCalled by a device owner to switch the specified secondary user to the foreground.\r\nvoid\r\ntransferOwnership(ComponentName admin, ComponentName target, PersistableBundle\r\nbundle)\r\nChanges the current administrator to another one.\r\nvoid\r\nuninstallAllUserCaCerts(ComponentName admin)\r\nUninstalls all custom trusted CA certificates from the profile.\r\nvoid\r\nuninstallCaCert(ComponentName admin, byte[] certBuffer)\r\nUninstalls the given certificate from trusted user CAs, if present.\r\nboolean\r\nupdateOverrideApn(ComponentName admin, int apnId, ApnSetting apnSetting)\r\nCalled by device owner or managed profile owner to update an override APN.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 55 of 279\n\nvoid\r\nwipeData(int flags, CharSequence reason)\r\nAsk that all user data be wiped.\r\nvoid\r\nwipeData(int flags)\r\nSee wipeData(int,CharSequence)\r\nvoid\r\nwipeDevice(int flags)\r\nAsk that the device be wiped and factory reset.\r\nInherited methods\r\nFrom class java.lang.Object\r\nObject\r\nclone()\r\nCreates and returns a copy of this object.\r\nboolean\r\nequals(Object obj)\r\nIndicates whether some other object is \"equal to\" this one.\r\nvoid\r\nfinalize()\r\nCalled by the garbage collector on an object when garbage collection determines that there\r\nare no more references to the object.\r\nfinal\r\nClass\u003c?\u003e\r\ngetClass()\r\nReturns the runtime class of this Object .\r\nint\r\nhashCode()\r\nReturns a hash code value for the object.\r\nfinal void\r\nnotify()\r\nWakes up a single thread that is waiting on this object's monitor.\r\nfinal void\r\nnotifyAll()\r\nWakes up all threads that are waiting on this object's monitor.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 56 of 279\n\nString\r\ntoString()\r\nReturns a string representation of the object.\r\nfinal void\r\nwait(long timeoutMillis, int nanos)\r\nCauses the current thread to wait until it is awakened, typically by being notified or\r\ninterrupted, or until a certain amount of real time has elapsed.\r\nfinal void\r\nwait(long timeoutMillis)\r\nCauses the current thread to wait until it is awakened, typically by being notified or\r\ninterrupted, or until a certain amount of real time has elapsed.\r\nfinal void\r\nwait()\r\nCauses the current thread to wait until it is awakened, typically by being notified or\r\ninterrupted.\r\nConstants\r\nACTION_ADD_DEVICE_ADMIN\r\npublic static final String ACTION_ADD_DEVICE_ADMIN\r\nActivity action: ask the user to add a new device administrator to the system. The desired policy is the ComponentName\r\nof the policy in the EXTRA_DEVICE_ADMIN extra field. This will invoke a UI to bring the user through adding the device\r\nadministrator to the system (or allowing them to reject it).\r\nYou can optionally include the EXTRA_ADD_EXPLANATION field to provide the user with additional explanation (in\r\naddition to your component's description) about what is being added.\r\nIf your administrator is already active, this will ordinarily return immediately (without user intervention). However, if\r\nyour administrator has been updated and is requesting additional uses-policy flags, the user will be presented with the\r\nnew list. New policies will not be available to the updated administrator until the user has accepted the new list.\r\nConstant Value: \"android.app.action.ADD_DEVICE_ADMIN\"\r\nACTION_ADMIN_POLICY_COMPLIANCE\r\npublic static final String ACTION_ADMIN_POLICY_COMPLIANCE\r\nActivity action: Starts the administrator to show policy compliance for the provisioning. This action is used any time\r\nthat the administrator has an opportunity to show policy compliance before the end of setup wizard. This could happen\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 57 of 279\n\nas part of the admin-integrated provisioning flow (in which case this gets sent after ACTION_GET_PROVISIONING_MODE ),\r\nor it could happen during provisioning finalization if the administrator supports finalization during setup wizard.\r\nIntents with this action may also be supplied with the EXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE extra.\r\nConstant Value: \"android.app.action.ADMIN_POLICY_COMPLIANCE\"\r\nACTION_APPLICATION_DELEGATION_SCOPES_CHANGED\r\npublic static final String ACTION_APPLICATION_DELEGATION_SCOPES_CHANGED\r\nBroadcast Action: Sent after application delegation scopes are changed. The new delegation scopes will be sent in an\r\nArrayList\u003cString\u003e extra identified by the EXTRA_DELEGATION_SCOPES key.\r\nNote: This is a protected intent that can only be sent by the system.\r\nConstant Value: \"android.app.action.APPLICATION_DELEGATION_SCOPES_CHANGED\"\r\nACTION_CHECK_POLICY_COMPLIANCE\r\npublic static final String ACTION_CHECK_POLICY_COMPLIANCE\r\nActivity action: launch the DPC to check policy compliance. This intent is launched when the user taps on the\r\nnotification about personal apps suspension. When handling this intent the DPC must check if personal apps should still\r\nbe suspended and either unsuspend them or instruct the user on how to resolve the noncompliance causing the\r\nsuspension.\r\nConstant Value: \"android.app.action.CHECK_POLICY_COMPLIANCE\"\r\nACTION_DEVICE_ADMIN_SERVICE\r\npublic static final String ACTION_DEVICE_ADMIN_SERVICE\r\nService action: Action for a service that device owner and profile owner can optionally own. If a device owner or a\r\nprofile owner has such a service, the system tries to keep a bound connection to it, in order to keep their process always\r\nrunning. The service must be protected with the Manifest.permission.BIND_DEVICE_ADMIN permission.\r\nConstant Value: \"android.app.action.DEVICE_ADMIN_SERVICE\"\r\nACTION_DEVICE_FINANCING_STATE_CHANGED\r\npublic static final String ACTION_DEVICE_FINANCING_STATE_CHANGED\r\nBroadcast Action: Broadcast sent to indicate that the device financing state has changed.\r\nThis occurs when, for example, a financing kiosk app has been added or removed.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 58 of 279\n\nTo query the current device financing state see isDeviceFinanced() .\r\nThis will be delivered to the following apps if they include a receiver for this action in their manifest:\r\nDevice owner admins.\r\nOrganization-owned profile owner admins\r\nThe supervision app\r\nThe device management role holder\r\nConstant Value: \"android.app.admin.action.DEVICE_FINANCING_STATE_CHANGED\"\r\nACTION_MANAGED_PROFILE_PROVISIONED\r\npublic static final String ACTION_MANAGED_PROFILE_PROVISIONED\r\nBroadcast Action: This broadcast is sent to indicate that provisioning of a managed profile has completed successfully.\r\nThe broadcast is limited to the primary profile, to the app specified in the provisioning intent with action\r\nACTION_PROVISION_MANAGED_PROFILE .\r\nThis intent will contain the following extras\r\nIntent.EXTRA_USER , corresponds to the UserHandle of the managed profile.\r\nEXTRA_PROVISIONING_ACCOUNT_TO_MIGRATE , corresponds to the account requested to be migrated at provisioning\r\ntime, if any.\r\nConstant Value: \"android.app.action.MANAGED_PROFILE_PROVISIONED\"\r\nACTION_PROFILE_OWNER_CHANGED\r\npublic static final String ACTION_PROFILE_OWNER_CHANGED\r\nBroadcast action: sent when the profile owner is set, changed or cleared. This broadcast is sent only to the user managed\r\nby the new profile owner.\r\nConstant Value: \"android.app.action.PROFILE_OWNER_CHANGED\"\r\nACTION_PROVISIONING_SUCCESSFUL\r\npublic static final String ACTION_PROVISIONING_SUCCESSFUL\r\nActivity action: This activity action is sent to indicate that provisioning of a managed profile or managed device has\r\ncompleted successfully. It'll be sent at the same time as\r\nDeviceAdminReceiver.ACTION_PROFILE_PROVISIONING_COMPLETE broadcast but this will be delivered faster as it's an\r\nactivity intent.\r\nThe intent is only sent to the new device or profile owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 59 of 279\n\nConstant Value: \"android.app.action.PROVISIONING_SUCCESSFUL\"\r\nACTION_PROVISION_MANAGED_DEVICE\r\npublic static final String ACTION_PROVISION_MANAGED_DEVICE\r\nThis constant was deprecated in API level 31.\r\nto support Build.VERSION_CODES.S and later, admin apps must implement activities with intent filters for the\r\nACTION_GET_PROVISIONING_MODE and ACTION_ADMIN_POLICY_COMPLIANCE intent actions; using\r\nACTION_PROVISION_MANAGED_DEVICE to start provisioning will cause the provisioning to fail; to additionally support\r\npre- Build.VERSION_CODES.S , admin apps must also continue to use this constant.\r\nActivity action: Starts the provisioning flow which sets up a managed device. Must be started with\r\nandroid.app.Activity.startActivityForResult(Intent,int) .\r\nDuring device owner provisioning a device admin app is set as the owner of the device. A device owner has full control\r\nover the device. The device owner can not be modified by the user.\r\nA typical use case would be a device that is owned by a company, but used by either an employee or client.\r\nAn intent with this action can be sent only on an unprovisioned device. It is possible to check if provisioning is allowed\r\nor not by querying the method isProvisioningAllowed(String) .\r\nThe intent contains the following extras:\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME\r\nEXTRA_PROVISIONING_SKIP_ENCRYPTION , optional\r\nEXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED , optional\r\nEXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE , optional\r\nEXTRA_PROVISIONING_LOGO_URI , optional\r\nEXTRA_PROVISIONING_DISCLAIMERS , optional\r\nEXTRA_PROVISIONING_SKIP_EDUCATION_SCREENS , optional\r\nWhen device owner provisioning has completed, an intent of the type\r\nDeviceAdminReceiver.ACTION_PROFILE_PROVISIONING_COMPLETE is broadcast to the device owner.\r\nFrom version Build.VERSION_CODES.O , when device owner provisioning has completed, along with the above\r\nbroadcast, activity intent ACTION_PROVISIONING_SUCCESSFUL will also be sent to the device owner.\r\nIf provisioning fails, the device is factory reset.\r\nA result code of Activity.RESULT_OK implies that the synchronous part of the provisioning flow was successful,\r\nalthough this doesn't guarantee the full flow will succeed. Conversely a result code of Activity.RESULT_CANCELED\r\nimplies that the user backed-out of provisioning, or some precondition for provisioning wasn't met.\r\nConstant Value: \"android.app.action.PROVISION_MANAGED_DEVICE\"\r\nACTION_PROVISION_MANAGED_PROFILE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 60 of 279\n\npublic static final String ACTION_PROVISION_MANAGED_PROFILE\r\nActivity action: Starts the provisioning flow which sets up a managed profile.\r\nIt is possible to check if provisioning is allowed or not by querying the method isProvisioningAllowed(String) .\r\nThe intent may contain the following extras:\r\nExtra\r\nSupported\r\nVersions\r\nEXTRA_\r\nPROVISIONING_\r\nACCOUNT_TO_MIGRATE\r\nEXTRA_\r\nPROVISIONING_SKIP_\r\nENCRYPTION\r\nBuild.\r\nVERSION_\r\nCODES.N +\r\nEXTRA_\r\nPROVISIONING_ADMIN_\r\nEXTRAS_BUNDLE\r\nEXTRA_\r\nPROVISIONING_LOGO_\r\nURI\r\nEXTRA_\r\nPROVISIONING_SKIP_\r\nUSER_CONSENT\r\nCan only be used by an existing device owner trying to create a managed profile\r\nEXTRA_\r\nPROVISIONING_KEEP_\r\nACCOUNT_ON_\r\nMIGRATION\r\nEXTRA_\r\nPROVISIONING_\r\nDISCLAIMERS\r\nEXTRA_\r\nPROVISIONING_\r\nDEVICE_ADMIN_\r\nPACKAGE_NAME\r\nRequired if EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME is\r\nnot specified. Must match the package name of the calling\r\napplication.\r\nBuild.\r\nVERSION_\r\nCODES.\r\nLOLLIPOP +\r\nEXTRA_\r\nPROVISIONING_\r\nRequired if EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME is not\r\nspecified. Package name must match the package name of the\r\ncalling application.\r\nBuild.\r\nVERSION_\r\nCODES.M +\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 61 of 279\n\nExtra\r\nSupported\r\nVersions\r\nDEVICE_ADMIN_\r\nCOMPONENT_NAME\r\nEXTRA_\r\nPROVISIONING_ALLOW_\r\nOFFLINE\r\nOn Build.VERSION_CODES.TIRAMISU +, when set to true this will force offline provisioning\r\ninstead of allowing it\r\nWhen managed provisioning has completed, broadcasts are sent to the application specified in the provisioning intent.\r\nThe DeviceAdminReceiver.ACTION_PROFILE_PROVISIONING_COMPLETE broadcast is sent in the managed profile and the\r\nACTION_MANAGED_PROFILE_PROVISIONED broadcast is sent in the primary profile.\r\nFrom version Build.VERSION_CODES.O , when managed provisioning has completed, along with the above broadcast,\r\nactivity intent ACTION_PROVISIONING_SUCCESSFUL will also be sent to the profile owner.\r\nIf provisioning fails, the managed profile is removed so the device returns to its previous state.\r\nIf launched with android.app.Activity.startActivityForResult(Intent,int) a result code of Activity.RESULT_OK\r\nindicates that the synchronous part of the provisioning flow was successful, although this doesn't guarantee the full flow\r\nwill succeed. Conversely a result code of Activity.RESULT_CANCELED indicates that the user backed-out of\r\nprovisioning or some precondition for provisioning wasn't met.\r\nIf a device policy management role holder updater is present on the device, an internet connection attempt must be\r\nmade prior to launching this intent.\r\nConstant Value: \"android.app.action.PROVISION_MANAGED_PROFILE\"\r\nACTION_SET_NEW_PARENT_PROFILE_PASSWORD\r\npublic static final String ACTION_SET_NEW_PARENT_PROFILE_PASSWORD\r\nActivity action: have the user enter a new password for the parent profile. If the intent is launched from within a\r\nmanaged profile, this will trigger entering a new password for the parent of the profile. The caller can optionally set\r\nEXTRA_DEVICE_PASSWORD_REQUIREMENT_ONLY to only enforce device-wide password requirement. In all other cases the\r\nbehaviour is identical to ACTION_SET_NEW_PASSWORD .\r\nConstant Value: \"android.app.action.SET_NEW_PARENT_PROFILE_PASSWORD\"\r\nACTION_SET_NEW_PASSWORD\r\npublic static final String ACTION_SET_NEW_PASSWORD\r\nActivity action: have the user enter a new password.\r\nFor admin apps, this activity should be launched after using setPasswordQuality(ComponentName,int) , or\r\nsetPasswordMinimumLength(ComponentName,int) to have the user enter a new password that meets the current\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 62 of 279\n\nrequirements. You can use isActivePasswordSufficient() to determine whether you need to have the user select a\r\nnew password in order to meet the current constraints. Upon being resumed from this activity, you can check the new\r\npassword characteristics to see if they are sufficient.\r\nNon-admin apps can use getPasswordComplexity() to check the current screen lock complexity, and use this activity\r\nwith extra EXTRA_PASSWORD_COMPLEXITY to suggest to users how complex the app wants the new screen lock to be.\r\nNote that both getPasswordComplexity() and the extra EXTRA_PASSWORD_COMPLEXITY require the calling app to have\r\nthe permission permission.REQUEST_PASSWORD_COMPLEXITY .\r\nIf the intent is launched from within a managed profile with a profile owner built against Build.VERSION_CODES.M or\r\nbefore, this will trigger entering a new password for the parent of the profile. For all other cases it will trigger entering a\r\nnew password for the user or profile it is launched from.\r\nConstant Value: \"android.app.action.SET_NEW_PASSWORD\"\r\nACTION_START_ENCRYPTION\r\npublic static final String ACTION_START_ENCRYPTION\r\nActivity action: begin the process of encrypting data on the device. This activity should be launched after using\r\nsetStorageEncryption(ComponentName, boolean) to request encryption be activated. After resuming from this\r\nactivity, use getStorageEncryption(ComponentName) to check encryption status. However, on some devices this\r\nactivity may never return, as it may trigger a reboot and in some cases a complete data wipe of the device.\r\nConstant Value: \"android.app.action.START_ENCRYPTION\"\r\nACTION_SYSTEM_UPDATE_POLICY_CHANGED\r\npublic static final String ACTION_SYSTEM_UPDATE_POLICY_CHANGED\r\nBroadcast action: notify that a new local system update policy has been set by the device owner. The new policy can be\r\nretrieved by getSystemUpdatePolicy() .\r\nConstant Value: \"android.app.action.SYSTEM_UPDATE_POLICY_CHANGED\"\r\nAPP_FUNCTIONS_DISABLED\r\npublic static final int APP_FUNCTIONS_DISABLED\r\nIndicates that AppFunctionManager is controlled and disabled by policy, i.e. no apps in the current user are allowed to\r\nexpose app functions.\r\nConstant Value: 1 (0x00000001)\r\nAPP_FUNCTIONS_DISABLED_CROSS_PROFILE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 63 of 279\n\npublic static final int APP_FUNCTIONS_DISABLED_CROSS_PROFILE\r\nIndicates that AppFunctionManager is controlled and disabled by a policy for cross profile interactions only, i.e. app\r\nfunctions exposed by apps in the current user can only be invoked within the same user.\r\nThis is different from APP_FUNCTIONS_DISABLED in that it only disables cross profile interactions (even if the caller has\r\npermissions required to interact across users). appfunctions can still be used within the a user profile boundary.\r\nConstant Value: 2 (0x00000002)\r\nAPP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY\r\npublic static final int APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY\r\nIndicates that AppFunctionManager is not controlled by policy.\r\nIf no admin set this policy, it means appfunctions are enabled.\r\nConstant Value: 0 (0x00000000)\r\nAUTO_TIME_ZONE_DISABLED\r\npublic static final int AUTO_TIME_ZONE_DISABLED\r\nSpecifies the \"disabled\" auto time zone state.\r\nConstant Value: 1 (0x00000001)\r\nAUTO_TIME_ZONE_ENABLED\r\npublic static final int AUTO_TIME_ZONE_ENABLED\r\nSpecifies the \"enabled\" auto time zone state.\r\nConstant Value: 2 (0x00000002)\r\nAUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY\r\npublic static final int AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY\r\nSpecifies that the auto time zone state is not controlled by device policy.\r\nConstant Value: 0 (0x00000000)\r\nCONTENT_PROTECTION_DISABLED\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 64 of 279\n\npublic static final int CONTENT_PROTECTION_DISABLED\r\nIndicates that content protection is controlled and disabled by a policy (default).\r\nConstant Value: 1 (0x00000001)\r\nCONTENT_PROTECTION_ENABLED\r\npublic static final int CONTENT_PROTECTION_ENABLED\r\nIndicates that content protection is controlled and enabled by a policy.\r\nConstant Value: 2 (0x00000002)\r\nCONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY\r\npublic static final int CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY\r\nIndicates that content protection is not controlled by policy, allowing user to choose.\r\nConstant Value: 0 (0x00000000)\r\nDELEGATION_CERT_INSTALL\r\npublic static final String DELEGATION_CERT_INSTALL\r\nDelegation of certificate installation and management. This scope grants access to the\r\ngetInstalledCaCerts(ComponentName) , hasCaCertInstalled(ComponentName, byte) ,\r\ninstallCaCert(ComponentName, byte) , uninstallCaCert(ComponentName, byte) ,\r\nuninstallAllUserCaCerts(ComponentName) and installKeyPair(ComponentName, PrivateKey, Certificate,\r\nString) APIs. This scope also grants the ability to read identifiers that the delegating device owner or profile owner\r\ncan obtain. See getEnrollmentSpecificId() .\r\nConstant Value: \"delegation-cert-install\"\r\nDELEGATION_ENABLE_SYSTEM_APP\r\npublic static final String DELEGATION_ENABLE_SYSTEM_APP\r\nDelegation for enabling system apps. This scope grants access to the enableSystemApp(ComponentName, Intent) API.\r\nConstant Value: \"delegation-enable-system-app\"\r\nDELEGATION_INSTALL_EXISTING_PACKAGE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 65 of 279\n\npublic static final String DELEGATION_INSTALL_EXISTING_PACKAGE\r\nDelegation for installing existing packages. This scope grants access to the installExistingPackage(ComponentName,\r\nString) API.\r\nConstant Value: \"delegation-install-existing-package\"\r\nDELEGATION_NETWORK_LOGGING\r\npublic static final String DELEGATION_NETWORK_LOGGING\r\nGrants access to setNetworkLoggingEnabled(ComponentName, boolean) , isNetworkLoggingEnabled(ComponentName)\r\nand retrieveNetworkLogs(ComponentName, long) . Once granted the delegated app will start receiving\r\nDelegatedAdminReceiver.onNetworkLogsAvailable() callback, and Device owner or Profile Owner will no longer\r\nreceive the DeviceAdminReceiver.onNetworkLogsAvailable() callback. There can be at most one app that has this\r\ndelegation. If another app already had delegated network logging access, it will lose the delegation when a new app is\r\ndelegated.\r\nDevice Owner can grant this access since Android 10. Profile Owner of a managed profile can grant this access since\r\nAndroid 12.\r\nConstant Value: \"delegation-network-logging\"\r\nENCRYPTION_STATUS_ACTIVATING\r\npublic static final int ENCRYPTION_STATUS_ACTIVATING\r\nThis constant was deprecated in API level 34.\r\nThis result code has never actually been used, so there is no reason for apps to check for it.\r\nResult code for getStorageEncryptionStatus() : indicating that encryption is not currently active, but is currently\r\nbeing activated.\r\nConstant Value: 2 (0x00000002)\r\nENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY\r\npublic static final int ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY\r\nResult code for getStorageEncryptionStatus() : indicating that encryption is active, but the encryption key is not\r\ncryptographically protected by the user's credentials.\r\nThis value can only be returned on devices that use Full Disk Encryption. Support for Full Disk Encryption was entirely\r\nremoved in API level 33, having been replaced by File Based Encryption. With File Based Encryption, each user's\r\ncredential-encrypted storage is always cryptographically protected by the user's credentials.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 66 of 279\n\nConstant Value: 4 (0x00000004)\r\nENCRYPTION_STATUS_ACTIVE_PER_USER\r\npublic static final int ENCRYPTION_STATUS_ACTIVE_PER_USER\r\nResult code for getStorageEncryptionStatus() : indicating that encryption is active and the encryption key is tied to\r\nthe user or profile.\r\nThis value is only returned to apps targeting API level 24 and above. For apps targeting earlier API levels,\r\nENCRYPTION_STATUS_ACTIVE is returned, even if the encryption key is specific to the user or profile.\r\nConstant Value: 5 (0x00000005)\r\npublic static final String EXTRA_ADD_EXPLANATION\r\nAn optional CharSequence providing additional explanation for why the admin is being added.\r\nConstant Value: \"android.app.extra.ADD_EXPLANATION\"\r\npublic static final String EXTRA_DEVICE_ADMIN\r\nThe ComponentName of the administrator component.\r\nConstant Value: \"android.app.extra.DEVICE_ADMIN\"\r\npublic static final String EXTRA_DEVICE_PASSWORD_REQUIREMENT_ONLY\r\nA boolean extra for ACTION_SET_NEW_PARENT_PROFILE_PASSWORD requesting that only device password requirement is\r\nenforced during the parent profile password enrolment flow.\r\nNormally when enrolling password for the parent profile, both the device-wide password requirement (requirement set\r\nvia getParentProfileInstance(ComponentName) instance) and the profile password requirement are enforced, if the\r\nprofile currently does not have a separate work challenge. By setting this to true , profile password requirement is\r\nexplicitly disregarded.\r\nConstant Value: \"android.app.extra.DEVICE_PASSWORD_REQUIREMENT_ONLY\"\r\npublic static final String EXTRA_PROVISIONING_ACCOUNT_TO_MIGRATE\r\nAn Account extra holding the account to migrate during managed profile provisioning.\r\nIf the account supplied is present in the user, it will be copied, along with its credentials to the managed profile and\r\nremoved from the user.\r\nConstant Value: \"android.app.extra.PROVISIONING_ACCOUNT_TO_MIGRATE\"\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 67 of 279\n\npublic static final String EXTRA_PROVISIONING_ALLOWED_PROVISIONING_MODES\r\nAn ArrayList of Integer extra specifying the allowed provisioning modes.\r\nThis extra will be passed to the admin app's ACTION_GET_PROVISIONING_MODE activity, whose result intent must contain\r\nEXTRA_PROVISIONING_MODE set to one of the values in this array.\r\nIf the value set to EXTRA_PROVISIONING_MODE is not in the array, provisioning will fail.\r\nConstant Value: \"android.app.extra.PROVISIONING_ALLOWED_PROVISIONING_MODES\"\r\npublic static final String EXTRA_PROVISIONING_ALLOW_OFFLINE\r\nA boolean extra indicating whether offline provisioning should be used.\r\nThe default value is false .\r\nConstant Value: \"android.app.extra.PROVISIONING_ALLOW_OFFLINE\"\r\npublic static final String EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME\r\nA ComponentName extra indicating the device admin receiver of the application that will be set as the Device\r\nPolicy Controller.\r\nIf an application starts provisioning directly via an intent with action ACTION_PROVISION_MANAGED_DEVICE the package\r\nname of this component has to match the package name of the application that started provisioning.\r\nThis component is set as device owner and active admin when device owner provisioning is started by an intent with\r\naction ACTION_PROVISION_MANAGED_DEVICE or by an NFC message containing an NFC record with MIME type\r\nMIME_TYPE_PROVISIONING_NFC . For the NFC record, the component name must be flattened to a string, via\r\nComponentName.flattenToShortString() .\r\nConstant Value: \"android.app.extra.PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME\"\r\npublic static final String EXTRA_PROVISIONING_DEVICE_ADMIN_MINIMUM_VERSION_CODE\r\nAn int extra holding a minimum required version code for the device admin package. If the device admin is already\r\ninstalled on the device, it will only be re-downloaded from\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION if the version of the installed package is less than this\r\nversion code.\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_DEVICE_ADMIN_MINIMUM_VERSION_CODE\"\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 68 of 279\n\npublic static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER\r\nA String extra holding a http cookie header which should be used in the http request to the url specified in\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value:\r\n\"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER\"\r\npublic static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION\r\nA String extra holding a url that specifies the download location of the device admin package. When not provided it is\r\nassumed that the device admin package is already installed.\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION\"\r\npublic static final String EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME\r\nThis constant was deprecated in API level 23.\r\nUse EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME .\r\nA String extra holding the package name of the application that will be set as Device Policy Controller.\r\nWhen this extra is set, the application must have exactly one device admin receiver . This receiver will be set as the\r\nDevice Policy Controller.\r\nConstant Value: \"android.app.extra.PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME\"\r\npublic static final String EXTRA_PROVISIONING_DISCLAIMER_HEADER\r\nA String extra of localized disclaimer header.\r\nThe extra is typically the company name of mobile device management application (MDM) or the organization name.\r\nSystem apps can also insert a disclaimer by declaring an application-level meta-data in AndroidManifest.xml .\r\nFor example:\r\n \u003cmeta-data\r\n android:name=\"android.app.extra.PROVISIONING_DISCLAIMER_HEADER\"\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 69 of 279\n\nandroid:resource=\"@string/disclaimer_header\"\r\n /\u003e\r\nThis must be accompanied with another extra using the key EXTRA_PROVISIONING_DISCLAIMER_CONTENT .\r\nConstant Value: \"android.app.extra.PROVISIONING_DISCLAIMER_HEADER\"\r\npublic static final String EXTRA_PROVISIONING_EMAIL_ADDRESS\r\nThis constant was deprecated in API level 26.\r\nFrom Build.VERSION_CODES.O , never used while provisioning the device.\r\nConstant Value: \"android.app.extra.PROVISIONING_EMAIL_ADDRESS\"\r\npublic static final String EXTRA_PROVISIONING_IMEI\r\nA string extra holding the IMEI (International Mobile Equipment Identity) of the device.\r\nConstant Value: \"android.app.extra.PROVISIONING_IMEI\"\r\npublic static final String EXTRA_PROVISIONING_KEEP_ACCOUNT_ON_MIGRATION\r\nBoolean extra to indicate that the migrated account should be kept.\r\nIf it's set to true , the account will not be removed from the user after it is migrated to the newly created user or\r\nprofile.\r\nDefaults to false\r\nConstant Value: \"android.app.extra.PROVISIONING_KEEP_ACCOUNT_ON_MIGRATION\"\r\npublic static final String EXTRA_PROVISIONING_KEEP_SCREEN_ON\r\nThis constant was deprecated in API level 34.\r\nfrom Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the flag wouldn't be functional. The screen is kept on throughout the\r\nprovisioning flow.\r\nA boolean flag that indicates whether the screen should be on throughout the provisioning flow.\r\nThis extra can either be passed as an extra to the ACTION_PROVISION_MANAGED_PROFILE intent, or it can be returned by\r\nthe admin app when performing the admin-integrated provisioning flow as a result of the\r\nACTION_GET_PROVISIONING_MODE activity.\r\nConstant Value: \"android.app.extra.PROVISIONING_KEEP_SCREEN_ON\"\r\npublic static final String EXTRA_PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 70 of 279\n\nA Boolean extra that can be used by the mobile device management application to skip the disabling of system apps\r\nduring provisioning when set to true .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC , an intent with action ACTION_PROVISION_MANAGED_PROFILE\r\nthat starts profile owner provisioning or set as an extra to the intent result of the ACTION_GET_PROVISIONING_MODE\r\nactivity.\r\nConstant Value: \"android.app.extra.PROVISIONING_LEAVE_ALL_SYSTEM_APPS_ENABLED\"\r\npublic static final String EXTRA_PROVISIONING_LOCALE\r\nA String extra holding the Locale that the device will be set to. Format: xx_yy, where xx is the language code, and yy\r\nthe country code.\r\nUse only for device owner provisioning. This extra can be returned by the admin app when performing the admin-integrated provisioning flow as a result of the ACTION_GET_PROVISIONING_MODE activity.\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_LOCALE\"\r\npublic static final String EXTRA_PROVISIONING_LOCAL_TIME\r\nA Long extra holding the wall clock time (in milliseconds) to be set on the device's AlarmManager .\r\nUse only for device owner provisioning. This extra can be returned by the admin app when performing the admin-integrated provisioning flow as a result of the ACTION_GET_PROVISIONING_MODE activity.\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_LOCAL_TIME\"\r\npublic static final String EXTRA_PROVISIONING_LOGO_URI\r\nThis constant was deprecated in API level 33.\r\nLogo customization is no longer supported in the provisioning flow.\r\nA Uri extra pointing to a logo image. This image will be shown during the provisioning. If this extra is not passed, a\r\ndefault image will be shown.\r\nThe following URI schemes are accepted:\r\ncontent ( ContentResolver.SCHEME_CONTENT )\r\nandroid.resource ( ContentResolver.SCHEME_ANDROID_RESOURCE )\r\nIt is the responsibility of the caller to provide an image with a reasonable pixel density for the device.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 71 of 279\n\nIf a content: URI is passed, the intent should also have the flag Intent.FLAG_GRANT_READ_URI_PERMISSION and the uri\r\nshould be added to the ClipData of the intent.\r\nConstant Value: \"android.app.extra.PROVISIONING_LOGO_URI\"\r\nEXTRA_PROVISIONING_MAIN_COLOR\r\npublic static final String EXTRA_PROVISIONING_MAIN_COLOR\r\nThis constant was deprecated in API level 31.\r\nColor customization is no longer supported in the provisioning flow.\r\nA integer extra indicating the predominant color to show during the provisioning. Refer to Color for how the color is\r\nrepresented.\r\nUse with ACTION_PROVISION_MANAGED_PROFILE or ACTION_PROVISION_MANAGED_DEVICE .\r\nConstant Value: \"android.app.extra.PROVISIONING_MAIN_COLOR\"\r\npublic static final String EXTRA_PROVISIONING_SENSORS_PERMISSION_GRANT_OPT_OUT\r\nA boolean extra indicating the admin of a fully-managed device opts out of controlling permission grants for sensor-related permissions, see setPermissionGrantState(ComponentName,String,String,int) . The default for this extra is\r\nfalse - by default, the admin of a fully-managed device has the ability to grant sensors-related permissions.\r\nUse only for device owner provisioning. This extra can be returned by the admin app when performing the admin-integrated provisioning flow as a result of the ACTION_GET_PROVISIONING_MODE activity.\r\nThis extra may also be provided to the admin app via an intent extra for ACTION_GET_PROVISIONING_MODE .\r\nConstant Value: \"android.app.extra.PROVISIONING_SENSORS_PERMISSION_GRANT_OPT_OUT\"\r\npublic static final String EXTRA_PROVISIONING_SERIAL_NUMBER\r\nA string extra holding the serial number of the device.\r\nConstant Value: \"android.app.extra.PROVISIONING_SERIAL_NUMBER\"\r\npublic static final String EXTRA_PROVISIONING_SHOULD_LAUNCH_RESULT_INTENT\r\nA boolean extra that determines whether the provisioning flow should launch the resulting launch intent, if one is\r\nsupplied by the device policy management role holder via EXTRA_RESULT_LAUNCH_INTENT . Default value is false .\r\nIf true , the resulting intent will be launched by the provisioning flow, if one is supplied by the device policy\r\nmanagement role holder.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 72 of 279\n\nIf false , the resulting intent will be returned as EXTRA_RESULT_LAUNCH_INTENT to the provisioning initiator, if one is\r\nsupplied by the device manager role holder. It will be the responsibility of the provisioning initiator to launch this\r\nIntent after provisioning completes.\r\nThis extra is respected when provided via the provisioning intent actions such as ACTION_PROVISION_MANAGED_PROFILE .\r\nConstant Value: \"android.app.extra.PROVISIONING_SHOULD_LAUNCH_RESULT_INTENT\"\r\npublic static final String EXTRA_PROVISIONING_SKIP_EDUCATION_SCREENS\r\nA boolean extra indicating if the education screens from the provisioning flow should be skipped. If unspecified,\r\ndefaults to false .\r\nThis extra can be set in the following ways:\r\nBy the admin app when performing the admin-integrated provisioning flow as a result of the\r\nACTION_GET_PROVISIONING_MODE activity\r\nFor managed account enrollment\r\nIf the education screens are skipped, it is the admin application's responsibility to display its own user education\r\nscreens.\r\nConstant Value: \"android.app.extra.PROVISIONING_SKIP_EDUCATION_SCREENS\"\r\npublic static final String EXTRA_PROVISIONING_SKIP_USER_CONSENT\r\nThis constant was deprecated in API level 31.\r\nthis extra is no longer relevant as device owners cannot create managed profiles\r\nA boolean extra indicating if the user consent steps from the provisioning flow should be skipped.\r\nIf unspecified, defaults to false .\r\nConstant Value: \"android.app.extra.PROVISIONING_SKIP_USER_CONSENT\"\r\npublic static final String EXTRA_PROVISIONING_TIME_ZONE\r\nA String extra holding the time zone AlarmManager that the device will be set to.\r\nUse only for device owner provisioning. This extra can be returned by the admin app when performing the admin-integrated provisioning flow as a result of the ACTION_GET_PROVISIONING_MODE activity.\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_TIME_ZONE\"\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 73 of 279\n\npublic static final String EXTRA_PROVISIONING_USE_MOBILE_DATA\r\nA boolean extra indicating if mobile data should be used during the provisioning flow for downloading the admin app.\r\nIf EXTRA_PROVISIONING_WIFI_SSID is also specified, wifi network will be used instead.\r\nDefault value is false .\r\nIf this extra is set to true and EXTRA_PROVISIONING_WIFI_SSID is not specified, this extra has different behaviour\r\ndepending on the way provisioning is triggered:\r\nFor provisioning started via a QR code or an NFC tag, mobile data is always used for downloading the admin\r\napp.\r\nFor all other provisioning methods, a mobile data connection check is made at the start of provisioning. If\r\nmobile data is connected at that point, the admin app download will happen using mobile data. If mobile data is\r\nnot connected at that point, the end-user will be asked to pick a wifi network and the admin app download will\r\nproceed over wifi.\r\nConstant Value: \"android.app.extra.PROVISIONING_USE_MOBILE_DATA\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_CA_CERTIFICATE\r\nThe CA certificate of the wifi network in EXTRA_PROVISIONING_WIFI_SSID . This should be an X.509 certificate Base64\r\nencoded DER format, ie. PEM representation of a certificate without header, footer and line breaks. More information\r\nThis is only used if the EXTRA_PROVISIONING_WIFI_SECURITY_TYPE is EAP .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_CA_CERTIFICATE\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_HIDDEN\r\nA boolean extra indicating whether the wifi network in EXTRA_PROVISIONING_WIFI_SSID is hidden or not.\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_HIDDEN\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_PAC_URL\r\nA String extra holding the proxy auto-config (PAC) URL for the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_PAC_URL\"\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 74 of 279\n\npublic static final String EXTRA_PROVISIONING_WIFI_PASSWORD\r\nA String extra holding the password of the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_PASSWORD\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_PHASE2_AUTH\r\nThe phase 2 authentication of the wifi network in EXTRA_PROVISIONING_WIFI_SSID and could be one of NONE , PAP ,\r\nMSCHAP , MSCHAPV2 , GTC , SIM , AKA or AKA_PRIME . This is only used if the\r\nEXTRA_PROVISIONING_WIFI_SECURITY_TYPE is EAP .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_PHASE2_AUTH\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_PROXY_BYPASS\r\nA String extra holding the proxy bypass for the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_PROXY_BYPASS\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_PROXY_HOST\r\nA String extra holding the proxy host for the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_PROXY_HOST\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_PROXY_PORT\r\nAn int extra holding the proxy port for the wifi network in EXTRA_PROVISIONING_WIFI_SSID .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_PROXY_PORT\"\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 75 of 279\n\npublic static final String EXTRA_PROVISIONING_WIFI_SECURITY_TYPE\r\nA String extra indicating the security type of the wifi network in EXTRA_PROVISIONING_WIFI_SSID and could be one of\r\nNONE , WPA , WEP or EAP .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_SECURITY_TYPE\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_SSID\r\nA String extra holding the ssid of the wifi network that should be used during nfc device owner provisioning for\r\ndownloading the mobile device management application.\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_SSID\"\r\npublic static final String EXTRA_PROVISIONING_WIFI_USER_CERTIFICATE\r\nThe user certificate of the wifi network in EXTRA_PROVISIONING_WIFI_SSID . This should be an X.509 certificate and\r\nprivate key Base64 encoded DER format, ie. PEM representation of a certificate and key without header, footer and line\r\nbreaks. More information This is only used if the EXTRA_PROVISIONING_WIFI_SECURITY_TYPE is EAP .\r\nUse in an NFC record with MIME_TYPE_PROVISIONING_NFC that starts device owner provisioning via an NFC bump. It\r\ncan also be used for QR code provisioning.\r\nConstant Value: \"android.app.extra.PROVISIONING_WIFI_USER_CERTIFICATE\"\r\npublic static final String EXTRA_RESOURCE_IDS\r\nAn integer array extra for ACTION_DEVICE_POLICY_RESOURCE_UPDATED to indicate which resource IDs (i.e. strings and\r\ndrawables) have been updated.\r\nConstant Value: \"android.app.extra.RESOURCE_IDS\"\r\npublic static final int EXTRA_RESOURCE_TYPE_DRAWABLE\r\nA int value for EXTRA_RESOURCE_TYPE to indicate that a resource of type Drawable is being updated.\r\nConstant Value: 1 (0x00000001)\r\npublic static final int EXTRA_RESOURCE_TYPE_STRING\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 76 of 279\n\nA int value for EXTRA_RESOURCE_TYPE to indicate that a resource of type String is being updated.\r\nConstant Value: 2 (0x00000002)\r\nFLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY\r\npublic static final int FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY\r\nFlag for lockNow(int) : also evict the user's credential encryption key from the keyring. The user's credential will need\r\nto be entered again in order to derive the credential encryption key that will be stored back in the keyring for future use.\r\nThis flag can only be used by a profile owner when locking a managed profile when getStorageEncryptionStatus()\r\nreturns ENCRYPTION_STATUS_ACTIVE_PER_USER .\r\nIn order to secure user data, the user will be stopped and restarted so apps should wait until they are next run to perform\r\nfurther actions.\r\nConstant Value: 1 (0x00000001)\r\nINSTALLKEY_REQUEST_CREDENTIALS_ACCESS\r\npublic static final int INSTALLKEY_REQUEST_CREDENTIALS_ACCESS\r\nSpecifies that the calling app should be granted access to the installed credentials immediately. Otherwise, access to the\r\ncredentials will be gated by user approval. For use with\r\ninstallKeyPair(ComponentName,PrivateKey,Certificate[],String,int)\r\nConstant Value: 1 (0x00000001)\r\nINSTALLKEY_SET_USER_SELECTABLE\r\npublic static final int INSTALLKEY_SET_USER_SELECTABLE\r\nSpecifies that a user can select the key via the Certificate Selection prompt. If this flag is not set when calling\r\ninstallKeyPair(ComponentName, PrivateKey, Certificate, String) , the key can only be granted access by\r\nimplementing DeviceAdminReceiver.onChoosePrivateKeyAlias(Context, Intent, int, Uri, String) . For use with\r\ninstallKeyPair(ComponentName,PrivateKey,Certificate[],String,int)\r\nConstant Value: 2 (0x00000002)\r\nKEYGUARD_DISABLE_BIOMETRICS\r\npublic static final int KEYGUARD_DISABLE_BIOMETRICS\r\nDisable all biometric authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 77 of 279\n\nConstant Value: 416 (0x000001a0)\r\nKEYGUARD_DISABLE_FACE\r\npublic static final int KEYGUARD_DISABLE_FACE\r\nDisable face authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nConstant Value: 128 (0x00000080)\r\nKEYGUARD_DISABLE_FEATURES_ALL\r\npublic static final int KEYGUARD_DISABLE_FEATURES_ALL\r\nDisable all current and future keyguard customizations.\r\nConstant Value: 2147483647 (0x7fffffff)\r\nKEYGUARD_DISABLE_FEATURES_NONE\r\npublic static final int KEYGUARD_DISABLE_FEATURES_NONE\r\nWidgets are enabled in keyguard\r\nConstant Value: 0 (0x00000000)\r\nKEYGUARD_DISABLE_FINGERPRINT\r\npublic static final int KEYGUARD_DISABLE_FINGERPRINT\r\nDisable fingerprint authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nConstant Value: 32 (0x00000020)\r\nKEYGUARD_DISABLE_IRIS\r\npublic static final int KEYGUARD_DISABLE_IRIS\r\nDisable iris authentication on keyguard secure screens (e.g. PIN/Pattern/Password).\r\nConstant Value: 256 (0x00000100)\r\nKEYGUARD_DISABLE_REMOTE_INPUT\r\npublic static final int KEYGUARD_DISABLE_REMOTE_INPUT\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 78 of 279\n\nThis constant was deprecated in API level 33.\r\nThis flag was added in version Build.VERSION_CODES.N , but it never had any effect.\r\nDisable text entry into notifications on secure keyguard screens (e.g. PIN/Pattern/Password).\r\nConstant Value: 64 (0x00000040)\r\nKEYGUARD_DISABLE_SECURE_CAMERA\r\npublic static final int KEYGUARD_DISABLE_SECURE_CAMERA\r\nDisable the camera on secure keyguard screens (e.g. PIN/Pattern/Password)\r\nConstant Value: 2 (0x00000002)\r\nKEYGUARD_DISABLE_SECURE_NOTIFICATIONS\r\npublic static final int KEYGUARD_DISABLE_SECURE_NOTIFICATIONS\r\nDisable showing all notifications on secure keyguard screens (e.g. PIN/Pattern/Password)\r\nConstant Value: 4 (0x00000004)\r\nKEYGUARD_DISABLE_SHORTCUTS_ALL\r\npublic static final int KEYGUARD_DISABLE_SHORTCUTS_ALL\r\nDisable all keyguard shortcuts.\r\nConstant Value: 512 (0x00000200)\r\nKEYGUARD_DISABLE_TRUST_AGENTS\r\npublic static final int KEYGUARD_DISABLE_TRUST_AGENTS\r\nDisable trust agents on secure keyguard screens (e.g. PIN/Pattern/Password). By setting this flag alone, all trust agents\r\nare disabled. If the admin then wants to allowlist specific features of some trust agent,\r\nsetTrustAgentConfiguration(ComponentName, ComponentName, PersistableBundle) can be used in conjuction to set\r\ntrust-agent-specific configurations.\r\nConstant Value: 16 (0x00000010)\r\nKEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS\r\npublic static final int KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 79 of 279\n\nOnly allow redacted notifications on secure keyguard screens (e.g. PIN/Pattern/Password)\r\nConstant Value: 8 (0x00000008)\r\nKEYGUARD_DISABLE_WIDGETS_ALL\r\npublic static final int KEYGUARD_DISABLE_WIDGETS_ALL\r\nDisable all keyguard widgets. Has no effect between Build.VERSION_CODES.LOLLIPOP and\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE (both inclusive), since keyguard widget is only supported on Android\r\nversions lower than 5.0 and versions higher than 14.\r\nConstant Value: 1 (0x00000001)\r\nLOCK_TASK_FEATURE_BLOCK_ACTIVITY_START_IN_TASK\r\npublic static final int LOCK_TASK_FEATURE_BLOCK_ACTIVITY_START_IN_TASK\r\nEnable blocking of non-allowlisted activities from being started into a locked task.\r\nConstant Value: 64 (0x00000040)\r\nLOCK_TASK_FEATURE_GLOBAL_ACTIONS\r\npublic static final int LOCK_TASK_FEATURE_GLOBAL_ACTIONS\r\nEnable the global actions dialog during LockTask mode. This is the dialog that shows up when the user long-presses the\r\npower button, for example. Note that the user may not be able to power off the device if this flag is not set.\r\nThis flag is enabled by default until setLockTaskFeatures(ComponentName,int) is called for the first time.\r\nConstant Value: 16 (0x00000010)\r\nLOCK_TASK_FEATURE_KEYGUARD\r\npublic static final int LOCK_TASK_FEATURE_KEYGUARD\r\nEnable the keyguard during LockTask mode. Note that if the keyguard is already disabled with\r\nsetKeyguardDisabled(ComponentName,boolean) , setting this flag will have no effect. If this flag is not set, the\r\nkeyguard will not be shown even if the user has a lock screen credential.\r\nConstant Value: 32 (0x00000020)\r\nLOCK_TASK_FEATURE_NONE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 80 of 279\n\npublic static final int LOCK_TASK_FEATURE_NONE\r\nDisable all configurable SystemUI features during LockTask mode. This includes,\r\nsystem info area in the status bar (connectivity icons, clock, etc.)\r\nnotifications (including alerts, icons, and the notification shade)\r\nHome button\r\nRecents button and UI\r\nglobal actions menu (i.e. power button menu)\r\nkeyguard\r\nConstant Value: 0 (0x00000000)\r\nLOCK_TASK_FEATURE_NOTIFICATIONS\r\npublic static final int LOCK_TASK_FEATURE_NOTIFICATIONS\r\nEnable notifications during LockTask mode. This includes notification icons on the status bar, heads-up notifications,\r\nand the expandable notification shade. Note that the Quick Settings panel remains disabled. This feature flag can only\r\nbe used in combination with LOCK_TASK_FEATURE_HOME . setLockTaskFeatures(ComponentName,int) throws an\r\nIllegalArgumentException if this feature flag is defined without LOCK_TASK_FEATURE_HOME .\r\nConstant Value: 2 (0x00000002)\r\nLOCK_TASK_FEATURE_SYSTEM_INFO\r\npublic static final int LOCK_TASK_FEATURE_SYSTEM_INFO\r\nEnable the system info area in the status bar during LockTask mode. The system info area usually occupies the right\r\nside of the status bar (although this can differ across OEMs). It includes all system information indicators, such as date\r\nand time, connectivity, battery, vibration mode, etc.\r\nConstant Value: 1 (0x00000001)\r\nMIME_TYPE_PROVISIONING_NFC\r\npublic static final String MIME_TYPE_PROVISIONING_NFC\r\nThis MIME type is used for starting the device owner provisioning.\r\nDuring device owner provisioning a device admin app is set as the owner of the device. A device owner has full control\r\nover the device. The device owner can not be modified by the user and the only way of resetting the device is if the\r\ndevice owner app calls a factory reset.\r\nA typical use case would be a device that is owned by a company, but used by either an employee or client.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 81 of 279\n\nThe NFC message must be sent to an unprovisioned device.\r\nThe NFC record must contain a serialized Properties object which contains the following properties:\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_LOCATION , optional\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_DOWNLOAD_COOKIE_HEADER , optional\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM , optional\r\nEXTRA_PROVISIONING_LOCAL_TIME (convert to String), optional\r\nEXTRA_PROVISIONING_TIME_ZONE , optional\r\nEXTRA_PROVISIONING_LOCALE , optional\r\nEXTRA_PROVISIONING_WIFI_SSID , optional\r\nEXTRA_PROVISIONING_WIFI_HIDDEN (convert to String), optional\r\nEXTRA_PROVISIONING_WIFI_SECURITY_TYPE , optional\r\nEXTRA_PROVISIONING_WIFI_PASSWORD , optional\r\nEXTRA_PROVISIONING_WIFI_PROXY_HOST , optional\r\nEXTRA_PROVISIONING_WIFI_PROXY_PORT (convert to String), optional\r\nEXTRA_PROVISIONING_WIFI_PROXY_BYPASS , optional\r\nEXTRA_PROVISIONING_WIFI_PAC_URL , optional\r\nEXTRA_PROVISIONING_ADMIN_EXTRAS_BUNDLE , optional, supported from Build.VERSION_CODES.M\r\nEXTRA_PROVISIONING_WIFI_EAP_METHOD , optional, supported from Build.VERSION_CODES.Q\r\nEXTRA_PROVISIONING_WIFI_PHASE2_AUTH , optional, supported from Build.VERSION_CODES.Q\r\nEXTRA_PROVISIONING_WIFI_CA_CERTIFICATE , optional, supported from Build.VERSION_CODES.Q\r\nEXTRA_PROVISIONING_WIFI_USER_CERTIFICATE , optional, supported from Build.VERSION_CODES.Q\r\nEXTRA_PROVISIONING_WIFI_IDENTITY , optional, supported from Build.VERSION_CODES.Q\r\nEXTRA_PROVISIONING_WIFI_ANONYMOUS_IDENTITY , optional, supported from Build.VERSION_CODES.Q\r\nEXTRA_PROVISIONING_WIFI_DOMAIN , optional, supported from Build.VERSION_CODES.Q\r\nAs of Build.VERSION_CODES.M , the properties should contain EXTRA_PROVISIONING_DEVICE_ADMIN_COMPONENT_NAME\r\ninstead of EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME , (although specifying only\r\nEXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_NAME is still supported).\r\nConstant Value: \"application/com.android.managedprovisioning\"\r\nMTE_DISABLED\r\npublic static final int MTE_DISABLED\r\nRequire that MTE be disabled on the device. Can be set by a device owner.\r\nConstant Value: 2 (0x00000002)\r\nMTE_ENABLED\r\npublic static final int MTE_ENABLED\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 82 of 279\n\nRequire that MTE be enabled on the device, if supported. Can be set by a device owner or a profile owner of an\r\norganization-owned managed profile.\r\nConstant Value: 1 (0x00000001)\r\nMTE_NOT_CONTROLLED_BY_POLICY\r\npublic static final int MTE_NOT_CONTROLLED_BY_POLICY\r\nAllow the user to choose whether to enable MTE on the device.\r\nConstant Value: 0 (0x00000000)\r\nNEARBY_STREAMING_DISABLED\r\npublic static final int NEARBY_STREAMING_DISABLED\r\nIndicates that nearby streaming is disabled.\r\nConstant Value: 1 (0x00000001)\r\nNEARBY_STREAMING_ENABLED\r\npublic static final int NEARBY_STREAMING_ENABLED\r\nIndicates that nearby streaming is enabled.\r\nConstant Value: 2 (0x00000002)\r\nNEARBY_STREAMING_NOT_CONTROLLED_BY_POLICY\r\npublic static final int NEARBY_STREAMING_NOT_CONTROLLED_BY_POLICY\r\nIndicates that nearby streaming is not controlled by policy, which means nearby streaming is allowed.\r\nConstant Value: 0 (0x00000000)\r\nNEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY\r\npublic static final int NEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY\r\nIndicates that nearby streaming is enabled only to devices offering a comparable level of security, with the same\r\nauthenticated managed account.\r\nConstant Value: 3 (0x00000003)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 83 of 279\n\nOPERATION_SAFETY_REASON_DRIVING_DISTRACTION\r\npublic static final int OPERATION_SAFETY_REASON_DRIVING_DISTRACTION\r\nIndicates that a UnsafeStateException was thrown because the operation would distract the driver of the vehicle.\r\nConstant Value: 1 (0x00000001)\r\nPASSWORD_COMPLEXITY_HIGH\r\npublic static final int PASSWORD_COMPLEXITY_HIGH\r\nConstant for getPasswordComplexity() and setRequiredPasswordComplexity(int) . Define the high password\r\ncomplexity band as:\r\nPIN with no repeating (4444) or ordered (1234, 4321, 2468) sequences, length at least 8\r\nalphabetic, length at least 6\r\nalphanumeric, length at least 6\r\nWhen returned from getPasswordComplexity() , the constant represents the exact complexity band the password is in.\r\nWhen passed to setRequiredPasswordComplexity(int) , it sets the minimum complexity band which the password\r\nmust meet.\r\nConstant Value: 327680 (0x00050000)\r\nPASSWORD_COMPLEXITY_MEDIUM\r\npublic static final int PASSWORD_COMPLEXITY_MEDIUM\r\nConstant for getPasswordComplexity() and setRequiredPasswordComplexity(int) . Define the medium password\r\ncomplexity band as:\r\nPIN with no repeating (4444) or ordered (1234, 4321, 2468) sequences, length at least 4\r\nalphabetic, length at least 4\r\nalphanumeric, length at least 4\r\nWhen returned from getPasswordComplexity() , the constant represents the exact complexity band the password is in.\r\nWhen passed to setRequiredPasswordComplexity(int) , it sets the minimum complexity band which the password\r\nmust meet.\r\nConstant Value: 196608 (0x00030000)\r\nPASSWORD_QUALITY_ALPHABETIC\r\npublic static final int PASSWORD_QUALITY_ALPHABETIC\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 84 of 279\n\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password containing at least\r\nalphabetic (or other symbol) characters. Note that quality constants are ordered so that higher values are more\r\nrestrictive.\r\nConstant Value: 262144 (0x00040000)\r\nPASSWORD_QUALITY_ALPHANUMERIC\r\npublic static final int PASSWORD_QUALITY_ALPHANUMERIC\r\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password containing at least\r\nboth\u003e numeric and alphabetic (or other symbol) characters. Note that quality constants are ordered so that higher values\r\nare more restrictive.\r\nConstant Value: 327680 (0x00050000)\r\nPASSWORD_QUALITY_BIOMETRIC_WEAK\r\npublic static final int PASSWORD_QUALITY_BIOMETRIC_WEAK\r\nConstant for setPasswordQuality(ComponentName, int) : the policy allows for low-security biometric recognition\r\ntechnology. This implies technologies that can recognize the identity of an individual to about a 3 digit PIN (false\r\ndetection is less than 1 in 1,000). Note that quality constants are ordered so that higher values are more restrictive.\r\nConstant Value: 32768 (0x00008000)\r\nPASSWORD_QUALITY_COMPLEX\r\npublic static final int PASSWORD_QUALITY_COMPLEX\r\nConstant for setPasswordQuality(ComponentName, int) : allows the admin to set precisely how many characters of\r\nvarious types the password should contain to satisfy the policy. The admin should set these requirements via\r\nsetPasswordMinimumLetters(ComponentName, int) , setPasswordMinimumNumeric(ComponentName, int) ,\r\nsetPasswordMinimumSymbols(ComponentName, int) , setPasswordMinimumUpperCase(ComponentName, int) ,\r\nsetPasswordMinimumLowerCase(ComponentName, int) , setPasswordMinimumNonLetter(ComponentName, int) , and\r\nsetPasswordMinimumLength(ComponentName, int) . Note that quality constants are ordered so that higher values are\r\nmore restrictive.\r\nConstant Value: 393216 (0x00060000)\r\nPASSWORD_QUALITY_NUMERIC\r\npublic static final int PASSWORD_QUALITY_NUMERIC\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 85 of 279\n\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password containing at least\r\nnumeric characters. Note that quality constants are ordered so that higher values are more restrictive.\r\nConstant Value: 131072 (0x00020000)\r\nPASSWORD_QUALITY_NUMERIC_COMPLEX\r\npublic static final int PASSWORD_QUALITY_NUMERIC_COMPLEX\r\nConstant for setPasswordQuality(ComponentName, int) : the user must have entered a password containing at least\r\nnumeric characters with no repeating (4444) or ordered (1234, 4321, 2468) sequences. Note that quality constants are\r\nordered so that higher values are more restrictive.\r\nConstant Value: 196608 (0x00030000)\r\nPASSWORD_QUALITY_SOMETHING\r\npublic static final int PASSWORD_QUALITY_SOMETHING\r\nConstant for setPasswordQuality(ComponentName, int) : the policy requires some kind of password or pattern, but\r\ndoesn't care what it is. Note that quality constants are ordered so that higher values are more restrictive.\r\nConstant Value: 65536 (0x00010000)\r\nPASSWORD_QUALITY_UNSPECIFIED\r\npublic static final int PASSWORD_QUALITY_UNSPECIFIED\r\nConstant for setPasswordQuality(ComponentName, int) : the policy has no requirements for the password. Note that\r\nquality constants are ordered so that higher values are more restrictive.\r\nConstant Value: 0 (0x00000000)\r\nPERMISSION_GRANT_STATE_DEFAULT\r\npublic static final int PERMISSION_GRANT_STATE_DEFAULT\r\nRuntime permission state: The user can manage the permission through the UI.\r\nConstant Value: 0 (0x00000000)\r\nPERMISSION_GRANT_STATE_DENIED\r\npublic static final int PERMISSION_GRANT_STATE_DENIED\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 86 of 279\n\nRuntime permission state: The permission is denied to the app and the user cannot manage the permission through the\r\nUI.\r\nConstant Value: 2 (0x00000002)\r\nPERMISSION_GRANT_STATE_GRANTED\r\npublic static final int PERMISSION_GRANT_STATE_GRANTED\r\nRuntime permission state: The permission is granted to the app and the user cannot manage the permission through the\r\nUI.\r\nConstant Value: 1 (0x00000001)\r\nPERMISSION_POLICY_AUTO_DENY\r\npublic static final int PERMISSION_POLICY_AUTO_DENY\r\nPermission policy to always deny new permission requests for runtime permissions. Already granted or denied\r\npermissions are not affected by this.\r\nConstant Value: 2 (0x00000002)\r\nPERMISSION_POLICY_AUTO_GRANT\r\npublic static final int PERMISSION_POLICY_AUTO_GRANT\r\nPermission policy to always grant new permission requests for runtime permissions. Already granted or denied\r\npermissions are not affected by this.\r\nConstant Value: 1 (0x00000001)\r\nPERMISSION_POLICY_PROMPT\r\npublic static final int PERMISSION_POLICY_PROMPT\r\nPermission policy to prompt user for new permission requests for runtime permissions. Already granted or denied\r\npermissions are not affected by this.\r\nConstant Value: 0 (0x00000000)\r\nPERSONAL_APPS_SUSPENDED_PROFILE_TIMEOUT\r\npublic static final int PERSONAL_APPS_SUSPENDED_PROFILE_TIMEOUT\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 87 of 279\n\nFlag for getPersonalAppsSuspendedReasons(ComponentName) return value. Set when personal apps are suspended by\r\nframework because managed profile was off for longer than allowed by policy.\r\nConstant Value: 2 (0x00000002)\r\nPOLICY_DISABLE_CAMERA\r\npublic static final String POLICY_DISABLE_CAMERA\r\nConstant to indicate the feature of disabling the camera. Used as argument to createAdminSupportIntent(String) .\r\nConstant Value: \"policy_disable_camera\"\r\nPOLICY_DISABLE_SCREEN_CAPTURE\r\npublic static final String POLICY_DISABLE_SCREEN_CAPTURE\r\nConstant to indicate the feature of disabling screen captures. Used as argument to\r\ncreateAdminSupportIntent(String) .\r\nConstant Value: \"policy_disable_screen_capture\"\r\nPRIVATE_DNS_MODE_OFF\r\npublic static final int PRIVATE_DNS_MODE_OFF\r\nSpecifies that Private DNS was turned off completely.\r\nConstant Value: 1 (0x00000001)\r\nPRIVATE_DNS_MODE_OPPORTUNISTIC\r\npublic static final int PRIVATE_DNS_MODE_OPPORTUNISTIC\r\nSpecifies that the device owner requested opportunistic DNS over TLS\r\nConstant Value: 2 (0x00000002)\r\nPRIVATE_DNS_MODE_PROVIDER_HOSTNAME\r\npublic static final int PRIVATE_DNS_MODE_PROVIDER_HOSTNAME\r\nSpecifies that the device owner configured a specific host to use for Private DNS.\r\nConstant Value: 3 (0x00000003)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 88 of 279\n\nPRIVATE_DNS_MODE_UNKNOWN\r\npublic static final int PRIVATE_DNS_MODE_UNKNOWN\r\nSpecifies that the Private DNS setting is in an unknown state.\r\nConstant Value: 0 (0x00000000)\r\nPRIVATE_DNS_SET_ERROR_FAILURE_SETTING\r\npublic static final int PRIVATE_DNS_SET_ERROR_FAILURE_SETTING\r\nGeneral failure to set the Private DNS mode, not due to one of the reasons listed above.\r\nConstant Value: 2 (0x00000002)\r\nPRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING\r\npublic static final int PRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING\r\nIf the privateDnsHost provided was of a valid hostname but that host was found to not support DNS-over-TLS.\r\nConstant Value: 1 (0x00000001)\r\nPRIVATE_DNS_SET_NO_ERROR\r\npublic static final int PRIVATE_DNS_SET_NO_ERROR\r\nThe selected mode has been set successfully. If the mode is PRIVATE_DNS_MODE_PROVIDER_HOSTNAME then it implies the\r\nsupplied host is valid and reachable.\r\nConstant Value: 0 (0x00000000)\r\nPROVISIONING_MODE_FULLY_MANAGED_DEVICE\r\npublic static final int PROVISIONING_MODE_FULLY_MANAGED_DEVICE\r\nThe provisioning mode for fully managed device.\r\nConstant Value: 1 (0x00000001)\r\nPROVISIONING_MODE_MANAGED_PROFILE\r\npublic static final int PROVISIONING_MODE_MANAGED_PROFILE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 89 of 279\n\nThe provisioning mode for managed profile.\r\nConstant Value: 2 (0x00000002)\r\nPROVISIONING_MODE_MANAGED_PROFILE_ON_PERSONAL_DEVICE\r\npublic static final int PROVISIONING_MODE_MANAGED_PROFILE_ON_PERSONAL_DEVICE\r\nThe provisioning mode for a managed profile on a personal device.\r\nThis mode is only available when the provisioning initiator has explicitly instructed the provisioning flow to support\r\nmanaged profile on a personal device provisioning. In that case, PROVISIONING_MODE_MANAGED_PROFILE corresponds to\r\nan organization-owned managed profile, whereas this constant corresponds to a personally-owned managed profile.\r\nConstant Value: 3 (0x00000003)\r\nRESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT\r\npublic static final int RESET_PASSWORD_DO_NOT_ASK_CREDENTIALS_ON_BOOT\r\nFlag for resetPasswordWithToken(ComponentName, String, byte, int) and resetPassword(String, int) : don't ask\r\nfor user credentials on device boot. If the flag is set, the device can be booted without asking for user password. The\r\nabsence of this flag does not change the current boot requirements. This flag can be set by the device owner only. If the\r\napp is not the device owner, the flag is ignored. Once the flag is set, it cannot be reverted back without resetting the\r\ndevice to factory defaults.\r\nConstant Value: 2 (0x00000002)\r\nWIPE_EUICC\r\npublic static final int WIPE_EUICC\r\nFlag for wipeDevice(int) : also erase the device's eUICC data.\r\nConstant Value: 4 (0x00000004)\r\nWIPE_EXTERNAL_STORAGE\r\npublic static final int WIPE_EXTERNAL_STORAGE\r\nFlag for wipeData(int) : also erase the device's adopted external storage (such as adopted SD cards).\r\nConstant Value: 1 (0x00000001)\r\nWIPE_RESET_PROTECTION_DATA\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 90 of 279\n\npublic static final int WIPE_RESET_PROTECTION_DATA\r\nFlag for wipeData(int) : also erase the factory reset protection data.\r\nThis flag may only be set by device owner admins; if it is set by other admins a SecurityException will be thrown.\r\nConstant Value: 2 (0x00000002)\r\nWIPE_SILENTLY\r\npublic static final int WIPE_SILENTLY\r\nFlag for wipeData(int) : won't show reason for wiping to the user.\r\nConstant Value: 8 (0x00000008)\r\nPublic methods\r\nacknowledgeDeviceCompliant\r\npublic void acknowledgeDeviceCompliant ()\r\nCalled by a profile owner of an organization-owned managed profile to acknowledge that the device is compliant and\r\nthe user can turn the profile off if needed according to the maximum time off policy. This method should be called\r\nwhen the device is deemed compliant after getting\r\nDeviceAdminReceiver.onComplianceAcknowledgementRequired(Context,Intent) callback in case it is overridden.\r\nBefore this method is called the user is still free to turn the profile off, but the timer won't be reset, so personal apps will\r\nbe suspended sooner. DPCs only need acknowledging device compliance if they override\r\nDeviceAdminReceiver.onComplianceAcknowledgementRequired(Context,Intent) , otherwise compliance is\r\nacknowledged automatically.\r\nThrows\r\nIllegalStateException if the user isn't unlocked\r\nSee also:\r\nisComplianceAcknowledgementRequired()\r\nsetManagedProfileMaximumTimeOff(ComponentName,long)\r\nDeviceAdminReceiver.onComplianceAcknowledgementRequired(Context,Intent)\r\naddCrossProfileIntentFilter\r\npublic void addCrossProfileIntentFilter (ComponentName admin,\r\n IntentFilter filter,\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 91 of 279\n\nint flags)\r\nCalled by the profile owner of a managed profile so that some intents sent in the managed profile can also be resolved\r\nin the parent, or vice versa. Only activity intents are supported.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value may be null .\r\nfilter IntentFilter : The IntentFilter the intent has to match to be also resolved in the other profile\r\nflags\r\nint : DevicePolicyManager.FLAG_MANAGED_CAN_ACCESS_PARENT and DevicePolicyManager.FLAG_\r\nPARENT_CAN_ACCESS_MANAGED are supported.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\naddCrossProfileWidgetProvider\r\npublic boolean addCrossProfileWidgetProvider (ComponentName admin,\r\n String packageName)\r\nCalled by the profile owner of a managed profile or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION to enable widget providers from a given package\r\nto be available in the parent profile. As a result the user will be able to add widgets from the allowlisted package\r\nrunning under the profile to a widget host which runs under the parent profile, for example the home screen. Note that a\r\npackage may have zero or more provider components, where each component provides a different widget type.\r\nNote: By default no widget provider package is allowlisted. This API updates the allowlist incrementally. For better\r\nperformance when updating multiple providers, use setCrossProfileWidgetProviders(Set) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\npackage\r\nName\r\nString : The package from which widget providers are allowlisted.\r\nReturns\r\nboolean Whether the package was added.\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 92 of 279\n\nSecurity\r\nException\r\nif admin is not a profile owner and not a holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_PROFILE_INTERACTION .\r\nSee also:\r\nremoveCrossProfileWidgetProvider(android.content.ComponentName,String)\r\ngetCrossProfileWidgetProviders(android.content.ComponentName)\r\naddOverrideApn\r\npublic int addOverrideApn (ComponentName admin,\r\n ApnSetting apnSetting)\r\nCalled by device owner or managed profile owner to add an override APN.\r\nThis method may returns -1 if apnSetting conflicts with an existing override APN. Update the existing conflicted\r\nAPN with updateOverrideApn(ComponentName,int,ApnSetting) instead of adding a new entry.\r\nTwo override APNs are considered to conflict when all the following APIs return the same values on both override\r\nAPNs:\r\nApnSetting.getOperatorNumeric()\r\nApnSetting.getApnName()\r\nApnSetting.getProxyAddressAsString()\r\nApnSetting.getProxyPort()\r\nApnSetting.getMmsProxyAddressAsString()\r\nApnSetting.getMmsProxyPort()\r\nApnSetting.getMmsc()\r\nApnSetting.isEnabled()\r\nApnSetting.getMvnoType()\r\nApnSetting.getProtocol()\r\nApnSetting.getRoamingProtocol()\r\nBefore Android version Build.VERSION_CODES.TIRAMISU : Only device owners can add APNs.\r\nStarting from Android version Build.VERSION_CODES.TIRAMISU : Both device owners and managed profile owners can\r\nadd enterprise APNs ( ApnSetting.TYPE_ENTERPRISE ), while only device owners can add other type of APNs.\r\nEnterprise APNs are specific to the managed profile and do not override any user-configured VPNs. They are\r\nprerequisites for enabling preferential network service on the managed profile on 4G networks\r\n( setPreferentialNetworkServiceConfigs(List) ).\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 93 of 279\n\napnSetting\r\nApnSetting : the override APN to insert.\r\nThis value cannot be null .\r\nReturns\r\nint The id of inserted override APN. Or -1 when failed to insert into the database.\r\nThrows\r\nSecurity\r\nException\r\nIf request is for enterprise APN admin is either device owner or profile owner and in all other\r\ntypes of APN if admin is not a device owner.\r\naddPersistentPreferredActivity\r\npublic void addPersistentPreferredActivity (ComponentName admin,\r\n IntentFilter filter,\r\n ComponentName activity)\r\nCalled by a profile owner or device owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_LOCK_TASK . to set a default activity that the system selects to handle\r\nintents that match the given IntentFilter instead of showing the default disambiguation mechanism. This activity\r\nwill remain the default intent handler even if the set of potential event handlers for the intent filter changes and if the\r\nintent preferences are reset.\r\nNote that the target application should still declare the activity in the manifest, the API just sets the activity to be the\r\ndefault one to handle the given intent filter.\r\nThe default disambiguation mechanism takes over if the activity is not installed (anymore). When the activity is\r\n(re)installed, it is automatically reset as default intent handler for the filter.\r\nNote that calling this API to set a default intent handler, only allow to avoid the default disambiguation mechanism.\r\nImplicit intents that do not trigger this mechanism (like invoking the browser) cannot be configured as they are\r\ncontrolled by other configurations.\r\nThe calling device admin must be a profile owner or device owner. If it is not, a security exception will be thrown.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the persistent preferred activity policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.PERSISTENT_PREFERRED_ACTIVITY_POLICY\r\nThe additional policy params bundle, which contains PolicyUpdateReceiver.EXTRA_INTENT_FILTER the intent\r\nfilter the policy applies to\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 94 of 279\n\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nNOTE: Performs disk I/O and shouldn't be called on the main thread.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\nfilter IntentFilter : The IntentFilter for which a default handler is added.\r\nactivity\r\nComponentName : The Activity that is added as default intent handler.\r\nThis value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_LOCK_TASK .\r\naddUserRestriction\r\npublic void addUserRestriction (ComponentName admin,\r\n String key)\r\nCalled by a profile owner, device owner or a holder of any permission that is associated with a user restriction to set a\r\nuser restriction specified by the key.\r\nThe calling device admin must be a profile owner, device owner or holder of any permission that is associated with a\r\nuser restriction; if it is not, a security exception will be thrown.\r\nThe profile owner of an organization-owned managed profile may invoke this method on the DevicePolicyManager\r\ninstance it obtained from getParentProfileInstance(ComponentName) , for enforcing device-wide restrictions.\r\nSee the constants in UserManager for the list of restrictions that can be enforced device-wide. These constants will also\r\nstate in their documentation which permission is required to manage the restriction using this API.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the user restriction policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier returned from DevicePolicyIdentifiers.getIdentifierForUserRestriction(String)\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 95 of 279\n\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with or null if the caller is\r\nnot a device admin.\r\nkey String : The key of the restriction.\r\nValue is one of the following:\r\nUserManager.ALLOW_PARENT_PROFILE_APP_LINKING\r\nUserManager.DISALLOW_ADD_MANAGED_PROFILE\r\nUserManager.DISALLOW_ADD_PRIVATE_PROFILE\r\nUserManager.DISALLOW_ADD_USER\r\nUserManager.DISALLOW_ADD_WIFI_CONFIG\r\nUserManager.DISALLOW_ADJUST_VOLUME\r\nUserManager.DISALLOW_AIRPLANE_MODE\r\nUserManager.DISALLOW_AMBIENT_DISPLAY\r\nUserManager.DISALLOW_APPS_CONTROL\r\nUserManager.DISALLOW_ASSIST_CONTENT\r\nUserManager.DISALLOW_AUTOFILL\r\nUserManager.DISALLOW_BLUETOOTH\r\nUserManager.DISALLOW_BLUETOOTH_SHARING\r\nUserManager.DISALLOW_CAMERA_TOGGLE\r\nUserManager.DISALLOW_CELLULAR_2G\r\nUserManager.DISALLOW_CHANGE_NEAR_FIELD_COMMUNICATION_RADIO\r\nUserManager.DISALLOW_CHANGE_WIFI_STATE\r\nUserManager.DISALLOW_CONFIG_BLUETOOTH\r\nUserManager.DISALLOW_CONFIG_BRIGHTNESS\r\nUserManager.DISALLOW_CONFIG_CELL_BROADCASTS\r\nUserManager.DISALLOW_CONFIG_CREDENTIALS\r\nUserManager.DISALLOW_CONFIG_DATE_TIME\r\nUserManager.DISALLOW_CONFIG_DEFAULT_APPS\r\nUserManager.DISALLOW_CONFIG_LOCALE\r\nUserManager.DISALLOW_CONFIG_LOCATION\r\nUserManager.DISALLOW_CONFIG_MOBILE_NETWORKS\r\nUserManager.DISALLOW_CONFIG_PRIVATE_DNS\r\nUserManager.DISALLOW_CONFIG_SCREEN_TIMEOUT\r\nUserManager.DISALLOW_CONFIG_TETHERING\r\nUserManager.DISALLOW_CONFIG_VPN\r\nUserManager.DISALLOW_CONFIG_WIFI\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 96 of 279\n\nUserManager.DISALLOW_CONTENT_CAPTURE\r\nUserManager.DISALLOW_CONTENT_SUGGESTIONS\r\nUserManager.DISALLOW_CREATE_WINDOWS\r\nUserManager.DISALLOW_CROSS_PROFILE_COPY_PASTE\r\nUserManager.DISALLOW_DATA_ROAMING\r\nUserManager.DISALLOW_DEBUGGING_FEATURES\r\nUserManager.DISALLOW_FACTORY_RESET\r\nUserManager.DISALLOW_FUN\r\nUserManager.DISALLOW_GRANT_ADMIN\r\nUserManager.DISALLOW_TASK_CONTINUITY_HANDOFF\r\nUserManager.DISALLOW_INSTALL_APPS\r\nUserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES\r\nUserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY\r\nUserManager.DISALLOW_MICROPHONE_TOGGLE\r\nUserManager.DISALLOW_MODIFY_ACCOUNTS\r\nUserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA\r\nUserManager.DISALLOW_NEAR_FIELD_COMMUNICATION_RADIO\r\nUserManager.DISALLOW_NETWORK_RESET\r\nUserManager.DISALLOW_OUTGOING_BEAM\r\nUserManager.DISALLOW_OUTGOING_CALLS\r\nUserManager.DISALLOW_PRINTING\r\nUserManager.DISALLOW_REMOVE_MANAGED_PROFILE\r\nUserManager.DISALLOW_REMOVE_USER\r\nUserManager.DISALLOW_SAFE_BOOT\r\nUserManager.DISALLOW_SET_USER_ICON\r\nUserManager.DISALLOW_SET_WALLPAPER\r\nUserManager.DISALLOW_SHARE_INTO_MANAGED_PROFILE\r\nUserManager.DISALLOW_SHARE_LOCATION\r\nUserManager.DISALLOW_SHARING_ADMIN_CONFIGURED_WIFI\r\nUserManager.DISALLOW_SIM_GLOBALLY\r\nUserManager.DISALLOW_SMS\r\nUserManager.DISALLOW_SYSTEM_ERROR_DIALOGS\r\nUserManager.DISALLOW_THREAD_NETWORK\r\nUserManager.DISALLOW_ULTRA_WIDEBAND_RADIO\r\nUserManager.DISALLOW_UNIFIED_PASSWORD\r\nUserManager.DISALLOW_UNINSTALL_APPS\r\nUserManager.DISALLOW_UNMUTE_MICROPHONE\r\nUserManager.DISALLOW_USB_FILE_TRANSFER\r\nUserManager.DISALLOW_USER_SWITCH\r\nUserManager.DISALLOW_WIFI_DIRECT\r\nUserManager.DISALLOW_WIFI_TETHERING\r\nUserManager.ENSURE_VERIFY_APPS\r\nUserManager.KEY_RESTRICTIONS_PENDING\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 97 of 279\n\nThrows\r\nSecurity\r\nException\r\nif admin is not a device or profile owner and if the caller has not been granted the\r\npermission to set the given user restriction.\r\naddUserRestrictionGlobally\r\npublic void addUserRestrictionGlobally (String key)\r\nCalled by a profile owner, device owner or a holder of any permission that is associated with a user restriction to set a\r\nuser restriction specified by the provided key globally on all users. To clear the restriction use\r\nclearUserRestriction(ComponentName, String) .\r\nFor a given user, a restriction will be set if it was applied globally or locally by any admin.\r\nThe calling device admin must be a profile owner, device owner or a holder of any permission that is associated with a\r\nuser restriction; if it is not, a security exception will be thrown.\r\nSee the constants in UserManager for the list of restrictions that can be enforced device-wide. These constants will also\r\nstate in their documentation which permission is required to manage the restriction using this API.\r\nAfter the user restriction policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier returned from DevicePolicyIdentifiers.getIdentifierForUserRestriction(String)\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nkey String : The key of the restriction.\r\nThis value cannot be null .\r\nValue is one of the following:\r\nUserManager.ALLOW_PARENT_PROFILE_APP_LINKING\r\nUserManager.DISALLOW_ADD_MANAGED_PROFILE\r\nUserManager.DISALLOW_ADD_PRIVATE_PROFILE\r\nUserManager.DISALLOW_ADD_USER\r\nUserManager.DISALLOW_ADD_WIFI_CONFIG\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 98 of 279\n\nUserManager.DISALLOW_ADJUST_VOLUME\r\nUserManager.DISALLOW_AIRPLANE_MODE\r\nUserManager.DISALLOW_AMBIENT_DISPLAY\r\nUserManager.DISALLOW_APPS_CONTROL\r\nUserManager.DISALLOW_ASSIST_CONTENT\r\nUserManager.DISALLOW_AUTOFILL\r\nUserManager.DISALLOW_BLUETOOTH\r\nUserManager.DISALLOW_BLUETOOTH_SHARING\r\nUserManager.DISALLOW_CAMERA_TOGGLE\r\nUserManager.DISALLOW_CELLULAR_2G\r\nUserManager.DISALLOW_CHANGE_NEAR_FIELD_COMMUNICATION_RADIO\r\nUserManager.DISALLOW_CHANGE_WIFI_STATE\r\nUserManager.DISALLOW_CONFIG_BLUETOOTH\r\nUserManager.DISALLOW_CONFIG_BRIGHTNESS\r\nUserManager.DISALLOW_CONFIG_CELL_BROADCASTS\r\nUserManager.DISALLOW_CONFIG_CREDENTIALS\r\nUserManager.DISALLOW_CONFIG_DATE_TIME\r\nUserManager.DISALLOW_CONFIG_DEFAULT_APPS\r\nUserManager.DISALLOW_CONFIG_LOCALE\r\nUserManager.DISALLOW_CONFIG_LOCATION\r\nUserManager.DISALLOW_CONFIG_MOBILE_NETWORKS\r\nUserManager.DISALLOW_CONFIG_PRIVATE_DNS\r\nUserManager.DISALLOW_CONFIG_SCREEN_TIMEOUT\r\nUserManager.DISALLOW_CONFIG_TETHERING\r\nUserManager.DISALLOW_CONFIG_VPN\r\nUserManager.DISALLOW_CONFIG_WIFI\r\nUserManager.DISALLOW_CONTENT_CAPTURE\r\nUserManager.DISALLOW_CONTENT_SUGGESTIONS\r\nUserManager.DISALLOW_CREATE_WINDOWS\r\nUserManager.DISALLOW_CROSS_PROFILE_COPY_PASTE\r\nUserManager.DISALLOW_DATA_ROAMING\r\nUserManager.DISALLOW_DEBUGGING_FEATURES\r\nUserManager.DISALLOW_FACTORY_RESET\r\nUserManager.DISALLOW_FUN\r\nUserManager.DISALLOW_GRANT_ADMIN\r\nUserManager.DISALLOW_TASK_CONTINUITY_HANDOFF\r\nUserManager.DISALLOW_INSTALL_APPS\r\nUserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES\r\nUserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY\r\nUserManager.DISALLOW_MICROPHONE_TOGGLE\r\nUserManager.DISALLOW_MODIFY_ACCOUNTS\r\nUserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA\r\nUserManager.DISALLOW_NEAR_FIELD_COMMUNICATION_RADIO\r\nUserManager.DISALLOW_NETWORK_RESET\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 99 of 279\n\nUserManager.DISALLOW_OUTGOING_BEAM\r\nUserManager.DISALLOW_OUTGOING_CALLS\r\nUserManager.DISALLOW_PRINTING\r\nUserManager.DISALLOW_REMOVE_MANAGED_PROFILE\r\nUserManager.DISALLOW_REMOVE_USER\r\nUserManager.DISALLOW_SAFE_BOOT\r\nUserManager.DISALLOW_SET_USER_ICON\r\nUserManager.DISALLOW_SET_WALLPAPER\r\nUserManager.DISALLOW_SHARE_INTO_MANAGED_PROFILE\r\nUserManager.DISALLOW_SHARE_LOCATION\r\nUserManager.DISALLOW_SHARING_ADMIN_CONFIGURED_WIFI\r\nUserManager.DISALLOW_SIM_GLOBALLY\r\nUserManager.DISALLOW_SMS\r\nUserManager.DISALLOW_SYSTEM_ERROR_DIALOGS\r\nUserManager.DISALLOW_THREAD_NETWORK\r\nUserManager.DISALLOW_ULTRA_WIDEBAND_RADIO\r\nUserManager.DISALLOW_UNIFIED_PASSWORD\r\nUserManager.DISALLOW_UNINSTALL_APPS\r\nUserManager.DISALLOW_UNMUTE_MICROPHONE\r\nUserManager.DISALLOW_USB_FILE_TRANSFER\r\nUserManager.DISALLOW_USER_SWITCH\r\nUserManager.DISALLOW_WIFI_DIRECT\r\nUserManager.DISALLOW_WIFI_TETHERING\r\nUserManager.ENSURE_VERIFY_APPS\r\nUserManager.KEY_RESTRICTIONS_PENDING\r\nThrows\r\nIllegalState\r\nException\r\nif caller is not targeting Android Build.VERSION_CODES.UPSIDE_DOWN_CAKE or above.\r\nSecurityException\r\nif admin is not a device or profile owner and if the caller has not been granted the\r\npermission to set the given user restriction.\r\nbindDeviceAdminServiceAsUser\r\npublic boolean bindDeviceAdminServiceAsUser (ComponentName admin,\r\n Intent serviceIntent,\r\n ServiceConnection conn,\r\n int flags,\r\n UserHandle targetUser)\r\nCalled by a device owner to bind to a service from a secondary managed user or vice versa. See\r\ngetBindDeviceAdminTargetUsers(ComponentName) for the pre-requirements of a device owner to bind to services of\r\nanother managed user.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 100 of 279\n\nThe service must be protected by Manifest.permission.BIND_DEVICE_ADMIN . Note that the Context used to obtain\r\nthis DevicePolicyManager instance via Context.getSystemService(Class) will be used to bind to the Service .\r\nNote: This method used to be available for communication between device owner and profile owner. However, since\r\nAndroid 11, this combination is not possible. This method is now only useful for communication between device owner\r\nand managed secondary users.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nservice\r\nIntent\r\nIntent : Identifies the service to connect to. The Intent must specify either an explicit component\r\nname or a package name to match an IntentFilter published by a service.\r\nThis value cannot be null .\r\nconn\r\nServiceConnection : Receives information as the service is started and stopped in main thread.\r\nThis must be a valid ServiceConnection object; it must not be null .\r\nflags\r\nint : Operation options for the binding operation. See Context.bindService(Intent,Service\r\nConnection,int) .\r\nValue is either 0 or a combination of the following:\r\nContext.BIND_AUTO_CREATE\r\nContext.BIND_DEBUG_UNBIND\r\nContext.BIND_NOT_FOREGROUND\r\nContext.BIND_ABOVE_CLIENT\r\nContext.BIND_ALLOW_OOM_MANAGEMENT\r\nContext.BIND_WAIVE_PRIORITY\r\nContext.BIND_IMPORTANT\r\nContext.BIND_ADJUST_WITH_ACTIVITY\r\nContext.BIND_NOT_PERCEPTIBLE\r\nContext.BIND_ALLOW_ACTIVITY_STARTS\r\nContext.BIND_INCLUDE_CAPABILITIES\r\nContext.BIND_SHARED_ISOLATED_PROCESS\r\nContext.BIND_PACKAGE_ISOLATED_PROCESS\r\nContext.BIND_EXTERNAL_SERVICE\r\ntarget\r\nUser\r\nUserHandle : Which user to bind to. Must be one of the users returned by\r\ngetBindDeviceAdminTargetUsers(ComponentName) , otherwise a SecurityException will be\r\nthrown.\r\nThis value cannot be null .\r\nReturns\r\nboolean\r\nIf you have successfully bound to the service, true is returned; false is returned if the connection\r\nis not made and you will not receive the service object.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 101 of 279\n\nSee also:\r\nContext.bindService(Intent,ServiceConnection,int)\r\ngetBindDeviceAdminTargetUsers(ComponentName)\r\nbindDeviceAdminServiceAsUser\r\npublic boolean bindDeviceAdminServiceAsUser (ComponentName admin,\r\n Intent serviceIntent,\r\n ServiceConnection conn,\r\n Context.BindServiceFlags flags,\r\n UserHandle targetUser)\r\nSee bindDeviceAdminServiceAsUser(ComponentName,Intent,ServiceConnection,int,UserHandle) . Call\r\nContext.BindServiceFlags.of(long) to obtain a BindServiceFlags object.\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nserviceIntent Intent : This value cannot be null .\r\nconn ServiceConnection : This value cannot be null .\r\nflags Context.BindServiceFlags : This value cannot be null .\r\ntargetUser UserHandle : This value cannot be null .\r\nReturns\r\nboolean\r\ncanAdminGrantSensorsPermissions\r\npublic boolean canAdminGrantSensorsPermissions ()\r\nReturns true if the caller is running on a device where an admin can grant permissions related to device sensors. This is\r\na signal that the device is a fully-managed device where personal usage is discouraged. The list of permissions is listed\r\nin setPermissionGrantState(ComponentName,String,String,int) . May be called by any app.\r\nReturns\r\nboolean true if an admin can grant device sensors-related permissions, false otherwise.\r\ncanUsbDataSignalingBeDisabled\r\npublic boolean canUsbDataSignalingBeDisabled ()\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 102 of 279\n\nReturns whether enabling or disabling USB data signaling is supported on the device.\r\nReturns\r\nboolean true if the device supports enabling and disabling USB data signaling.\r\nclearApplicationUserData\r\npublic void clearApplicationUserData (ComponentName admin,\r\n String packageName,\r\n Executor executor,\r\n DevicePolicyManager.OnClearApplicationUserDataListener listener)\r\nCalled by the device owner or profile owner to clear application user data of a given package. The behaviour of this is\r\nequivalent to the target application calling ActivityManager.clearApplicationUserData() .\r\nNote: an application can store data outside of its application data, e.g. external storage or user dictionary. This data will\r\nnot be wiped by calling this API.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\npackage\r\nName\r\nString : The name of the package which will have its user data wiped.\r\nThis value cannot be null .\r\nexecutor\r\nExecutor : The executor through which the listener should be invoked.\r\nThis value cannot be null .\r\nCallback and listener events are dispatched through this Executor , providing an easy way to\r\ncontrol which thread is used. To dispatch events through the main thread of your application, you\r\ncan use Context.getMainExecutor() . Otherwise, provide an Executor that dispatches to an\r\nappropriate thread.\r\nlistener\r\nDevicePolicyManager.OnClearApplicationUserDataListener : A callback object that will inform\r\nthe caller when the clearing is done.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if the caller is not the device owner/profile owner.\r\nclearCrossProfileIntentFilters\r\npublic void clearCrossProfileIntentFilters (ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 103 of 279\n\nCalled by a profile owner of a managed profile to remove the cross-profile intent filters that go from the managed\r\nprofile to the parent, or from the parent to the managed profile. Only removes those that have been set by the profile\r\nowner.\r\nNote: A list of default cross profile intent filters are set up by the system when the profile is created, some of them\r\nensure the proper functioning of the profile, while others enable sharing of data from the parent to the managed profile\r\nfor user convenience. These default intent filters are not cleared when this API is called. If the default cross profile data\r\nsharing is not desired, they can be disabled with UserManager.DISALLOW_SHARE_INTO_MANAGED_PROFILE .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value may be null .\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\nclearDeviceOwnerApp\r\npublic void clearDeviceOwnerApp (String packageName)\r\nThis method was deprecated in API level 26.\r\nThis method is expected to be used for testing purposes only. The device owner will lose control of the device and its\r\ndata after calling it. In order to protect any sensitive data that remains on the device, it is advised that the device owner\r\nfactory resets the device instead of calling this method. See wipeData(int) .\r\nClears the current device owner. The caller must be the device owner. This function should be used cautiously as once it\r\nis called it cannot be undone. The device owner can only be set as a part of device setup, before it completes.\r\nWhile some policies previously set by the device owner will be cleared by this method, it is a best-effort process and\r\nsome other policies will still remain in place after the device owner is cleared.\r\nParameters\r\npackageName String : The package name of the device owner.\r\nThrows\r\nSecurity\r\nException\r\nif the caller is not in packageName or packageName does not own the current device owner\r\ncomponent.\r\nclearPackagePersistentPreferredActivities\r\npublic void clearPackagePersistentPreferredActivities (ComponentName admin,\r\n String packageName)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 104 of 279\n\nCalled by a profile owner or device owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_LOCK_TASK to remove all persistent intent handler preferences associated\r\nwith the given package that were set by addPersistentPreferredActivity(ComponentName, IntentFilter,\r\nComponentName) .\r\nThe calling device admin must be a profile owner. If it is not, a security exception will be thrown.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the persistent preferred activity policy has been cleared,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully cleared or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.PERSISTENT_PREFERRED_ACTIVITY_POLICY\r\nThe additional policy params bundle, which contains PolicyUpdateReceiver.EXTRA_INTENT_FILTER the intent\r\nfilter the policy applies to\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully cleared or the reason the policy failed to be cleared (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\npackage\r\nName\r\nString : The name of the package for which preferences are removed.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_LOCK_TASK .\r\nclearProfileOwner\r\npublic void clearProfileOwner (ComponentName admin)\r\nThis method was deprecated in API level 26.\r\nThis method is expected to be used for testing purposes only. The profile owner will lose control of the user and its data\r\nafter calling it. In order to protect any sensitive data that remains on this user, it is advised that the profile owner deletes\r\nit instead of calling this method. See wipeData(int) .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 105 of 279\n\nClears the active profile owner. The caller must be the profile owner of this user, otherwise a SecurityException will be\r\nthrown. This method is not available to managed profile owners.\r\nWhile some policies previously set by the profile owner will be cleared by this method, it is a best-effort process and\r\nsome other policies will still remain in place after the profile owner is cleared.\r\nParameters\r\nadmin\r\nComponentName : The component to remove as the profile owner.\r\nThis value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active profile owner, or the method is being called from a managed\r\nprofile.\r\nclearResetPasswordToken\r\npublic boolean clearResetPasswordToken (ComponentName admin)\r\nCalled by a profile, device owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_RESET_PASSWORD to revoke the current password reset token.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, this method has no effect - the reset\r\ntoken should not have been set in the first place - and false is returned.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nboolean true if the operation is successful, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device or profile owner and if the caller does not the permission Manifest.\r\npermission.MANAGE_DEVICE_POLICY_RESET_PASSWORD .\r\nclearUserRestriction\r\npublic void clearUserRestriction (ComponentName admin,\r\n String key)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 106 of 279\n\nCalled by a profile owner, device owner or a holder of any permission that is associated with a user restriction to clear a\r\nuser restriction specified by the key.\r\nThe calling device admin must be a profile or device owner; if it is not, a security exception will be thrown.\r\nThe profile owner of an organization-owned managed profile may invoke this method on the DevicePolicyManager\r\ninstance it obtained from getParentProfileInstance(ComponentName) , for clearing device-wide restrictions.\r\nSee the constants in UserManager for the list of restrictions. These constants state in their documentation which\r\npermission is required to manage the restriction using this API.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the user restriction policy has been cleared,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully cleared or not. This callback will contain:\r\nThe policy identifier returned from DevicePolicyIdentifiers.getIdentifierForUserRestriction(String)\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully cleared or the reason the policy failed to be cleared (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with or null if the caller is\r\nnot a device admin.\r\nkey String : The key of the restriction.\r\nValue is one of the following:\r\nUserManager.ALLOW_PARENT_PROFILE_APP_LINKING\r\nUserManager.DISALLOW_ADD_MANAGED_PROFILE\r\nUserManager.DISALLOW_ADD_PRIVATE_PROFILE\r\nUserManager.DISALLOW_ADD_USER\r\nUserManager.DISALLOW_ADD_WIFI_CONFIG\r\nUserManager.DISALLOW_ADJUST_VOLUME\r\nUserManager.DISALLOW_AIRPLANE_MODE\r\nUserManager.DISALLOW_AMBIENT_DISPLAY\r\nUserManager.DISALLOW_APPS_CONTROL\r\nUserManager.DISALLOW_ASSIST_CONTENT\r\nUserManager.DISALLOW_AUTOFILL\r\nUserManager.DISALLOW_BLUETOOTH\r\nUserManager.DISALLOW_BLUETOOTH_SHARING\r\nUserManager.DISALLOW_CAMERA_TOGGLE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 107 of 279\n\nUserManager.DISALLOW_CELLULAR_2G\r\nUserManager.DISALLOW_CHANGE_NEAR_FIELD_COMMUNICATION_RADIO\r\nUserManager.DISALLOW_CHANGE_WIFI_STATE\r\nUserManager.DISALLOW_CONFIG_BLUETOOTH\r\nUserManager.DISALLOW_CONFIG_BRIGHTNESS\r\nUserManager.DISALLOW_CONFIG_CELL_BROADCASTS\r\nUserManager.DISALLOW_CONFIG_CREDENTIALS\r\nUserManager.DISALLOW_CONFIG_DATE_TIME\r\nUserManager.DISALLOW_CONFIG_DEFAULT_APPS\r\nUserManager.DISALLOW_CONFIG_LOCALE\r\nUserManager.DISALLOW_CONFIG_LOCATION\r\nUserManager.DISALLOW_CONFIG_MOBILE_NETWORKS\r\nUserManager.DISALLOW_CONFIG_PRIVATE_DNS\r\nUserManager.DISALLOW_CONFIG_SCREEN_TIMEOUT\r\nUserManager.DISALLOW_CONFIG_TETHERING\r\nUserManager.DISALLOW_CONFIG_VPN\r\nUserManager.DISALLOW_CONFIG_WIFI\r\nUserManager.DISALLOW_CONTENT_CAPTURE\r\nUserManager.DISALLOW_CONTENT_SUGGESTIONS\r\nUserManager.DISALLOW_CREATE_WINDOWS\r\nUserManager.DISALLOW_CROSS_PROFILE_COPY_PASTE\r\nUserManager.DISALLOW_DATA_ROAMING\r\nUserManager.DISALLOW_DEBUGGING_FEATURES\r\nUserManager.DISALLOW_FACTORY_RESET\r\nUserManager.DISALLOW_FUN\r\nUserManager.DISALLOW_GRANT_ADMIN\r\nUserManager.DISALLOW_TASK_CONTINUITY_HANDOFF\r\nUserManager.DISALLOW_INSTALL_APPS\r\nUserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES\r\nUserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY\r\nUserManager.DISALLOW_MICROPHONE_TOGGLE\r\nUserManager.DISALLOW_MODIFY_ACCOUNTS\r\nUserManager.DISALLOW_MOUNT_PHYSICAL_MEDIA\r\nUserManager.DISALLOW_NEAR_FIELD_COMMUNICATION_RADIO\r\nUserManager.DISALLOW_NETWORK_RESET\r\nUserManager.DISALLOW_OUTGOING_BEAM\r\nUserManager.DISALLOW_OUTGOING_CALLS\r\nUserManager.DISALLOW_PRINTING\r\nUserManager.DISALLOW_REMOVE_MANAGED_PROFILE\r\nUserManager.DISALLOW_REMOVE_USER\r\nUserManager.DISALLOW_SAFE_BOOT\r\nUserManager.DISALLOW_SET_USER_ICON\r\nUserManager.DISALLOW_SET_WALLPAPER\r\nUserManager.DISALLOW_SHARE_INTO_MANAGED_PROFILE\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 108 of 279\n\nUserManager.DISALLOW_SHARE_LOCATION\r\nUserManager.DISALLOW_SHARING_ADMIN_CONFIGURED_WIFI\r\nUserManager.DISALLOW_SIM_GLOBALLY\r\nUserManager.DISALLOW_SMS\r\nUserManager.DISALLOW_SYSTEM_ERROR_DIALOGS\r\nUserManager.DISALLOW_THREAD_NETWORK\r\nUserManager.DISALLOW_ULTRA_WIDEBAND_RADIO\r\nUserManager.DISALLOW_UNIFIED_PASSWORD\r\nUserManager.DISALLOW_UNINSTALL_APPS\r\nUserManager.DISALLOW_UNMUTE_MICROPHONE\r\nUserManager.DISALLOW_USB_FILE_TRANSFER\r\nUserManager.DISALLOW_USER_SWITCH\r\nUserManager.DISALLOW_WIFI_DIRECT\r\nUserManager.DISALLOW_WIFI_TETHERING\r\nUserManager.ENSURE_VERIFY_APPS\r\nUserManager.KEY_RESTRICTIONS_PENDING\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device or profile owner and if the caller has not been granted the\r\npermission to set the given user restriction.\r\ncreateAdminSupportIntent\r\npublic Intent createAdminSupportIntent (String restriction)\r\nCalled by any app to display a support dialog when a feature was disabled by an admin. This returns an intent that can\r\nbe used with Context.startActivity(Intent) to display the dialog. It will tell the user that the feature indicated by\r\nrestriction was disabled by an admin, and include a link for more information. The default content of the dialog can\r\nbe changed by the restricting admin via setShortSupportMessage(ComponentName,CharSequence) . If the restriction is\r\nnot set (i.e. the feature is available), then the return value will be null .\r\nParameters\r\nrestriction\r\nString : Indicates for which feature the dialog should be displayed. Can be a user restriction\r\nfrom UserManager , e.g. UserManager.DISALLOW_ADJUST_VOLUME , or one of the constants\r\nPOLICY_DISABLE_CAMERA or POLICY_DISABLE_SCREEN_CAPTURE .\r\nThis value cannot be null .\r\nReturns\r\nIntent\r\nIntent An intent to be used to start the dialog-activity if the restriction is set by an admin, or null if the\r\nrestriction does not exist or no admin set it.\r\ncreateAndManageUser\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 109 of 279\n\npublic UserHandle createAndManageUser (ComponentName admin,\r\n String name,\r\n ComponentName profileOwner,\r\n PersistableBundle adminExtras,\r\n int flags)\r\nCalled by a device owner to create a user with the specified name and a given component of the calling package as\r\nprofile owner. The UserHandle returned by this method should not be persisted as user handles are recycled as users are\r\nremoved and created. If you need to persist an identifier for this user, use UserManager.getSerialNumberForUser . The\r\nnew user will not be started in the background.\r\nadmin is the DeviceAdminReceiver which is the device owner. profileOwner is also a DeviceAdminReceiver in the\r\nsame package as admin, and will become the profile owner and will be registered as an active admin on the new user.\r\nThe profile owner package will be installed on the new user.\r\nIf the adminExtras are not null, they will be stored on the device until the user is started for the first time. Then the\r\nextras will be passed to the admin when onEnable is called.\r\nFrom Build.VERSION_CODES.P onwards, if targeting Build.VERSION_CODES.P , throws UserOperationException\r\ninstead of returning null on failure.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nname\r\nString : The user's name.\r\nThis value cannot be null .\r\nprofile\r\nOwner\r\nComponentName : Which DeviceAdminReceiver will be profile owner. Has to be in the same\r\npackage as admin, otherwise no user is created and an IllegalArgumentException is thrown.\r\nThis value cannot be null .\r\nadmin\r\nExtras\r\nPersistableBundle : Extras that will be passed to onEnable of the admin receiver on the new user.\r\nThis value may be null .\r\nflags\r\nint : SKIP_SETUP_WIZARD , MAKE_USER_EPHEMERAL and LEAVE_ALL_SYSTEM_APPS_ENABLED are\r\nsupported.\r\nValue is either 0 or a combination of the following:\r\nSKIP_SETUP_WIZARD\r\nMAKE_USER_EPHEMERAL\r\nLEAVE_ALL_SYSTEM_APPS_ENABLED\r\nReturns\r\nUserHandle the UserHandle object for the created user, or null if the user could not be created.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 110 of 279\n\nThrows\r\nUserManager.User\r\nOperationException\r\nif the user could not be created and the calling app is targeting Build.VERSION_\r\nCODES.P and running on Build.VERSION_CODES.P .\r\nSecurityException\r\nif headless device is in DeviceAdminInfo.HEADLESS_DEVICE_OWNER_MODE_SINGLE_\r\nUSER mode.\r\nSecurityException if admin is not a device owner\r\nenableSystemApp\r\npublic int enableSystemApp (ComponentName admin,\r\n Intent intent)\r\nRe-enable system apps by intent that were disabled by default when the user was initialized. This function can be called\r\nby a device owner, profile owner, or by a delegate given the DELEGATION_ENABLE_SYSTEM_APP scope via\r\nsetDelegatedScopes(ComponentName, String, List) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the caller\r\nis an enable system app delegate.\r\nintent\r\nIntent : An intent matching the app(s) to be installed. All apps that resolve for this intent will be re-enabled in the calling profile.\r\nReturns\r\nint int The number of activities that matched the intent and were installed.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nenableSystemApp\r\npublic void enableSystemApp (ComponentName admin,\r\n String packageName)\r\nRe-enable a system app that was disabled by default when the user was initialized. This function can be called by a\r\ndevice owner, profile owner, or by a delegate given the DELEGATION_ENABLE_SYSTEM_APP scope via\r\nsetDelegatedScopes(ComponentName, String, List) .\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 111 of 279\n\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the\r\ncaller is an enable system app delegate.\r\npackage\r\nName\r\nString : The package to be re-enabled in the calling profile.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\ngenerateKeyPair\r\npublic AttestedKeyPair generateKeyPair (ComponentName admin,\r\n String algorithm,\r\n KeyGenParameterSpec keySpec,\r\n int idAttestationFlags)\r\nThis API can be called by the following to generate a new private/public key pair:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES permission\r\nIf the device supports key generation via secure hardware, this method is useful for creating a key in KeyChain that\r\nnever left the secure hardware. Access to the key is controlled the same way as in installKeyPair(ComponentName,\r\nPrivateKey, Certificate, String) .\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API. If called by the credential\r\nmanagement app, the componentName must be null . Note, there can only be a credential management app on an\r\nunmanaged device.\r\nBecause this method might take several seconds to complete, it should only be called from a worker thread. This\r\nmethod returns null when called from the main thread.\r\nThis method is not thread-safe, calling it from multiple threads at the same time will result in undefined behavior. If the\r\ncalling thread is interrupted while the invocation is in-flight, it will eventually terminate and return null .\r\nNote: If the provided alias is of an existing alias, all former grants that apps have been given to access the key and\r\ncertificates associated with this alias will be revoked.\r\nAttestation: to enable attestation, set an attestation challenge in keySpec via\r\nKeyGenParameterSpec.Builder.setAttestationChallenge . By specifying flags to the idAttestationFlags\r\nparameter, it is possible to request the device's unique identity to be included in the attestation record.\r\nSpecific identifiers can be included in the attestation record, and an individual attestation certificate can be used to sign\r\nthe attestation record. To find out if the device supports these features, refer to isDeviceIdAttestationSupported()\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 112 of 279\n\nand isUniqueDeviceAttestationSupported() .\r\nDevice owner, profile owner, their delegated certificate installer and the credential management app can use\r\nID_TYPE_BASE_INFO to request inclusion of the general device information including manufacturer, model, brand,\r\ndevice and product in the attestation record. Only device owner, profile owner on an organization-owned device or\r\naffiliated user, and their delegated certificate installers can use ID_TYPE_SERIAL , ID_TYPE_IMEI and ID_TYPE_MEID\r\nto request unique device identifiers to be attested (the serial number, IMEI and MEID correspondingly), if supported by\r\nthe device (see isDeviceIdAttestationSupported() ). Additionally, device owner, profile owner on an organization-owned device and their delegated certificate installers can also request the attestation record to be signed using an\r\nindividual attestation certificate by specifying the ID_TYPE_INDIVIDUAL_ATTESTATION flag (if supported by the device,\r\nsee isUniqueDeviceAttestationSupported() ).\r\nIf any of ID_TYPE_SERIAL , ID_TYPE_IMEI and ID_TYPE_MEID is set, it is implicitly assumed that\r\nID_TYPE_BASE_INFO is also set.\r\nAttestation using ID_TYPE_INDIVIDUAL_ATTESTATION can only be requested if key generation is done in StrongBox.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the\r\ncaller is not a device admin.\r\nalgorithm\r\nString : The key generation algorithm, see KeyPairGenerator .\r\nThis value cannot be null .\r\nkeySpec\r\nKeyGenParameterSpec : Specification of the key to generate, see KeyPairGenerator .\r\nThis value cannot be null .\r\nid\r\nAttestation\r\nFlags\r\nint : A bitmask of the identifiers that should be included in the attestation record ( ID_TYPE_\r\nBASE_INFO , ID_TYPE_SERIAL , ID_TYPE_IMEI and ID_TYPE_MEID ), and ID_TYPE_INDIVIDUAL_\r\nATTESTATION if the attestation record should be signed using an individual attestation certificate.\r\n0 should be passed in if no device identification is required in the attestation record and the\r\nbatch attestation certificate should be used.\r\nIf any flag is specified, then an attestation challenge must be included in the keySpec .\r\nValue is either 0 or a combination of the following:\r\nID_TYPE_BASE_INFO\r\nID_TYPE_SERIAL\r\nID_TYPE_IMEI\r\nID_TYPE_MEID\r\nID_TYPE_INDIVIDUAL_ATTESTATION\r\nReturns\r\nAttestedKeyPair A non-null AttestedKeyPair if the key generation succeeded, null otherwise.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 113 of 279\n\nThrows\r\nStrongBox\r\nUnavailable\r\nException\r\nif the use of StrongBox for key generation was specified in keySpec but the device does not\r\nhave one.\r\nIllegal\r\nArgument\r\nException\r\nin the following cases:\r\nThe alias in keySpec is empty.\r\nThe algorithm specification in keySpec is not RSAKeyGenParameterSpec or\r\nECGenParameterSpec .\r\nDevice ID attestation was requested but the keySpec does not contain an attestation\r\nchallenge.\r\nSecurity\r\nException\r\nif admin is not null and not a device or profile owner, or admin is null but the calling\r\napplication is not a delegated certificate installer or credential management app. If Device ID\r\nattestation is requested (using ID_TYPE_SERIAL , ID_TYPE_IMEI or ID_TYPE_MEID ), the\r\ncaller must be the Device Owner or the Certificate Installer delegate.\r\nUnsupported\r\nOperation\r\nException\r\nif Device ID attestation or individual attestation was requested but the underlying hardware\r\ndoes not support it.\r\ngetAccountTypesWithManagementDisabled\r\npublic String[] getAccountTypesWithManagementDisabled ()\r\nGets the array of accounts for which account management is disabled by the profile owner or device owner.\r\nAccount management can be disabled/enabled by calling setAccountManagementDisabled(ComponentName, String,\r\nboolean) .\r\nThis method may be called on the DevicePolicyManager instance returned from\r\ngetParentProfileInstance(ComponentName) . Note that only a profile owner on an organization-owned device can\r\naffect account types on the parent profile instance.\r\nReturns\r\nString[]\r\na list of account types for which account management has been disabled.\r\nThis value may be null .\r\ngetActiveAdmins\r\npublic List\u003cComponentName\u003e getActiveAdmins ()\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 114 of 279\n\nReturn a list of all currently active device administrators' component names. If there are no administrators null may\r\nbe returned.\r\nReturns\r\nList\u003cComponentName\u003e\r\ngetAffiliationIds\r\npublic Set\u003cString\u003e getAffiliationIds (ComponentName admin)\r\nReturns the set of affiliation ids previously set via setAffiliationIds(ComponentName, Set) , or an empty set if none\r\nhave been set.\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nReturns\r\nSet\u003cString\u003e This value cannot be null .\r\ngetAlwaysOnVpnLockdownWhitelist\r\npublic Set\u003cString\u003e getAlwaysOnVpnLockdownWhitelist (ComponentName admin)\r\nCalled by device or profile owner to query the set of packages that are allowed to access the network directly when\r\nalways-on VPN is in lockdown mode but not connected. Returns null when always-on VPN is not active or not in\r\nlockdown mode.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nSet\u003cString\u003e\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\ngetAlwaysOnVpnPackage\r\npublic String getAlwaysOnVpnPackage (ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 115 of 279\n\nCalled by a device or profile owner to read the name of the package administering an always-on VPN connection for\r\nthe current user. If there is no such package, or the always-on VPN is provided by the system instead of by an\r\napplication, null will be returned.\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nReturns\r\nString Package name of VPN controller responsible for always-on VPN, or null if none is set.\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\ngetAppFunctionsPolicy\r\npublic int getAppFunctionsPolicy ()\r\nReturns the current AppFunctionManager policy.\r\nThe returned policy will be the current resolved policy rather than the policy set by the calling admin.\r\nReturns\r\nint\r\nValue is one of the following:\r\nAPP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY\r\nAPP_FUNCTIONS_DISABLED\r\nAPP_FUNCTIONS_DISABLED_CROSS_PROFILE\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner or a holder of the permission Manifest.\r\npermission.MANAGE_DEVICE_POLICY_APP_FUNCTIONS .\r\ngetApplicationRestrictions\r\npublic Bundle getApplicationRestrictions (ComponentName admin,\r\n String packageName)\r\nRetrieves the application restrictions for a given target application running in the calling user.\r\nThe caller must be a profile or device owner on that user, or the package allowed to manage application restrictions via\r\nsetDelegatedScopes(ComponentName, String, List) with the DELEGATION_APP_RESTRICTIONS scope; otherwise a\r\nsecurity exception will be thrown.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 116 of 279\n\nNOTE: The method performs disk I/O and shouldn't be called on the main thread.\r\nThis method may take several seconds to complete, so it should only be called from a worker thread.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if called\r\nby the application restrictions managing package.\r\npackage\r\nName\r\nString : The name of the package to fetch restricted settings of.\r\nReturns\r\nBundle\r\nBundle of settings corresponding to what was set last time DevicePolicyManager.setApplication\r\nRestrictions was called, or an empty Bundle if no restrictions have been set.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\ngetApplicationRestrictionsManagingPackage\r\npublic String getApplicationRestrictionsManagingPackage (ComponentName admin)\r\nThis method was deprecated in API level 26.\r\nFrom Build.VERSION_CODES.O . Use getDelegatePackages(ComponentName, String) with the\r\nDELEGATION_APP_RESTRICTIONS scope instead.\r\nCalled by a profile owner or device owner to retrieve the application restrictions managing package for the current user,\r\nor null if none is set. If there are multiple delegates this function will return one of them.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nString\r\nThe package name allowed to manage application restrictions on the current user, or null if none is\r\nset.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\ngetAutoTimeEnabled\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 117 of 279\n\npublic boolean getAutoTimeEnabled (ComponentName admin)\r\nReturns true if auto time is enabled on the device.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nboolean true if auto time is enabled on the device.\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile.\r\ngetAutoTimePolicy\r\npublic int getAutoTimePolicy ()\r\nReturns current auto time policy's state.\r\nReturns\r\nint\r\nOne of AUTO_TIME_ENABLED if enabled, AUTO_TIME_DISABLED if disabled and AUTO_TIME_NOT_\r\nCONTROLLED_BY_POLICY if it's not controlled by policy.\r\nValue is one of the following:\r\nAUTO_TIME_NOT_CONTROLLED_BY_POLICY\r\nAUTO_TIME_DISABLED\r\nAUTO_TIME_ENABLED\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile, or if the caller does not hold the required permission.\r\ngetAutoTimeRequired\r\npublic boolean getAutoTimeRequired ()\r\nThis method was deprecated in API level 30.\r\nFrom Build.VERSION_CODES.R . Use getAutoTimeEnabled(ComponentName)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 118 of 279\n\nReturns\r\nboolean true if auto time is required.\r\ngetAutoTimeZoneEnabled\r\npublic boolean getAutoTimeZoneEnabled (ComponentName admin)\r\nReturns true if auto time zone is enabled on the device.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nboolean true if auto time zone is enabled on the device.\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile.\r\ngetAutoTimeZonePolicy\r\npublic int getAutoTimeZonePolicy ()\r\nReturns auto time zone policy's current state.\r\nReturns\r\nint\r\nOne of AUTO_TIME_ZONE_ENABLED if enabled, AUTO_TIME_ZONE_DISABLED if disabled and AUTO_TIME_\r\nZONE_NOT_CONTROLLED_BY_POLICY if the state is not controlled by policy.\r\nValue is one of the following:\r\nAUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY\r\nAUTO_TIME_ZONE_DISABLED\r\nAUTO_TIME_ZONE_ENABLED\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile, or if the caller does not hold the required permission.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 119 of 279\n\ngetBindDeviceAdminTargetUsers\r\npublic List\u003cUserHandle\u003e getBindDeviceAdminTargetUsers (ComponentName admin)\r\nReturns the list of target users that the calling device owner or owner of secondary user can use when calling\r\nbindDeviceAdminServiceAsUser(ComponentName, Intent, ServiceConnection, BindServiceFlags, UserHandle) .\r\nA device owner can bind to a service from a secondary managed user and vice versa, provided that both users are\r\naffiliated. See setAffiliationIds(ComponentName, Set) .\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nReturns\r\nList\u003cUserHandle\u003e This value cannot be null .\r\ngetBluetoothContactSharingDisabled\r\npublic boolean getBluetoothContactSharingDisabled (ComponentName admin)\r\nCalled by a profile owner of a managed profile to determine whether or not Bluetooth devices cannot access enterprise\r\ncontacts.\r\nThe calling device admin must be a profile owner. If it is not, a security exception will be thrown.\r\nThis API works on managed profile only.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\ngetCameraDisabled\r\npublic boolean getCameraDisabled (ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 120 of 279\n\nDetermine whether or not the device's cameras have been disabled for this user, either by the calling admin, if specified,\r\nor all admins.\r\nStarting with Android Build.VERSION_CODES.CINNAMON_BUN , this method also checks for external USB cameras that\r\nconnect directly via the UsbConstants.USB_CLASS_VIDEO interface.\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be the profile owner of an organization-owned\r\nmanaged profile.\r\nParameters\r\nadmin\r\nComponentName : The name of the admin component to check, or null to check whether any admins\r\nhave disabled the camera\r\nReturns\r\nboolean\r\ngetCertInstallerPackage\r\npublic String getCertInstallerPackage (ComponentName admin)\r\nThis method was deprecated in API level 26.\r\nFrom Build.VERSION_CODES.O . Use getDelegatePackages(ComponentName, String) with the\r\nDELEGATION_CERT_INSTALL scope instead.\r\nCalled by a profile owner or device owner to retrieve the certificate installer for the user, or null if none is set. If\r\nthere are multiple delegates this function will return one of them.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nString The package name of the current delegated certificate installer, or null if none is set.\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\ngetContentProtectionPolicy\r\npublic int getContentProtectionPolicy (ComponentName admin)\r\nReturns the current content protection policy.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 121 of 279\n\nThe returned policy will be the current resolved policy rather than the policy set by the calling admin.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nint\r\nValue is one of the following:\r\nCONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY\r\nCONTENT_PROTECTION_DISABLED\r\nCONTENT_PROTECTION_ENABLED\r\nThrows\r\nSecurity\r\nException\r\nif admin is not the device owner, the profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holder of the permission Manifest.permission.MANAGE_\r\nDEVICE_POLICY_CONTENT_PROTECTION .\r\ngetCredentialManagerPolicy\r\npublic PackagePolicy getCredentialManagerPolicy ()\r\nCalled by a device owner or profile owner of a managed profile to retrieve the credential manager policy.\r\nReturns\r\nPackagePolicy the current credential manager policy if null then this policy has not been configured.\r\nThrows\r\nSecurityException if caller is not a device owner or profile owner of a managed profile.\r\ngetCrossProfileCalendarPackages\r\npublic Set\u003cString\u003e getCrossProfileCalendarPackages (ComponentName admin)\r\nThis method was deprecated in API level 34.\r\nUse setCrossProfilePackages(ComponentName,Set) .\r\nGets a set of package names that are allowed to access cross-profile calendar APIs.\r\nCalled by a profile owner of a managed profile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 122 of 279\n\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nSet\u003cString\u003e\r\nthe set of names of packages that were previously allowed via\r\nsetCrossProfileCalendarPackages(ComponentName,Set) , or an empty set if none have been\r\nallowed.\r\nThis value may be null .\r\nThrows\r\nSecurityException if admin is not a profile owner\r\ngetCrossProfileCallerIdDisabled\r\npublic boolean getCrossProfileCallerIdDisabled (ComponentName admin)\r\nThis method was deprecated in API level 34.\r\nstarting with Build.VERSION_CODES.UPSIDE_DOWN_CAKE , use getManagedProfileCallerIdAccessPolicy() instead\r\nCalled by a profile owner of a managed profile to determine whether or not caller-Id information has been disabled.\r\nThe calling device admin must be a profile owner. If it is not, a security exception will be thrown.\r\nStarting with Build.VERSION_CODES.UPSIDE_DOWN_CAKE , this will return true when\r\nsetManagedProfileCallerIdAccessPolicy(PackagePolicy) has been set with a non-null policy whose policy type is\r\nNOT PackagePolicy.PACKAGE_POLICY_BLOCKLIST\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\ngetCrossProfileContactsSearchDisabled\r\npublic boolean getCrossProfileContactsSearchDisabled (ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 123 of 279\n\nThis method was deprecated in API level 34.\r\nFrom Build.VERSION_CODES.UPSIDE_DOWN_CAKE use getManagedProfileContactsAccessPolicy()\r\nCalled by a profile owner of a managed profile to determine whether or not contacts search has been disabled.\r\nThe calling device admin must be a profile owner. If it is not, a security exception will be thrown.\r\nStarting with Build.VERSION_CODES.UPSIDE_DOWN_CAKE , this will return true when\r\nsetManagedProfileContactsAccessPolicy(PackagePolicy) has been set with a non-null policy whose policy type is\r\nNOT PackagePolicy.PACKAGE_POLICY_BLOCKLIST\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\ngetCrossProfilePackages\r\npublic Set\u003cString\u003e getCrossProfilePackages (ComponentName admin)\r\nReturns the set of package names that the admin has previously set as allowed to request user consent for cross-profile\r\ncommunication, via setCrossProfilePackages(ComponentName,Set) .\r\nAssumes that the caller is a profile owner and is the given admin .\r\nNote that other apps not included in the returned set may be able to request user consent for cross-profile\r\ncommunication if they have been explicitly allowlisted by the OEM.\r\nParameters\r\nadmin\r\nComponentName : the DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nSet\u003cString\u003e\r\nthe set of package names the admin has previously set as allowed to request user consent for\r\ncross-profile communication, via setCrossProfilePackages(ComponentName,Set)\r\nThis value cannot be null .\r\ngetCrossProfileWidgetProviders\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 124 of 279\n\npublic List\u003cString\u003e getCrossProfileWidgetProviders (ComponentName admin)\r\nCalled by the profile owner of a managed profile or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION to query providers from which packages are\r\navailable in the parent profile.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nList\u003cString\u003e\r\nThe allowlisted package list.\r\nThis value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a profile owner and not a holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_PROFILE_INTERACTION .\r\nSee also:\r\naddCrossProfileWidgetProvider(android.content.ComponentName,String)\r\nremoveCrossProfileWidgetProvider(android.content.ComponentName,String)\r\ngetCurrentFailedPasswordAttempts\r\npublic int getCurrentFailedPasswordAttempts ()\r\nRetrieve the number of times the user has failed at entering a password since that last successful password entry.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve the number of failed password attempts for the parent\r\nuser.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_WATCH_LOGIN to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always empty and\r\nthis method always returns 0.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nReturns\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 125 of 279\n\nint The number of times user has entered an incorrect password since the last correct password entry.\r\nThrows\r\nSecurity\r\nException\r\nif the calling application does not own an active administrator that uses DeviceAdminInfo.\r\nUSES_POLICY_WATCH_LOGIN\r\ngetDelegatePackages\r\npublic List\u003cString\u003e getDelegatePackages (ComponentName admin,\r\n String delegationScope)\r\nCalled by a profile owner or device owner to retrieve a list of delegate packages that were granted a delegation scope.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ndelegationScope\r\nString : The scope whose delegates should be retrieved.\r\nThis value cannot be null .\r\nReturns\r\nList\u003cString\u003e\r\nA list of package names of the current delegated packages for delegationScope .\r\nThis value may be null .\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\ngetDelegatedScopes\r\npublic List\u003cString\u003e getDelegatedScopes (ComponentName admin,\r\n String delegatedPackage)\r\nCalled by a profile owner or device owner to retrieve a list of the scopes given to a delegate package. Other apps can\r\nuse this method to retrieve their own delegated scopes by passing null for admin and their own package name as\r\ndelegatedPackage .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if\r\nthe caller is delegatedPackage .\r\ndelegated\r\nPackage\r\nString : The package name of the app whose scopes should be retrieved.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 126 of 279\n\nReturns\r\nList\u003cString\u003e A list containing the scopes given to delegatedPackage .\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\ngetDeviceOwnerLockScreenInfo\r\npublic CharSequence getDeviceOwnerLockScreenInfo ()\r\nReturns\r\nCharSequence The device owner information. If it is not set returns null .\r\ngetDevicePolicyManagementRoleHolderPackage\r\npublic String getDevicePolicyManagementRoleHolderPackage ()\r\nReturns the package name of the device policy management role holder.\r\nIf the device policy management role holder is not configured for this device, returns null .\r\nReturns\r\nString\r\ngetEndUserSessionMessage\r\npublic CharSequence getEndUserSessionMessage (ComponentName admin)\r\nReturns the user session end message.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nCharSequence\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 127 of 279\n\ngetEnrollmentSpecificId\r\npublic String getEnrollmentSpecificId ()\r\nReturns an enrollment-specific identifier of this device, which is guaranteed to be the same value for the same device,\r\nenrolled into the same organization by the same managing app. This identifier is high-entropy, useful for uniquely\r\nidentifying individual devices within the same organisation. It is available both in a work profile and on a fully-managed device. The identifier would be consistent even if the work profile is removed and enrolled again (to the same\r\norganization), or the device is factory reset and re-enrolled. Can only be called by the Profile Owner and Device Owner,\r\nand starting from Android Build.VERSION_CODES.VANILLA_ICE_CREAM , holders of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES . If setOrganizationId(String) was not called, then the\r\nreturned value will be an empty string.\r\nNote about access to device identifiers: a device owner, a profile owner of an organization-owned device or the\r\ndelegated certificate installer (holding the DELEGATION_CERT_INSTALL delegation) on such a device can still obtain\r\nhardware identifiers by calling e.g. Build.getSerial() , in addition to using this method. However, a profile owner on\r\na personal (non organization-owned) device, or the delegated certificate installer on such a device, cannot obtain\r\nhardware identifiers anymore and must switch to using this method.\r\nReturns\r\nString\r\nA stable, enrollment-specific identifier.\r\nThis value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif the caller is not a profile owner, device owner or holding the Manifest.permission.MANAGE_\r\nDEVICE_POLICY_CERTIFICATES permission\r\ngetFactoryResetProtectionPolicy\r\npublic FactoryResetProtectionPolicy getFactoryResetProtectionPolicy (ComponentName admin)\r\nCallable by device owner or profile owner of an organization-owned device, to retrieve the current factory reset\r\nprotection (FRP) policy set previously by setFactoryResetProtectionPolicy(ComponentName,\r\nFactoryResetProtectionPolicy) .\r\nThis method can also be called by the FRP management agent on device or with the permission\r\nManifest.permission.MASTER_CLEAR , in which case, it can pass null as the ComponentName.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with or null if the caller is\r\nnot a device admin\r\nReturns\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 128 of 279\n\nFactoryResetProtectionPolicy The current FRP policy object or null if no policy is set.\r\nThrows\r\nSecurityException\r\nif admin is not a device owner, a profile owner of an organization-owned device\r\nor the FRP management agent.\r\nUnsupportedOperation\r\nException\r\nif factory reset protection is not supported on the device.\r\ngetGlobalPrivateDnsHost\r\npublic String getGlobalPrivateDnsHost (ComponentName admin)\r\nReturns the system-wide Private DNS host.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nString The hostname used for Private DNS queries, null if none is set.\r\nThrows\r\nSecurityException if the caller is not the device owner.\r\ngetGlobalPrivateDnsMode\r\npublic int getGlobalPrivateDnsMode (ComponentName admin)\r\nReturns the system-wide Private DNS mode.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nint\r\none of PRIVATE_DNS_MODE_OFF , PRIVATE_DNS_MODE_OPPORTUNISTIC , PRIVATE_DNS_MODE_PROVIDER_\r\nHOSTNAME or PRIVATE_DNS_MODE_UNKNOWN .\r\nThrows\r\nSecurityException if the caller is not the device owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 129 of 279\n\ngetInstalledCaCerts\r\npublic List\u003cbyte[]\u003e getInstalledCaCerts (ComponentName admin)\r\nReturns all CA certificates that are currently trusted, excluding system CA certificates. If a user has installed any\r\ncertificates by other means than device policy these will be included too.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if calling from\r\na delegated certificate installer.\r\nReturns\r\nList\u003cbyte[]\u003e\r\na List of byte[] arrays, each encoding one user CA certificate.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not null and not a device or profile owner.\r\ngetKeepUninstalledPackages\r\npublic List\u003cString\u003e getKeepUninstalledPackages (ComponentName admin)\r\nGet the list of apps to keep around as APKs even if no user has currently installed it. This function can be called by a\r\ndevice owner or by a delegate given the DELEGATION_KEEP_UNINSTALLED_PACKAGES scope via\r\nsetDelegatedScopes(ComponentName, String, List) .\r\nPlease note that packages returned in this method are not automatically pre-cached.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the caller is\r\na keep uninstalled packages delegate.\r\nReturns\r\nList\u003cString\u003e\r\nList of package names to keep cached.\r\nThis value may be null .\r\ngetKeyPairGrants\r\npublic Map\u003cInteger,Set\u003cString\u003e\u003e getKeyPairGrants (String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been delegated the\r\nDELEGATION_CERT_SELECTION privilege), to query which apps have access to a given KeyChain key. Key are granted on\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 130 of 279\n\na per-UID basis, so if several apps share the same UID, granting access to one of them automatically grants it to others.\r\nThis method returns a map containing one entry per grantee UID. Entries have UIDs as keys and sets of corresponding\r\npackage names as values. In particular, grantee packages that don't share UID with other packages are represented by\r\nentries having singleton sets as values.\r\nParameters\r\nalias\r\nString : The alias of the key to grant access to.\r\nThis value cannot be null .\r\nReturns\r\nMap\u003cInteger,\r\nSet\u003cString\u003e\u003e\r\napps that have access to a given key, arranged in a map from UID to sets of\r\npackage names.\r\nThis value cannot be null .\r\nThrows\r\nIllegalArgumentException if alias doesn't correspond to an existing key.\r\nSecurityException if the caller is not a device owner, a profile owner or delegated certificate chooser.\r\ngetKeyguardDisabledFeatures\r\npublic int getKeyguardDisabledFeatures (ComponentName admin)\r\nDetermine whether or not features have been disabled in keyguard either by the calling admin, if specified, or all\r\nadmins that set restrictions on this user and its participating profiles. Restrictions on profiles that have a separate\r\nchallenge are not taken into account.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin\r\nComponentName : The name of the admin component to check, or null to check whether any admins\r\nhave disabled features in keyguard.\r\nReturns\r\nint bitfield of flags. See setKeyguardDisabledFeatures(ComponentName,int) for a list.\r\ngetLockTaskFeatures\r\npublic int getLockTaskFeatures (ComponentName admin)\r\nGets which system features are enabled for LockTask mode.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 131 of 279\n\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the returned policy will be the current resolved policy rather\r\nthan the policy set by the calling admin.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nint\r\nbitfield of flags. See setLockTaskFeatures(ComponentName,int) for a list.\r\nValue is either 0 or a combination of the following:\r\nLOCK_TASK_FEATURE_NONE\r\nLOCK_TASK_FEATURE_SYSTEM_INFO\r\nLOCK_TASK_FEATURE_NOTIFICATIONS\r\nLOCK_TASK_FEATURE_HOME\r\nLOCK_TASK_FEATURE_OVERVIEW\r\nLOCK_TASK_FEATURE_GLOBAL_ACTIONS\r\nLOCK_TASK_FEATURE_KEYGUARD\r\nLOCK_TASK_FEATURE_BLOCK_ACTIVITY_START_IN_TASK\r\nThrows\r\nSecurity\r\nException\r\nif admin is not the device owner, the profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holder of the permission Manifest.permission.MANAGE_\r\nDEVICE_POLICY_LOCK_TASK .\r\ngetLockTaskPackages\r\npublic String[] getLockTaskPackages (ComponentName admin)\r\nReturns the list of packages allowed to start the lock task mode.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the returned policy will be the current resolved policy rather\r\nthan the policy set by the calling admin.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nString[] This value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 132 of 279\n\nThrows\r\nSecurity\r\nException\r\nif admin is not the device owner, the profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holder of the permission Manifest.permission.MANAGE_\r\nDEVICE_POLICY_LOCK_TASK .\r\ngetLongSupportMessage\r\npublic CharSequence getLongSupportMessage (ComponentName admin)\r\nCalled by a device admin to get the long support message.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nChar\r\nSequence\r\nThe message set by setLongSupportMessage(ComponentName,CharSequence) or null if no\r\nmessage has been set.\r\nThrows\r\nSecurityException if admin is not an active administrator.\r\ngetManagedProfileCallerIdAccessPolicy\r\npublic PackagePolicy getManagedProfileCallerIdAccessPolicy ()\r\nCalled by a profile owner of a managed profile to retrieve the caller id policy.\r\nThe calling device admin must be a profile owner of a managed profile. If it is not, a SecurityException will be\r\nthrown.\r\nReturns\r\nPackagePolicy\r\nthe current caller id policy.\r\nThis value may be null .\r\nThrows\r\nSecurityException if caller is not a profile owner of a managed profile.\r\ngetManagedProfileContactsAccessPolicy\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 133 of 279\n\npublic PackagePolicy getManagedProfileContactsAccessPolicy ()\r\nCalled by a profile owner of a managed profile to determine the current policy applied to managed profile contacts.\r\nThe calling device admin must be a profile owner of a managed profile. If it is not, a SecurityException will be\r\nthrown.\r\nReturns\r\nPackagePolicy\r\nthe current contacts search policy.\r\nThis value may be null .\r\nThrows\r\nSecurityException if caller is not a profile owner of a managed profile.\r\ngetManagedProfileMaximumTimeOff\r\npublic long getManagedProfileMaximumTimeOff (ComponentName admin)\r\nCalled by a profile owner of an organization-owned managed profile to get maximum time the profile is allowed to be\r\nturned off.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nlong Maximum time the profile is allowed to be off in milliseconds or 0 if not limited.\r\ngetManagedSubscriptionsPolicy\r\npublic ManagedSubscriptionsPolicy getManagedSubscriptionsPolicy ()\r\nReturns the current ManagedSubscriptionsPolicy . If the policy has not been set, it will return a default policy of Type\r\nManagedSubscriptionsPolicy.TYPE_ALL_PERSONAL_SUBSCRIPTIONS .\r\nReturns\r\nManagedSubscriptionsPolicy This value cannot be null .\r\ngetMaximumFailedPasswordsForWipe\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 134 of 279\n\npublic int getMaximumFailedPasswordsForWipe (ComponentName admin)\r\nRetrieve the current maximum number of login attempts that are allowed before the device or profile is wiped, for a\r\nparticular admin or all admins that set restrictions on this user and its participating profiles. Restrictions on profiles that\r\nhave a separate challenge are not taken into account.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve the value for the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always empty and\r\nthis method returns a default value (0) indicating that the policy is not set.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint\r\ngetMaximumTimeToLock\r\npublic long getMaximumTimeToLock (ComponentName admin)\r\nRetrieve the current maximum time to unlock for a particular admin or all admins that set restrictions on this user and\r\nits participating profiles. Restrictions on profiles that have a separate challenge are not taken into account.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nlong\r\ntime in milliseconds for the given admin or the minimum value (strictest) of all admins if admin is null.\r\nReturns 0 if there are no restrictions.\r\ngetMeteredDataDisabledPackages\r\npublic List\u003cString\u003e getMeteredDataDisabledPackages (ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 135 of 279\n\nCalled by a device or profile owner to retrieve the list of packages which are restricted by the admin from using metered\r\ndata.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nList\u003cString\u003e\r\nthe list of restricted package names.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\ngetMinimumRequiredWifiSecurityLevel\r\npublic int getMinimumRequiredWifiSecurityLevel ()\r\nReturns the current Wi-Fi minimum security level.\r\nReturns\r\nint\r\nValue is one of the following:\r\nWIFI_SECURITY_OPEN\r\nWIFI_SECURITY_PERSONAL\r\nWIFI_SECURITY_ENTERPRISE_EAP\r\nWIFI_SECURITY_ENTERPRISE_192\r\ngetMtePolicy\r\npublic int getMtePolicy ()\r\nCalled by a device owner, profile owner of an organization-owned device to get the Memory Tagging Extension (MTE)\r\npolicy Learn more about MTE\r\nReturns\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 136 of 279\n\nint\r\nthe currently set MTE policy.\r\nValue is one of the following:\r\nMTE_ENABLED\r\nMTE_DISABLED\r\nMTE_NOT_CONTROLLED_BY_POLICY\r\nThrows\r\nSecurityException if caller is not permitted to set Mte policy\r\ngetNearbyAppStreamingPolicy\r\npublic int getNearbyAppStreamingPolicy ()\r\nReturns the current runtime nearby app streaming policy set by the device or profile owner.\r\nThe caller must be the target user's device owner/profile owner or hold the READ_NEARBY_STREAMING_POLICY\r\npermission.\r\nReturns\r\nint\r\nValue is one of the following:\r\nNEARBY_STREAMING_NOT_CONTROLLED_BY_POLICY\r\nNEARBY_STREAMING_DISABLED\r\nNEARBY_STREAMING_ENABLED\r\nNEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY\r\ngetNearbyNotificationStreamingPolicy\r\npublic int getNearbyNotificationStreamingPolicy ()\r\nReturns the current runtime nearby notification streaming policy set by the device or profile owner.\r\nThe caller must be the target user's device owner/profile owner or hold the READ_NEARBY_STREAMING_POLICY\r\npermission.\r\nReturns\r\nint Value is one of the following:\r\nNEARBY_STREAMING_NOT_CONTROLLED_BY_POLICY\r\nNEARBY_STREAMING_DISABLED\r\nNEARBY_STREAMING_ENABLED\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 137 of 279\n\nNEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY\r\ngetOrganizationColor\r\npublic int getOrganizationColor (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nFrom Build.VERSION_CODES.R , the organization color is never used as the background color of the confirm credentials\r\nscreen.\r\nCalled by a profile owner of a managed profile to retrieve the color used for customization. This color is used as\r\nbackground color of the confirm credentials screen for that user.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nint The 24bit (0xRRGGBB) representation of the color to be used.\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\ngetOrganizationName\r\npublic CharSequence getOrganizationName (ComponentName admin)\r\nCalled by the device owner (since API 26) or profile owner (since API 24) or holders of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_ORGANIZATION_IDENTITY to retrieve the name of the organization under\r\nmanagement.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nCharSequence The organization name or null if none is set.\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 138 of 279\n\nSecurity\r\nException\r\nif admin if admin is not a device or profile owner or holder of the permission Manifest.\r\npermission.MANAGE_DEVICE_POLICY_ORGANIZATION_IDENTITY .\r\ngetOverrideApns\r\npublic List\u003cApnSetting\u003e getOverrideApns (ComponentName admin)\r\nCalled by device owner or managed profile owner to get all override APNs inserted by device owner or managed profile\r\nowner previously using addOverrideApn(ComponentName, ApnSetting) .\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nList\u003cApnSetting\u003e A list of override APNs inserted by device owner.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\ngetParentProfileInstance\r\npublic DevicePolicyManager getParentProfileInstance (ComponentName admin)\r\nCalled by the profile owner of a managed profile or other apps in a managed profile to obtain a DevicePolicyManager\r\nwhose calls act on the parent profile.\r\nThe following methods are supported for the parent instance, all other methods will throw a SecurityException when\r\ncalled on the parent instance:\r\ngetPasswordQuality(ComponentName)\r\nsetPasswordQuality(ComponentName, int)\r\ngetPasswordMinimumLength(ComponentName)\r\nsetPasswordMinimumLength(ComponentName, int)\r\ngetPasswordMinimumUpperCase(ComponentName)\r\nsetPasswordMinimumUpperCase(ComponentName, int)\r\ngetPasswordMinimumLowerCase(ComponentName)\r\nsetPasswordMinimumLowerCase(ComponentName, int)\r\ngetPasswordMinimumLetters(ComponentName)\r\nsetPasswordMinimumLetters(ComponentName, int)\r\ngetPasswordMinimumNumeric(ComponentName)\r\nsetPasswordMinimumNumeric(ComponentName, int)\r\ngetPasswordMinimumSymbols(ComponentName)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 139 of 279\n\nsetPasswordMinimumSymbols(ComponentName, int)\r\ngetPasswordMinimumNonLetter(ComponentName)\r\nsetPasswordMinimumNonLetter(ComponentName, int)\r\ngetPasswordHistoryLength(ComponentName)\r\nsetPasswordHistoryLength(ComponentName, int)\r\ngetPasswordExpirationTimeout(ComponentName)\r\nsetPasswordExpirationTimeout(ComponentName, long)\r\ngetPasswordExpiration(ComponentName)\r\ngetPasswordMaximumLength(int)\r\nisActivePasswordSufficient()\r\ngetCurrentFailedPasswordAttempts()\r\ngetMaximumFailedPasswordsForWipe(ComponentName)\r\nsetMaximumFailedPasswordsForWipe(ComponentName, int)\r\ngetMaximumTimeToLock(ComponentName)\r\nsetMaximumTimeToLock(ComponentName, long)\r\nlockNow()\r\ngetKeyguardDisabledFeatures(ComponentName)\r\nsetKeyguardDisabledFeatures(ComponentName, int)\r\ngetTrustAgentConfiguration(ComponentName, ComponentName)\r\nsetTrustAgentConfiguration(ComponentName, ComponentName, PersistableBundle)\r\ngetRequiredStrongAuthTimeout(ComponentName)\r\nsetRequiredStrongAuthTimeout(ComponentName, long)\r\ngetAccountTypesWithManagementDisabled()\r\nsetRequiredPasswordComplexity(int)\r\ngetRequiredPasswordComplexity()\r\nThe following methods are supported for the parent instance but can only be called by the profile owner on an\r\norganization owned managed profile:\r\ngetPasswordComplexity()\r\nsetCameraDisabled(ComponentName, boolean)\r\ngetCameraDisabled(ComponentName)\r\nsetAccountManagementDisabled(ComponentName,String,boolean)\r\nsetPermittedInputMethods(ComponentName, List)\r\ngetPermittedInputMethods(ComponentName)\r\nwipeData(int)\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with or null if the caller is\r\nnot a profile owner.\r\nReturns\r\nDevicePolicyManager\r\na new instance of DevicePolicyManager that acts on the parent profile.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 140 of 279\n\nThrows\r\nSecurityException if the current user is not a managed profile.\r\ngetPasswordComplexity\r\npublic int getPasswordComplexity ()\r\nReturns how complex the current user's screen lock is.\r\nNote that when called from a profile which uses an unified challenge with its parent, the screen lock complexity of the\r\nparent will be returned.\r\nApps need the permission.REQUEST_PASSWORD_COMPLEXITY permission to call this method. On Android\r\nBuild.VERSION_CODES.S and above, the calling application does not need this permission if it is a device owner or a\r\nprofile owner.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nReturns\r\nint\r\nValue is one of the following:\r\nPASSWORD_COMPLEXITY_NONE\r\nPASSWORD_COMPLEXITY_LOW\r\nPASSWORD_COMPLEXITY_MEDIUM\r\nPASSWORD_COMPLEXITY_HIGH\r\nThrows\r\nIllegalState\r\nException\r\nif the user is not unlocked.\r\nSecurity\r\nException\r\nif the calling application does not have the permission permission.REQUEST_PASSWORD_\r\nCOMPLEXITY , and is not a device owner or a profile owner.\r\ngetPasswordExpiration\r\npublic long getPasswordExpiration (ComponentName admin)\r\nGet the current password expiration time for a particular admin or all admins that set restrictions on this user and its\r\nparticipating profiles. Restrictions on profiles that have a separate challenge are not taken into account. If admin is\r\nnull , then a composite of all expiration times is returned - which will be the minimum of all of them.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 141 of 279\n\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve the password expiration for the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password expiration is always\r\ndisabled and this method always returns 0.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nlong The password expiration time, in milliseconds since epoch.\r\ngetPasswordExpirationTimeout\r\npublic long getPasswordExpirationTimeout (ComponentName admin)\r\nGet the password expiration timeout for the given admin. The expiration timeout is the recurring expiration timeout\r\nprovided in the call to setPasswordExpirationTimeout(ComponentName,long) for the given admin or the aggregate of\r\nall participating policy administrators if admin is null. Admins that have set restrictions on profiles that have a\r\nseparate challenge are not taken into account.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password expiration is always\r\ndisabled and this method always returns 0.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nlong The timeout for the given admin or the minimum of all timeouts\r\ngetPasswordHistoryLength\r\npublic int getPasswordHistoryLength (ComponentName admin)\r\nRetrieve the current password history length for a particular admin or all admins that set restrictions on this user and its\r\nparticipating profiles. Restrictions on profiles that have a separate challenge are not taken into account.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 142 of 279\n\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password history length is\r\nalways 0.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint The length of the password history\r\ngetPasswordMaximumLength\r\npublic int getPasswordMaximumLength (int quality)\r\nReturn the maximum password length that the device supports for a particular password quality.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always empty and\r\nthis method always returns 0.\r\nParameters\r\nquality int : The quality being interrogated.\r\nReturns\r\nint Returns the maximum length that the user can enter.\r\ngetPasswordMinimumLength\r\npublic int getPasswordMinimumLength (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nRetrieve the current minimum password length for a particular admin or all admins that set restrictions on this user and\r\nits participating profiles. Restrictions on profiles that have a separate challenge are not taken into account.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 143 of 279\n\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint\r\ngetPasswordMinimumLetters\r\npublic int getPasswordMinimumLetters (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nRetrieve the current number of letters required in the password for a particular admin or all admins that set restrictions\r\non this user and its participating profiles. Restrictions on profiles that have a separate challenge are not taken into\r\naccount. This is the same value as set by setPasswordMinimumLetters(ComponentName,int) and only applies when the\r\npassword quality is PASSWORD_QUALITY_COMPLEX .\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint The minimum number of letters required in the password.\r\ngetPasswordMinimumLowerCase\r\npublic int getPasswordMinimumLowerCase (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nRetrieve the current number of lower case letters required in the password for a particular admin or all admins that set\r\nrestrictions on this user and its participating profiles. Restrictions on profiles that have a separate challenge are not\r\ntaken into account. This is the same value as set by setPasswordMinimumLowerCase(ComponentName,int) and only\r\napplies when the password quality is PASSWORD_QUALITY_COMPLEX .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 144 of 279\n\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint The minimum number of lower case letters required in the password.\r\ngetPasswordMinimumNonLetter\r\npublic int getPasswordMinimumNonLetter (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nRetrieve the current number of non-letter characters required in the password for a particular admin or all admins that\r\nset restrictions on this user and its participating profiles. Restrictions on profiles that have a separate challenge are not\r\ntaken into account. This is the same value as set by setPasswordMinimumNonLetter(ComponentName,int) and only\r\napplies when the password quality is PASSWORD_QUALITY_COMPLEX .\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint The minimum number of letters required in the password.\r\ngetPasswordMinimumNumeric\r\npublic int getPasswordMinimumNumeric (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 145 of 279\n\nRetrieve the current number of numerical digits required in the password for a particular admin or all admins that set\r\nrestrictions on this user and its participating profiles. Restrictions on profiles that have a separate challenge are not\r\ntaken into account. This is the same value as set by setPasswordMinimumNumeric(ComponentName,int) and only applies\r\nwhen the password quality is PASSWORD_QUALITY_COMPLEX .\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint The minimum number of numerical digits required in the password.\r\ngetPasswordMinimumSymbols\r\npublic int getPasswordMinimumSymbols (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nRetrieve the current number of symbols required in the password for a particular admin or all admins that set\r\nrestrictions on this user and its participating profiles. Restrictions on profiles that have a separate challenge are not\r\ntaken into account. This is the same value as set by setPasswordMinimumSymbols(ComponentName,int) and only applies\r\nwhen the password quality is PASSWORD_QUALITY_COMPLEX .\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint The minimum number of symbols required in the password.\r\ngetPasswordMinimumUpperCase\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 146 of 279\n\npublic int getPasswordMinimumUpperCase (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nRetrieve the current number of upper case letters required in the password for a particular admin or all admins that set\r\nrestrictions on this user and its participating profiles. Restrictions on profiles that have a separate challenge are not\r\ntaken into account. This is the same value as set by setPasswordMinimumUpperCase(ComponentName,int) and only\r\napplies when the password quality is PASSWORD_QUALITY_COMPLEX .\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint The minimum number of upper case letters required in the password.\r\ngetPasswordQuality\r\npublic int getPasswordQuality (ComponentName admin)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nRetrieve the current minimum password quality for a particular admin or all admins that set restrictions on this user and\r\nits participating profiles. Restrictions on profiles that have a separate challenge are not taken into account.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nNote: on devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated\r\nas empty.\r\nParameters\r\nadmin ComponentName : The name of the admin component to check, or null to aggregate all admins.\r\nReturns\r\nint\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 147 of 279\n\ngetPendingSystemUpdate\r\npublic SystemUpdateInfo getPendingSystemUpdate (ComponentName admin)\r\nGet information about a pending system update. Can be called by device or profile owners, and starting from Android\r\nBuild.VERSION_CODES.VANILLA_ICE_CREAM , holders of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_QUERY_SYSTEM_UPDATES .\r\nParameters\r\nadmin\r\nComponentName : Which profile or device owner this request is associated with.\r\nThis value may be null .\r\nReturns\r\nSystemUpdateInfo Information about a pending system update or null if no update pending.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device, profile owner or holders of Manifest.permission.MANAGE_DEVICE_\r\nPOLICY_QUERY_SYSTEM_UPDATES .\r\ngetPermissionGrantState\r\npublic int getPermissionGrantState (ComponentName admin,\r\n String packageName,\r\n String permission)\r\nReturns the current grant state of a runtime permission for a specific application. This function can be called by a device\r\nowner, profile owner, or by a delegate given the DELEGATION_PERMISSION_GRANT scope via\r\nsetDelegatedScopes(ComponentName, String, List) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller\r\nis not a device admin.\r\nThis value may be null .\r\npackage\r\nName\r\nString : The application to check the grant state for.\r\nThis value cannot be null .\r\npermission\r\nString : The permission to check for.\r\nThis value cannot be null .\r\nReturns\r\nint the current grant state specified by device policy. If admins have not set a grant has not set a grant state,\r\nthe return value is PERMISSION_GRANT_STATE_DEFAULT . This does not indicate whether or not the\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 148 of 279\n\npermission is currently granted for the package.\r\nIf a grant state was set by the profile or device owner, then the return value will be one of\r\nPERMISSION_GRANT_STATE_DENIED or PERMISSION_GRANT_STATE_GRANTED , which indicates if the\r\npermission is currently denied or granted.\r\nValue is one of the following:\r\nPERMISSION_GRANT_STATE_DEFAULT\r\nPERMISSION_GRANT_STATE_GRANTED\r\nPERMISSION_GRANT_STATE_DENIED\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nSee also:\r\nsetPermissionGrantState(ComponentName,String,String,int)\r\nPackageManager.checkPermission(String,String)\r\nsetDelegatedScopes(ComponentName, String, List)\r\nDELEGATION_PERMISSION_GRANT\r\ngetPermissionPolicy\r\npublic int getPermissionPolicy (ComponentName admin)\r\nReturns the current runtime permission policy set by the device or profile owner. The default is\r\nPERMISSION_POLICY_PROMPT .\r\nParameters\r\nadmin ComponentName : Which profile or device owner this request is associated with.\r\nReturns\r\nint the current policy for future permission requests.\r\ngetPermittedAccessibilityServices\r\npublic List\u003cString\u003e getPermittedAccessibilityServices (ComponentName admin)\r\nReturns the list of permitted accessibility services set by this device or profile owner.\r\nAn empty list means no accessibility services except system services are allowed. null means all accessibility\r\nservices are allowed.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 149 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nList\u003cString\u003e List of accessibility service package names.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\ngetPermittedCrossProfileNotificationListeners\r\npublic List\u003cString\u003e getPermittedCrossProfileNotificationListeners (ComponentName admin)\r\nReturns the list of packages installed on the primary user that allowed to use a NotificationListenerService to\r\nreceive notifications from this managed profile, as set by the profile owner.\r\nAn empty list means no notification listener services except system ones are allowed. A null return value indicates\r\nthat all notification listeners are allowed.\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nReturns\r\nList\u003cString\u003e\r\ngetPermittedInputMethods\r\npublic List\u003cString\u003e getPermittedInputMethods (ComponentName admin)\r\nReturns the list of permitted input methods set by this device or profile owner.\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be a profile owner of an organization-owned\r\nmanaged profile. If called on the parent instance, then the returned list of permitted input methods are those which are\r\napplied on the personal profile.\r\nAn empty list means no input methods except system input methods are allowed. Null means all input methods are\r\nallowed.\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 150 of 279\n\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nList\u003cString\u003e\r\nList of input method package names.\r\nThis value may be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device, profile owner or if called on the parent profile and the admin is not\r\na profile owner of an organization-owned managed profile.\r\ngetPersonalAppsSuspendedReasons\r\npublic int getPersonalAppsSuspendedReasons (ComponentName admin)\r\nCalled by profile owner of an organization-owned managed profile to check whether personal apps are suspended.\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nReturns\r\nint\r\na bitmask of reasons for personal apps suspension or PERSONAL_APPS_NOT_SUSPENDED if apps are not\r\nsuspended.\r\nValue is either 0 or a combination of the following:\r\nPERSONAL_APPS_NOT_SUSPENDED\r\nPERSONAL_APPS_SUSPENDED_EXPLICITLY\r\nPERSONAL_APPS_SUSPENDED_PROFILE_TIMEOUT\r\ngetPreferentialNetworkServiceConfigs\r\npublic List\u003cPreferentialNetworkServiceConfig\u003e getPreferentialNetworkServiceConfigs ()\r\nGet preferential network configuration\r\nReturns\r\nList\u003cPreferentialNetworkServiceConfig\u003e\r\npreferential network configuration.\r\nThis value cannot be null .\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 151 of 279\n\nSecurityException if the caller is not the profile owner or device owner.\r\ngetRequiredPasswordComplexity\r\npublic int getRequiredPasswordComplexity ()\r\nGets the password complexity requirement set by setRequiredPasswordComplexity(int) , for the current user.\r\nThe difference between this method and getPasswordComplexity() is that this method simply returns the value set by\r\nsetRequiredPasswordComplexity(int) while getPasswordComplexity() returns the complexity of the actual\r\npassword.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to get restrictions on the parent profile.\r\nReturns\r\nint\r\nValue is one of the following:\r\nPASSWORD_COMPLEXITY_NONE\r\nPASSWORD_COMPLEXITY_LOW\r\nPASSWORD_COMPLEXITY_MEDIUM\r\nPASSWORD_COMPLEXITY_HIGH\r\nThrows\r\nSecurityException if the calling application is not a device owner or a profile owner.\r\ngetRequiredStrongAuthTimeout\r\npublic long getRequiredStrongAuthTimeout (ComponentName admin)\r\nDetermine for how long the user will be able to use secondary, non strong auth for authentication, since last strong\r\nmethod authentication (password, pin or pattern) was used. After the returned timeout the user is required to use strong\r\nauthentication method.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve restrictions on the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, 0 is returned to indicate that no\r\ntimeout is configured.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 152 of 279\n\nadmin\r\nComponentName : The name of the admin component to check, or null to aggregate across all\r\nparticipating admins.\r\nReturns\r\nlong The timeout in milliseconds or 0 if not configured for the provided admin.\r\ngetResources\r\npublic DevicePolicyResourcesManager getResources ()\r\nReturns a DevicePolicyResourcesManager containing the required APIs to set, reset, and get device policy related\r\nresources.\r\nReturns\r\nDevicePolicyResourcesManager This value cannot be null .\r\ngetScreenCaptureDisabled\r\npublic boolean getScreenCaptureDisabled (ComponentName admin)\r\nDetermine whether or not screen capture has been disabled by the calling admin, if specified, or all admins.\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be the profile owner of an organization-owned\r\nmanaged profile (the calling admin must be specified).\r\nParameters\r\nadmin\r\nComponentName : The name of the admin component to check, or null to check whether any admins\r\nhave disabled screen capture.\r\nReturns\r\nboolean\r\ngetSecondaryUsers\r\npublic List\u003cUserHandle\u003e getSecondaryUsers (ComponentName admin)\r\nCalled by a device owner to list all secondary users on the device. Managed profiles are not considered as secondary\r\nusers.\r\nUsed for various user management APIs, including switchUser(ComponentName, UserHandle) ,\r\nremoveUser(ComponentName, UserHandle) and stopUser(ComponentName, UserHandle) .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 153 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nList\u003cUserHandle\u003e list of other UserHandle s on the device.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nSee also:\r\nremoveUser(ComponentName,UserHandle)\r\nswitchUser(ComponentName,UserHandle)\r\nstartUserInBackground(ComponentName,UserHandle)\r\nstopUser(ComponentName,UserHandle)\r\ngetShortSupportMessage\r\npublic CharSequence getShortSupportMessage (ComponentName admin)\r\nCalled by a device admin or holder of the permission Manifest.permission.MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE\r\nto get the short support message.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nChar\r\nSequence\r\nThe message set by setShortSupportMessage(ComponentName,CharSequence) or null if no\r\nmessage has been set.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator and not a holder of the permission Manifest.\r\npermission.MANAGE_DEVICE_POLICY_SUPPORT_MESSAGE ..\r\ngetStartUserSessionMessage\r\npublic CharSequence getStartUserSessionMessage (ComponentName admin)\r\nReturns the user session start message.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 154 of 279\n\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nCharSequence\r\nThrows\r\nSecurityException if admin is not a device owner.\r\ngetStorageEncryption\r\npublic boolean getStorageEncryption (ComponentName admin)\r\nThis method was deprecated in API level 30.\r\nThis method only returns the value set by setStorageEncryption(ComponentName, boolean) . It does not actually\r\nreflect the storage encryption status. Use getStorageEncryptionStatus() for that. Called by an application that is\r\nadministering the device to determine the requested setting for secure storage.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. If null, this will return\r\nthe requested encryption setting as an aggregate of all active administrators.\r\nReturns\r\nboolean true if the admin(s) are requesting encryption, false if not.\r\ngetStorageEncryptionStatus\r\npublic int getStorageEncryptionStatus ()\r\nCalled by an application that is administering the device to determine the current encryption status of the device.\r\nDepending on the returned status code, the caller may proceed in different ways. If the result is\r\nENCRYPTION_STATUS_UNSUPPORTED , the storage system does not support encryption. If the result is\r\nENCRYPTION_STATUS_INACTIVE , use ACTION_START_ENCRYPTION to begin the process of encrypting or decrypting the\r\nstorage. If the result is ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY , the storage system has enabled encryption but no\r\npassword is set so further action may be required. If the result is ENCRYPTION_STATUS_ACTIVATING ,\r\nENCRYPTION_STATUS_ACTIVE or ENCRYPTION_STATUS_ACTIVE_PER_USER , no further action is required.\r\nReturns\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 155 of 279\n\nint\r\ncurrent status of encryption. The value will be one of ENCRYPTION_STATUS_UNSUPPORTED , ENCRYPTION_\r\nSTATUS_INACTIVE , ENCRYPTION_STATUS_ACTIVATING , ENCRYPTION_STATUS_ACTIVE_DEFAULT_KEY ,\r\nENCRYPTION_STATUS_ACTIVE , or ENCRYPTION_STATUS_ACTIVE_PER_USER .\r\nThrows\r\nSecurityException if called on a parent instance.\r\ngetSubscriptionIds\r\npublic Set\u003cInteger\u003e getSubscriptionIds ()\r\nReturns the subscription ids of all subscriptions which were downloaded by the calling admin.\r\nThis returns only the subscriptions which were downloaded by the calling admin via\r\nEuiccManager.downloadSubscription(DownloadableSubscription, boolean, PendingIntent) . If a subscription is\r\nreturned by this method then in it subject to management controls and cannot be removed by users.\r\nCallable by device owners and profile owners.\r\nRequires Manifest.permission.MANAGE_DEVICE_POLICY_MANAGED_SUBSCRIPTIONS\r\nReturns\r\nSet\u003cInteger\u003e\r\nids of all managed subscriptions currently downloaded by an admin on the device.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if the caller is not authorized to call this method.\r\ngetSystemUpdatePolicy\r\npublic SystemUpdatePolicy getSystemUpdatePolicy ()\r\nRetrieve a local system update policy set previously by setSystemUpdatePolicy(ComponentName,\r\nSystemUpdatePolicy) .\r\nReturns\r\nSystemUpdatePolicy The current policy object, or null if no policy is set.\r\ngetTransferOwnershipBundle\r\npublic PersistableBundle getTransferOwnershipBundle ()\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 156 of 279\n\nReturns the data passed from the current administrator to the new administrator during an ownership transfer. This is the\r\nsame bundle passed in transferOwnership(ComponentName,ComponentName,PersistableBundle) . The bundle is\r\npersisted until the profile owner or device owner is removed.\r\nThis is the same bundle received in the\r\nDeviceAdminReceiver.onTransferOwnershipComplete(Context,PersistableBundle) . Use this method to retrieve it\r\nafter the transfer as long as the new administrator is the active device or profile owner.\r\nReturns null if no ownership transfer was started for the calling user.\r\nReturns\r\nPersistableBundle\r\nThrows\r\nSecurityException if the caller is not a device or profile owner.\r\nSee also:\r\ntransferOwnership(ComponentName, ComponentName, PersistableBundle)\r\nDeviceAdminReceiver.onTransferOwnershipComplete(Context,PersistableBundle)\r\ngetTrustAgentConfiguration\r\npublic List\u003cPersistableBundle\u003e getTrustAgentConfiguration (ComponentName admin,\r\n ComponentName agent)\r\nGets configuration for the given trust agent based on aggregating all calls to\r\nsetTrustAgentConfiguration(ComponentName,ComponentName,PersistableBundle) for all device admins.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to retrieve the configuration set on the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, null is always returned.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. If null, this function\r\nreturns a list of configurations for all admins that declare KEYGUARD_DISABLE_TRUST_AGENTS . If any\r\nadmin declares KEYGUARD_DISABLE_TRUST_AGENTS but doesn't call setTrustAgentConfiguration(\r\nComponentName,ComponentName,PersistableBundle) for this agent or calls it with a null\r\nconfiguration, null is returned.\r\nagent\r\nComponentName : Which component to get enabled features for.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 157 of 279\n\nReturns\r\nList\u003cPersistableBundle\u003e configuration for the given trust agent.\r\ngetUserControlDisabledPackages\r\npublic List\u003cString\u003e getUserControlDisabledPackages (ComponentName admin)\r\nReturns the list of packages over which user control is disabled by a device or profile owner or holders of the\r\npermission Manifest.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL .\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the returned policy will be the current resolved policy rather\r\nthan the policy set by the calling admin.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nList\u003cString\u003e This value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_APPS_CONTROL .\r\ngetUserRestrictions\r\npublic Bundle getUserRestrictions (ComponentName admin)\r\nCalled by an admin to get user restrictions set by themselves with addUserRestriction(ComponentName,String) .\r\nThe target user may have more restrictions set by the system or other admin. To get all the user restrictions currently set,\r\nuse UserManager.getUserRestrictions() .\r\nThe profile owner of an organization-owned managed profile may invoke this method on the DevicePolicyManager\r\ninstance it obtained from getParentProfileInstance(ComponentName) , for retrieving device-wide restrictions it\r\npreviously set with addUserRestriction(ComponentName,String) .\r\nFor callers targeting Android Build.VERSION_CODES.UPSIDE_DOWN_CAKE or above, this API will return the local\r\nrestrictions set on the calling user, or on the parent profile if called from the DevicePolicyManager instance obtained\r\nfrom getParentProfileInstance(ComponentName) . To get global restrictions set by admin, call\r\ngetUserRestrictionsGlobally() instead.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 158 of 279\n\nNote that this is different that the returned restrictions for callers targeting pre Android\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE , were this API returns all local/global restrictions set by the admin on the\r\ncalling user using addUserRestriction(ComponentName,String) or the parent user if called on the\r\nDevicePolicyManager instance it obtained from getParentProfileInstance(ComponentName) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nBundle\r\na Bundle whose keys are the user restrictions, and the values a boolean indicating whether the\r\nrestriction is set.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\ngetUserRestrictionsGlobally\r\npublic Bundle getUserRestrictionsGlobally ()\r\nCalled by a profile or device owner to get global user restrictions set with addUserRestrictionGlobally(String) .\r\nTo get all the user restrictions currently set for a certain user, use UserManager.getUserRestrictions() .\r\nReturns\r\nBundle\r\na Bundle whose keys are the user restrictions, and the values a boolean indicating whether the\r\nrestriction is set.\r\nThis value cannot be null .\r\nThrows\r\nIllegalStateException if caller is not targeting Android Build.VERSION_CODES.UPSIDE_DOWN_CAKE or above.\r\nSecurityException if admin is not a device or profile owner.\r\ngetWifiMacAddress\r\npublic String getWifiMacAddress (ComponentName admin)\r\nCalled by a device owner or profile owner on organization-owned device to get the MAC address of the Wi-Fi device.\r\nNOTE: The MAC address returned here should only be used for inventory management and is not likely to be the MAC\r\naddress used by the device to connect to Wi-Fi networks: MAC addresses used for scanning and connecting to Wi-Fi\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 159 of 279\n\nnetworks are randomized by default. To get the randomized MAC address used, call\r\nWifiConfiguration.getRandomizedMacAddress() .\r\nParameters\r\nadmin\r\nComponentName : Which admin this request is associated with. Null if the caller is not a device admin.\r\nThis value may be null .\r\nReturns\r\nString\r\nthe MAC address of the Wi-Fi device, or null when the information is not available. (For example, Wi-Fi hasn't been enabled, or the device doesn't support Wi-Fi.)\r\nThe address will be in the XX:XX:XX:XX:XX:XX format.\r\nThrows\r\nSecurityException if admin is not permitted to get wifi mac addresses\r\ngetWifiSsidPolicy\r\npublic WifiSsidPolicy getWifiSsidPolicy ()\r\nReturns the current Wi-Fi SSID policy. If the policy has not been set, it will return NULL.\r\nReturns\r\nWifiSsidPolicy This value may be null .\r\nThrows\r\nSecurity\r\nException\r\nif the caller is not a device owner or a profile owner on an organization-owned managed\r\nprofile.\r\ngrantKeyPairToApp\r\npublic boolean grantKeyPairToApp (ComponentName admin,\r\n String alias,\r\n String packageName)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been delegated the\r\nDELEGATION_CERT_SELECTION privilege), to grant an application access to an already-installed (or generated) KeyChain\r\nkey. This is useful (in combination with installKeyPair(ComponentName, PrivateKey, Certificate, String) or\r\ngenerateKeyPair(ComponentName, String, KeyGenParameterSpec, int) ) to let an application call\r\nKeyChain.getPrivateKey(Context, String) without having to call KeyChain.choosePrivateKeyAlias(Activity,\r\nKeyChainAliasCallback, String, Principal, Uri, String) first. The grantee app will receive the\r\nKeyChain.ACTION_KEY_ACCESS_CHANGED broadcast when access to a key is granted. Starting from\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 160 of 279\n\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE throws an IllegalArgumentException if alias doesn't correspond to an\r\nexisting key.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if calling\r\nfrom a delegated certificate chooser.\r\nalias\r\nString : The alias of the key to grant access to.\r\nThis value cannot be null .\r\npackage\r\nName\r\nString : The name of the (already installed) package to grant access to.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the grant was set successfully, false otherwise.\r\nThrows\r\nIllegalArgument\r\nException\r\nif packageName or alias are empty, or if packageName is not a name of an\r\ninstalled package.\r\nSecurityException if the caller is not a device owner, a profile owner or delegated certificate chooser.\r\ngrantKeyPairToWifiAuth\r\npublic boolean grantKeyPairToWifiAuth (String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been delegated the\r\nDELEGATION_CERT_SELECTION privilege), to allow using a KeyChain key pair for authentication to Wifi networks. The\r\nkey can then be used in configurations passed to WifiManager.addNetwork(WifiConfiguration) . Starting from\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE throws an IllegalArgumentException if alias doesn't correspond to an\r\nexisting key.\r\nParameters\r\nalias\r\nString : The alias of the key pair.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the operation was set successfully, false otherwise.\r\nThrows\r\nSecurityException if the caller is not a device owner, a profile owner or delegated certificate chooser.\r\nhasCaCertInstalled\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 161 of 279\n\npublic boolean hasCaCertInstalled (ComponentName admin,\r\n byte[] certBuffer)\r\nReturns whether this certificate is installed as a trusted CA.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if calling\r\nfrom a delegated certificate installer.\r\ncert\r\nBuffer\r\nbyte : encoded form of the certificate to look up.\r\nReturns\r\nboolean\r\nThrows\r\nSecurityException if admin is not null and not a device or profile owner.\r\nhasGrantedPolicy\r\npublic boolean hasGrantedPolicy (ComponentName admin,\r\n int usesPolicy)\r\nReturns true if an administrator has been granted a particular device policy. This can be used to check whether the\r\nadministrator was activated under an earlier set of policies, but requires additional policies after an upgrade.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Must be an active\r\nadministrator, or an exception will be thrown.\r\nThis value cannot be null .\r\nuses\r\nPolicy\r\nint : Which uses-policy to check, as defined in DeviceAdminInfo .\r\nReturns\r\nboolean\r\nThrows\r\nSecurityException if admin is not an active administrator.\r\nhasKeyPair\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 162 of 279\n\npublic boolean hasKeyPair (String alias)\r\nThis API can be called by the following to query whether a certificate and private key are installed under a given alias:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES permission\r\nIf called by the credential management app, the alias must exist in the credential management app's\r\nAppUriAuthenticationPolicy .\r\nParameters\r\nalias\r\nString : The alias under which the key pair is installed.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if a key pair with this alias exists, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif the caller is not a device or profile owner, a delegated certificate installer, the credential\r\nmanagement app and does not have the Manifest.permission.MANAGE_DEVICE_POLICY_\r\nCERTIFICATES permission.\r\nhasLockdownAdminConfiguredNetworks\r\npublic boolean hasLockdownAdminConfiguredNetworks (ComponentName admin)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to determine whether the user is\r\nprevented from modifying networks configured by the admin.\r\nParameters\r\nadmin\r\nComponentName : admin Which DeviceAdminReceiver this request is associated with.\r\nThis value may be null .\r\nReturns\r\nboolean\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner or a profile owner of an organization-owned managed\r\nprofile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 163 of 279\n\ninstallCaCert\r\npublic boolean installCaCert (ComponentName admin,\r\n byte[] certBuffer)\r\nInstalls the given certificate as a user CA.\r\nInserted user CAs aren't automatically trusted by apps in Android 7.0 (API level 24) and higher. App developers can\r\nchange the default behavior for an app by adding a Security Configuration File to the app manifest file. The caller must\r\nbe a profile or device owner on that user, or a delegate package given the DELEGATION_CERT_INSTALL scope via\r\nsetDelegatedScopes(ComponentName, String, List) ; otherwise a security exception will be thrown.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if calling\r\nfrom a delegated certificate installer.\r\ncert\r\nBuffer\r\nbyte : encoded form of the certificate to install.\r\nReturns\r\nboolean false if the certBuffer cannot be parsed or installation is interrupted, true otherwise.\r\nThrows\r\nSecurityException if admin is not null and not a device or profile owner.\r\ninstallExistingPackage\r\npublic boolean installExistingPackage (ComponentName admin,\r\n String packageName)\r\nInstall an existing package that has been installed in another user, or has been kept after removal via\r\nsetKeepUninstalledPackages(ComponentName, List) . This function can be called by a device owner, profile owner or\r\na delegate given the DELEGATION_INSTALL_EXISTING_PACKAGE scope via setDelegatedScopes(ComponentName, String,\r\nList) . When called in a secondary user or managed profile, the user/profile must be affiliated with the device. See\r\nisAffiliatedUser() .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\npackageName String : The package to be installed in the calling profile.\r\nReturns\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 164 of 279\n\nboolean true if the app is installed; false otherwise.\r\nThrows\r\nSecurityException if admin is not the device owner, or the profile owner of an affiliated user or profile.\r\nSee also:\r\nsetKeepUninstalledPackages(ComponentName, List)\r\nsetDelegatedScopes(ComponentName, String, List)\r\nisAffiliatedUser()\r\nDELEGATION_PACKAGE_ACCESS\r\ninstallKeyPair\r\npublic boolean installKeyPair (ComponentName admin,\r\n PrivateKey privKey,\r\n Certificate[] certs,\r\n String alias,\r\n int flags)\r\nThis API can be called by the following to install a certificate chain and corresponding private key for the leaf\r\ncertificate:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES permission\r\nAll apps within the profile will be able to access the certificate chain and use the private key, given direct user approval\r\n(if the user is allowed to select the private key).\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API. If called by the credential\r\nmanagement app:\r\nThe componentName must be null r\r\nThe alias must exist in the credential management app's AppUriAuthenticationPolicy\r\nThe key pair must not be user selectable\r\nNote, there can only be a credential management app on an unmanaged device.\r\nThe caller of this API may grant itself access to the certificate and private key immediately, without user approval. It is\r\na best practice not to request this unless strictly necessary since it opens up additional security vulnerabilities.\r\nInclude INSTALLKEY_SET_USER_SELECTABLE in the flags argument to allow the user to select the key from a dialog.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 165 of 279\n\nNote: If the provided alias is of an existing alias, all former grants that apps have been given to access the key and\r\ncertificates associated with this alias will be revoked.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the caller\r\nis not a device admin.\r\npriv\r\nKey\r\nPrivateKey : The private key to install.\r\nThis value cannot be null .\r\ncerts\r\nCertificate : The certificate chain to install. The chain should start with the leaf certificate and\r\ninclude the chain of trust in order. This will be returned by KeyChain.getCertificateChain(Context,\r\nString) .\r\nThis value cannot be null .\r\nalias\r\nString : The private key alias under which to install the certificate. If a certificate with that alias\r\nalready exists, it will be overwritten.\r\nThis value cannot be null .\r\nflags\r\nint : Flags to request that the calling app be granted access to the credentials and set the key to be\r\nuser-selectable. See INSTALLKEY_SET_USER_SELECTABLE and INSTALLKEY_REQUEST_CREDENTIALS_\r\nACCESS .\r\nReturns\r\nboolean true if the keys were installed, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not null and not a device or profile owner, or admin is null but the calling\r\napplication is not a delegated certificate installer, credential management app and does not have\r\nthe Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES permission.\r\nSee also:\r\nKeyChain.getCertificateChain(Context, String)\r\nsetDelegatedScopes(ComponentName, String, List)\r\nDELEGATION_CERT_INSTALL\r\ninstallKeyPair\r\npublic boolean installKeyPair (ComponentName admin,\r\n PrivateKey privKey,\r\n Certificate[] certs,\r\n String alias,\r\n boolean requestAccess)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 166 of 279\n\nThis API can be called by the following to install a certificate chain and corresponding private key for the leaf\r\ncertificate:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES permission\r\nAll apps within the profile will be able to access the certificate chain and use the private key, given direct user approval.\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API. However, this API sets the\r\nkey pair as user selectable by default, which is not permitted when called by the credential management app. Instead,\r\ninstallKeyPair(ComponentName,PrivateKey,Certificate[],String,int) should be called with\r\nINSTALLKEY_SET_USER_SELECTABLE not set as a flag. Note, there can only be a credential management app on an\r\nunmanaged device.\r\nThe caller of this API may grant itself access to the certificate and private key immediately, without user approval. It is\r\na best practice not to request this unless strictly necessary since it opens up additional security vulnerabilities.\r\nNote: If the provided alias is of an existing alias, all former grants that apps have been given to access the key and\r\ncertificates associated with this alias will be revoked.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the\r\ncaller is not a device admin.\r\nprivKey\r\nPrivateKey : The private key to install.\r\nThis value cannot be null .\r\ncerts\r\nCertificate : The certificate chain to install. The chain should start with the leaf certificate and\r\ninclude the chain of trust in order. This will be returned by KeyChain.getCertificateChain(\r\nContext, String) .\r\nThis value cannot be null .\r\nalias\r\nString : The private key alias under which to install the certificate. If a certificate with that alias\r\nalready exists, it will be overwritten.\r\nThis value cannot be null .\r\nrequest\r\nAccess\r\nboolean : true to request that the calling app be granted access to the credentials immediately.\r\nOtherwise, access to the credentials will be gated by user approval.\r\nReturns\r\nboolean true if the keys were installed, false otherwise.\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 167 of 279\n\nSecurity\r\nException\r\nif admin is not null and not a device or profile owner, or admin is null and the calling\r\napplication does not have the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES\r\npermission.\r\nSee also:\r\nKeyChain.getCertificateChain(Context, String)\r\nsetDelegatedScopes(ComponentName, String, List)\r\nDELEGATION_CERT_INSTALL\r\ninstallKeyPair\r\npublic boolean installKeyPair (ComponentName admin,\r\n PrivateKey privKey,\r\n Certificate cert,\r\n String alias)\r\nThis API can be called by the following to install a certificate and corresponding private key:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nAn app that holds the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES permission\r\nAll apps within the profile will be able to access the certificate and use the private key, given direct user approval.\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API. However, this API sets the\r\nkey pair as user selectable by default, which is not permitted when called by the credential management app. Instead,\r\ninstallKeyPair(ComponentName,PrivateKey,Certificate[],String,int) should be called with\r\nINSTALLKEY_SET_USER_SELECTABLE not set as a flag.\r\nAccess to the installed credentials will not be granted to the caller of this API without direct user approval. This is for\r\nsecurity - should a certificate installer become compromised, certificates it had already installed will be protected.\r\nIf the installer must have access to the credentials, call\r\ninstallKeyPair(ComponentName,PrivateKey,Certificate[],String,boolean) instead.\r\nNote: If the provided alias is of an existing alias, all former grants that apps have been given to access the key and\r\ncertificates associated with this alias will be revoked.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the caller\r\nis not a device admin.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 168 of 279\n\npriv\r\nKey\r\nPrivateKey : The private key to install.\r\nThis value cannot be null .\r\ncert\r\nCertificate : The certificate to install.\r\nThis value cannot be null .\r\nalias\r\nString : The private key alias under which to install the certificate. If a certificate with that alias\r\nalready exists, it will be overwritten.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the keys were installed, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not null and not a device or profile owner, or admin is null and the calling\r\napplication does not have the Manifest.permission.MANAGE_DEVICE_POLICY_CERTIFICATES\r\npermission.\r\ninstallSystemUpdate\r\npublic void installSystemUpdate (ComponentName admin,\r\n Uri updateFilePath,\r\n Executor executor,\r\n DevicePolicyManager.InstallSystemUpdateCallback callback)\r\nCalled by device owner or profile owner of an organization-owned managed profile to install a system update from the\r\ngiven file. The device will be rebooted in order to finish installing the update. Note that if the device is rebooted, this\r\ndoesn't necessarily mean that the update has been applied successfully. The caller should additionally check the system\r\nversion with Build.FINGERPRINT or Build.VERSION . If an error occurs during processing the OTA before the reboot,\r\nthe caller will be notified by InstallSystemUpdateCallback . If device does not have sufficient battery level, the\r\ninstallation will fail with error InstallSystemUpdateCallback.UPDATE_ERROR_BATTERY_LOW .\r\nParameters\r\nadmin\r\nComponentName : The DeviceAdminReceiver that this request is associated with. Null if the caller\r\nis not a device admin.\r\nThis value may be null .\r\nupdateFile\r\nPath\r\nUri : A Uri of the file that contains the update. The file should be readable by the calling app.\r\nThis value cannot be null .\r\nexecutor Executor : The executor through which the callback should be invoked.\r\nThis value cannot be null .\r\nCallback and listener events are dispatched through this Executor , providing an easy way to\r\ncontrol which thread is used. To dispatch events through the main thread of your application, you\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 169 of 279\n\ncan use Context.getMainExecutor() . Otherwise, provide an Executor that dispatches to an\r\nappropriate thread.\r\ncallback\r\nDevicePolicyManager.InstallSystemUpdateCallback : A callback object that will inform the\r\ncaller when installing an update fails.\r\nThis value cannot be null .\r\nisActivePasswordSufficient\r\npublic boolean isActivePasswordSufficient ()\r\nDetermines whether the calling user's current password meets policy requirements (e.g. quality, minimum length). The\r\nuser must be unlocked to perform this check.\r\nPolicy requirements which affect this check can be set by admins of the user, but also by the admin of a managed\r\nprofile associated with the calling user (when the managed profile doesn't have a separate work challenge). When a\r\nmanaged profile has a separate work challenge, its policy requirements only affect the managed profile.\r\nDepending on the user, this method checks the policy requirement against one of the following passwords:\r\nFor the primary user or secondary users: the personal keyguard password.\r\nFor managed profiles: a work challenge if set, otherwise the parent user's personal keyguard password.\r\nIn other words, it's always checking the requirement against the password that is protecting the calling\r\nuser.\r\nNote that this method considers all policy requirements targeting the password in question. For example a\r\nprofile owner might set a requirement on the parent profile i.e. personal keyguard but not on the profile\r\nitself. When the device has a weak personal keyguard password and no separate work challenge, calling\r\nthis method will return false despite the profile owner not setting a policy on the profile itself. This is\r\nbecause the profile's current password is the personal keyguard password, and it does not meet all policy\r\nrequirements.\r\nDevice admins must request DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD before calling this method.\r\nNote, this policy type is deprecated for device admins in Android 9.0 (API level 28) or higher.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to determine if the password set on the parent\r\nprofile is sufficient.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is\r\nalways treated as empty - i.e. this method will always return false on such devices, provided any\r\npassword requirements were set.\r\nReturns\r\nboolean true if the password meets the policy requirements, false otherwise\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 170 of 279\n\nThrows\r\nIllegalState\r\nException\r\nif the user isn't unlocked\r\nSecurityException\r\nif the calling application isn't an active admin that uses DeviceAdminInfo.\r\nUSES_POLICY_LIMIT_PASSWORD\r\nisActivePasswordSufficientForDeviceRequirement\r\npublic boolean isActivePasswordSufficientForDeviceRequirement ()\r\nCalled by profile owner of a managed profile to determine whether the current device password meets policy\r\nrequirements set explicitly device-wide.\r\nThis API is similar to isActivePasswordSufficient() , with two notable differences:\r\nthis API always targets the device password. As a result it should always be called on the\r\ngetParentProfileInstance(ComponentName) instance.\r\npassword policy requirement set on the managed profile is not taken into consideration by this API, even if the\r\ndevice currently does not have a separate work challenge set.\r\nThis API is designed to facilite progressive password enrollment flows when the DPC imposes both device and profile\r\npassword policies. DPC applies profile password policy by calling setPasswordQuality(ComponentName,int) or\r\nsetRequiredPasswordComplexity(int) on the regular DevicePolicyManager instance, while it applies device-wide\r\npolicy by calling setRequiredPasswordComplexity(int) on the getParentProfileInstance(ComponentName)\r\ninstance. The DPC can utilize this check to guide the user to set a device password first taking into consideration the\r\ndevice-wide policy only, and then prompt the user to either upgrade it to be fully compliant, or enroll a separate work\r\nchallenge to satisfy the profile password policy only.\r\nThe device user must be unlocked (@link UserManager.isUserUnlocked(UserHandle) ) to perform this check.\r\nReturns\r\nboolean true if the device password meets explicit requirement set on it, false otherwise.\r\nThrows\r\nIllegalState\r\nException\r\nif the user isn't unlocked\r\nSecurity\r\nException\r\nif the calling application is not a profile owner of a managed profile, or if this API is not\r\ncalled on the parent DevicePolicyManager instance.\r\nisAdminActive\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 171 of 279\n\npublic boolean isAdminActive (ComponentName admin)\r\nReturn true if the given administrator component is currently active (enabled) in the system.\r\nParameters\r\nadmin\r\nComponentName : The administrator component to check for.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if admin is currently enabled in the system, false otherwise\r\nisAffiliatedUser\r\npublic boolean isAffiliatedUser ()\r\nReturns whether this user is affiliated with the device.\r\nBy definition, the user that the device owner runs on is always affiliated with the device. Any other user is considered\r\naffiliated with the device if the set specified by its profile owner via setAffiliationIds(ComponentName, Set)\r\nintersects with the device owner's.\r\nReturns\r\nboolean\r\nisAlwaysOnVpnLockdownEnabled\r\npublic boolean isAlwaysOnVpnLockdownEnabled (ComponentName admin)\r\nCalled by device or profile owner to query whether current always-on VPN is configured in lockdown mode. Returns\r\nfalse when no always-on configuration is set.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 172 of 279\n\nisApplicationHidden\r\npublic boolean isApplicationHidden (ComponentName admin,\r\n String packageName)\r\nDetermine if a package is hidden. This function can be called by a device owner, profile owner, or by a delegate given\r\nthe DELEGATION_PACKAGE_ACCESS scope via setDelegatedScopes(ComponentName, String, List) .\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be the profile owner of an organization-owned\r\nmanaged profile and the package must be a system package. If called on the parent instance, this will determine whether\r\nthe package is hidden or unhidden in the personal profile.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the returned policy will be the current resolved policy rather\r\nthan the policy set by the calling admin.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the\r\ncaller is not a device admin.\r\npackage\r\nName\r\nString : The name of the package to retrieve the hidden status of.\r\nReturns\r\nboolean boolean true if the package is hidden, false otherwise.\r\nThrows\r\nIllegalArgument\r\nException\r\nif called on the parent profile and the package provided is not a system package.\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or if called on the parent profile and the admin\r\nis not a profile owner of an organization-owned managed profile.\r\nisBackupServiceEnabled\r\npublic boolean isBackupServiceEnabled (ComponentName admin)\r\nReturn whether the backup service is enabled by the device owner or profile owner for the current user, as previously\r\nset by setBackupServiceEnabled(ComponentName,boolean) .\r\nWhether the backup functionality is actually enabled or not depends on settings from both the current user and the\r\ndevice owner, please see setBackupServiceEnabled(ComponentName,boolean) for details.\r\nBackup service manages all backup and restore mechanisms on the device.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 173 of 279\n\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nReturns\r\nboolean true if backup service is enabled, false otherwise.\r\nisCallerApplicationRestrictionsManagingPackage\r\npublic boolean isCallerApplicationRestrictionsManagingPackage ()\r\nThis method was deprecated in API level 26.\r\nFrom Build.VERSION_CODES.O . Use getDelegatedScopes(ComponentName, String) instead.\r\nCalled by any application to find out whether it has been granted permission via\r\nsetApplicationRestrictionsManagingPackage(ComponentName, String) to manage application restrictions for the\r\ncalling user.\r\nThis is done by comparing the calling Linux uid with the uid of the package specified by that method.\r\nReturns\r\nboolean\r\nisCommonCriteriaModeEnabled\r\npublic boolean isCommonCriteriaModeEnabled (ComponentName admin)\r\nReturns whether Common Criteria mode is currently enabled. Device owner and profile owner of an organization-owned managed profile can query its own Common Criteria mode setting by calling this method with its admin\r\nComponentName . Any caller can obtain the aggregated device-wide Common Criteria mode state by passing null as\r\nthe admin argument.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nboolean true if Common Criteria mode is enabled, false otherwise.\r\nisComplianceAcknowledgementRequired\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 174 of 279\n\npublic boolean isComplianceAcknowledgementRequired ()\r\nCalled by a profile owner of an organization-owned managed profile to query whether it needs to acknowledge device\r\ncompliance to allow the user to turn the profile off if needed according to the maximum profile time off policy.\r\nNormally when acknowledgement is needed the DPC gets a\r\nDeviceAdminReceiver.onComplianceAcknowledgementRequired(Context,Intent) callback. But if the callback was not\r\ndelivered or handled for some reason, this method can be used to verify if acknowledgement is needed.\r\nReturns\r\nboolean\r\nThrows\r\nIllegalStateException if the user isn't unlocked\r\nSee also:\r\nacknowledgeDeviceCompliant()\r\nsetManagedProfileMaximumTimeOff(ComponentName,long)\r\nDeviceAdminReceiver.onComplianceAcknowledgementRequired(Context,Intent)\r\nisDeviceFinanced\r\npublic boolean isDeviceFinanced ()\r\nReturns true if this device is marked as a financed device.\r\nA financed device can be entered into lock task mode (see setLockTaskPackages(ComponentName, String) ) by the\r\nholder of the role android.app.role.RoleManager#ROLE_FINANCED_DEVICE_KIOSK . If this occurs, Device Owners and\r\nProfile Owners that have set lock task packages or features, or that attempt to set lock task packages or features, will\r\nreceive a callback indicating that it could not be set. See PolicyUpdateReceiver.onPolicyChanged and\r\nPolicyUpdateReceiver.onPolicySetResult .\r\nTo be informed of changes to this status you can subscribe to the broadcast ACTION_DEVICE_FINANCING_STATE_CHANGED .\r\nReturns\r\nboolean\r\nThrows\r\nSecurity\r\nException\r\nif the caller is not a device owner, profile owner of an organization-owned managed profile,\r\nprofile owner on the primary user or holder of one of the following roles: android.app.role.\r\nRoleManager.ROLE_DEVICE_POLICY_MANAGEMENT , android.app.role.RoleManager.ROLE_SYSTEM_\r\nSUPERVISION .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 175 of 279\n\nisDeviceIdAttestationSupported\r\npublic boolean isDeviceIdAttestationSupported ()\r\nReturns true if the device supports attestation of device identifiers in addition to key attestation. See\r\ngenerateKeyPair(ComponentName,String,KeyGenParameterSpec,int)\r\nReturns\r\nboolean true if Device ID attestation is supported.\r\nisDeviceOwnerApp\r\npublic boolean isDeviceOwnerApp (String packageName)\r\nUsed to determine if a particular package has been registered as a Device Owner app. A device owner app is a special\r\ndevice admin that cannot be deactivated by the user, once activated as a device admin. It also cannot be uninstalled. To\r\ncheck whether a particular package is currently registered as the device owner app, pass in the package name from\r\nContext.getPackageName() to this method.\r\nThis is useful for device admin apps that want to check whether they are also registered as the device owner app. The\r\nexact mechanism by which a device admin app is registered as a device owner app is defined by the setup process.\r\nParameters\r\npackageName String : the package name of the app, to compare with the registered device owner app, if any.\r\nReturns\r\nboolean whether or not the package is registered as the device owner app.\r\nisEphemeralUser\r\npublic boolean isEphemeralUser (ComponentName admin)\r\nChecks if the profile owner is running in an ephemeral user.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean whether the profile owner is running in an ephemeral user.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 176 of 279\n\nisKeyPairGrantedToWifiAuth\r\npublic boolean isKeyPairGrantedToWifiAuth (String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been delegated the\r\nDELEGATION_CERT_SELECTION privilege), to query whether a KeyChain key pair can be used for authentication to Wifi\r\nnetworks.\r\nParameters\r\nalias\r\nString : The alias of the key pair.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the key pair can be used, false otherwise.\r\nThrows\r\nIllegalArgumentException if alias does not correspond to an existing key\r\nSecurityException if the caller is not a device owner, a profile owner or delegated certificate chooser.\r\nisLockTaskPermitted\r\npublic boolean isLockTaskPermitted (String pkg)\r\nThis function lets the caller know whether the given component is allowed to start the lock task mode.\r\nParameters\r\npkg String : The package to check\r\nReturns\r\nboolean\r\nisLogoutEnabled\r\npublic boolean isLogoutEnabled ()\r\nReturns whether logout is enabled by a device owner.\r\nReturns\r\nboolean true if logout is enabled by device owner, false otherwise.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 177 of 279\n\nisManagedProfile\r\npublic boolean isManagedProfile (ComponentName admin)\r\nReturn if this user is a managed profile of another user. An admin can become the profile owner of a managed profile\r\nwith ACTION_PROVISION_MANAGED_PROFILE and of a managed user with createAndManageUser(ComponentName, String,\r\nComponentName, PersistableBundle, int)\r\nParameters\r\nadmin\r\nComponentName : Which profile owner this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean if this user is a managed profile of another user.\r\nisMasterVolumeMuted\r\npublic boolean isMasterVolumeMuted (ComponentName admin)\r\nCalled by profile or device owners to check whether the global volume mute is on or off.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if global volume is muted, false if it's not.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nisMtePolicyEnforced\r\npublic static boolean isMtePolicyEnforced ()\r\nGet the current MTE state of the device. Learn more about MTE\r\nReturns\r\nboolean whether MTE is currently enabled on the device.\r\nisNetworkLoggingEnabled\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 178 of 279\n\npublic boolean isNetworkLoggingEnabled (ComponentName admin)\r\nReturn whether network logging is enabled by a device owner or profile owner of a managed profile.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Can only be null if\r\nthe caller is a delegated app with DELEGATION_NETWORK_LOGGING or has MANAGE_USERS permission.\r\nReturns\r\nboolean true if network logging is enabled by device owner or profile owner, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device owner or profile owner and caller has no MANAGE_USERS\r\npermission\r\nisOrganizationOwnedDeviceWithManagedProfile\r\npublic boolean isOrganizationOwnedDeviceWithManagedProfile ()\r\nApps can use this method to find out if the device was provisioned as organization-owend device with a managed\r\nprofile. This, together with checking whether the device has a device owner (by calling isDeviceOwnerApp(String) ),\r\ncould be used to learn whether the device is owned by an organization or an individual: If this method returns true OR\r\nisDeviceOwnerApp(String) returns true (for any package), then the device is owned by an organization. Otherwise, it's\r\nowned by an individual.\r\nReturns\r\nboolean true if the device was provisioned as organization-owned device, false otherwise.\r\nisOverrideApnEnabled\r\npublic boolean isOverrideApnEnabled (ComponentName admin)\r\nCalled by device owner to check if override APNs are currently enabled.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if override APNs are currently enabled, false otherwise.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 179 of 279\n\nThrows\r\nSecurityException if admin is not a device owner.\r\nisPackageSuspended\r\npublic boolean isPackageSuspended (ComponentName admin,\r\n String packageName)\r\nDetermine if a package is suspended. This function can be called by a device owner, profile owner, or by a delegate\r\ngiven the DELEGATION_PACKAGE_ACCESS scope via setDelegatedScopes(ComponentName, String, List) or by holders\r\nof the permission Manifest.permission.MANAGE_DEVICE_POLICY_PACKAGE_STATE .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\npackage\r\nName\r\nString : The name of the package to retrieve the suspended status of.\r\nReturns\r\nboolean\r\ntrue if the package is suspended or false if the package is not suspended, could not be found or\r\nan error occurred.\r\nThrows\r\nPackageManager.NameNot\r\nFoundException\r\nif the package could not be found.\r\nSecurityException\r\nif admin is not a device or profile owner or has not been granted the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PACKAGE_STATE .\r\nisPreferentialNetworkServiceEnabled\r\npublic boolean isPreferentialNetworkServiceEnabled ()\r\nIndicates whether preferential network service is enabled.\r\nBefore Android version Build.VERSION_CODES.TIRAMISU : This method can be called by the profile owner of a\r\nmanaged profile.\r\nStarting from Android version Build.VERSION_CODES.TIRAMISU : This method can be called by the profile owner of a\r\nmanaged profile or device owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 180 of 279\n\nReturns\r\nboolean whether preferential network service is enabled.\r\nThrows\r\nSecurityException if the caller is not the profile owner or device owner.\r\nisProfileOwnerApp\r\npublic boolean isProfileOwnerApp (String packageName)\r\nUsed to determine if a particular package is registered as the profile owner for the user. A profile owner is a special\r\ndevice admin that has additional privileges within the profile.\r\nParameters\r\npackageName String : The package name of the app to compare with the registered profile owner.\r\nReturns\r\nboolean Whether or not the package is registered as the profile owner.\r\nisProvisioningAllowed\r\npublic boolean isProvisioningAllowed (String action)\r\nReturns whether it is possible for the caller to initiate provisioning of a managed profile or device, setting itself as the\r\ndevice or profile owner.\r\nParameters\r\naction\r\nString : One of ACTION_PROVISION_MANAGED_DEVICE , ACTION_PROVISION_MANAGED_PROFILE , ERROR(\r\n/#ACTION_PROVISION_MULTIUSER_MANAGED_USER) .\r\nThis value cannot be null .\r\nReturns\r\nboolean whether provisioning a managed profile or device is possible.\r\nThrows\r\nIllegalArgumentException if the supplied action is not valid.\r\nisResetPasswordTokenActive\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 181 of 279\n\npublic boolean isResetPasswordTokenActive (ComponentName admin)\r\nCalled by a profile, device owner or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_RESET_PASSWORD to check if the current reset password token is active.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, false is always returned.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nReturns\r\nboolean true if the token is active, false otherwise.\r\nThrows\r\nIllegalState\r\nException\r\nif no token has been set.\r\nSecurity\r\nException\r\nif admin is not a device or profile owner and not a holder of the permission Manifest.\r\npermission.MANAGE_DEVICE_POLICY_RESET_PASSWORD\r\nisSafeOperation\r\npublic boolean isSafeOperation (int reason)\r\nChecks if it's safe to run operations that can be affected by the given reason .\r\nNote: notice that the operation safety state might change between the time this method returns and the operation's\r\nmethod is called, so calls to the latter could still throw a UnsafeStateException even when this method returns true .\r\nParameters\r\nreason\r\nint : currently, only supported reason is OPERATION_SAFETY_REASON_DRIVING_DISTRACTION .\r\nValue is one of the following:\r\nOPERATION_SAFETY_REASON_DRIVING_DISTRACTION\r\nReturns\r\nboolean whether it's safe to run operations that can be affected by the given reason .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 182 of 279\n\nisSecurityLoggingEnabled\r\npublic boolean isSecurityLoggingEnabled (ComponentName admin)\r\nReturn whether security logging is enabled or not by the admin.\r\nCan only be called by the device owner or a profile owner of an organization-owned managed profile, otherwise a\r\nSecurityException will be thrown.\r\nParameters\r\nadmin\r\nComponentName : Which device admin this request is associated with. Null if the caller is not a device\r\nadmin.\r\nThis value may be null .\r\nReturns\r\nboolean true if security logging is enabled, false otherwise.\r\nThrows\r\nSecurityException if the caller is not allowed to control security logging.\r\nisStatusBarDisabled\r\npublic boolean isStatusBarDisabled ()\r\nReturns whether the status bar is disabled/enabled, see setStatusBarDisabled(ComponentName, boolean) .\r\nCallable by device owner or profile owner of secondary users that is affiliated with the device owner.\r\nThis policy has no effect in LockTask mode. The behavior of the status bar in LockTask mode can be configured with\r\nsetLockTaskFeatures(ComponentName,int) .\r\nThis policy also does not have any effect while on the lock screen, where the status bar will not be disabled.\r\nReturns\r\nboolean\r\nThrows\r\nSecurity\r\nException\r\nif the caller is not the device owner, or a profile owner of secondary user that is affiliated\r\nwith the device.\r\nisUninstallBlocked\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 183 of 279\n\npublic boolean isUninstallBlocked (ComponentName admin,\r\n String packageName)\r\nCheck whether the user has been blocked by device policy from uninstalling a package. Requires the caller to be the\r\nprofile owner if checking a specific admin's policy.\r\nNote: Starting from Build.VERSION_CODES.LOLLIPOP_MR1 , the behavior of this API is changed such that passing null\r\nas the admin parameter will return if any admin has blocked the uninstallation. Before L MR1, passing null will\r\ncause a NullPointerException to be raised.\r\nNote: If your app targets Android 11 (API level 30) or higher, this method returns a filtered result. Learn more about\r\nhow to manage package visibility.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the returned policy will be the current resolved policy rather\r\nthan the policy set by the calling admin.\r\nParameters\r\nadmin\r\nComponentName : The name of the admin component whose blocking policy will be checked, or\r\nnull to check whether any admin has blocked the uninstallation. Starting from Build.VERSION_\r\nCODES.UPSIDE_DOWN_CAKE admin will be ignored and assumed null .\r\npackage\r\nName\r\nString : package to check.\r\nReturns\r\nboolean\r\ntrue if uninstallation is blocked and the given package is visible to you, false otherwise if\r\nuninstallation isn't blocked or the given package isn't visible to you.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nisUniqueDeviceAttestationSupported\r\npublic boolean isUniqueDeviceAttestationSupported ()\r\nReturns true if the StrongBox Keymaster implementation on the device was provisioned with an individual\r\nattestation certificate and can sign attestation records using it (as attestation using an individual attestation certificate is\r\na feature only Keymaster implementations with StrongBox security level can implement). For use prior to calling\r\ngenerateKeyPair(ComponentName,String,KeyGenParameterSpec,int) .\r\nReturns\r\nboolean true if individual attestation is supported.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 184 of 279\n\nisUsbDataSignalingEnabled\r\npublic boolean isUsbDataSignalingEnabled ()\r\nReturns whether USB data signaling is currently enabled.\r\nWhen called by a device owner or profile owner of an organization-owned managed profile, this API returns whether\r\nUSB data signaling is currently enabled by that admin. When called by any other app, returns whether USB data\r\nsignaling is currently enabled on the device.\r\nReturns\r\nboolean true if USB data signaling is enabled, false otherwise.\r\nisUsingUnifiedPassword\r\npublic boolean isUsingUnifiedPassword (ComponentName admin)\r\nWhen called by a profile owner of a managed profile returns true if the profile uses unified challenge with its parent\r\nuser. Note: This method is not concerned with password quality and will return false if the profile has empty password\r\nas a separate challenge.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean\r\nThrows\r\nSecurityException if admin is not a profile owner of a managed profile.\r\nlistForegroundAffiliatedUsers\r\npublic List\u003cUserHandle\u003e listForegroundAffiliatedUsers ()\r\nGets the list of affiliated users running on foreground.\r\nReturns\r\nList\u003cUserHandle\u003e\r\nlist of affiliated users running on foreground.\r\nThis value cannot be null .\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 185 of 279\n\nSecurityException if the calling application is not a device owner\r\nlockNow\r\npublic void lockNow ()\r\nMake the device lock immediately, as if the lock screen timeout has expired at the point of this call.\r\nThis method secures the device in response to an urgent situation, such as a lost or stolen device. After this method is\r\ncalled, the device must be unlocked using strong authentication (PIN, pattern, or password). This API is intended for\r\nuse only by device admins.\r\nFrom version Build.VERSION_CODES.R onwards, the caller must either have the LOCK_DEVICE permission or the\r\ndevice must have the device admin feature; if neither is true, then the method will return without completing any action.\r\nBefore version Build.VERSION_CODES.R , the device needed the device admin feature, regardless of the caller's\r\npermissions.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_FORCE_LOCK to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nIf there's no lock type set, this method forces the device to go to sleep but doesn't lock the device. Device admins who\r\nfind the device in this state can lock an otherwise-insecure device by first calling resetPassword(String, int) to set\r\nthe password and then lock the device.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to lock the parent profile.\r\nNOTE: on automotive builds , this method doesn't turn off the screen as it would be a driving safety distraction.\r\nEquivalent to calling lockNow(int) with no flags.\r\nThrows\r\nSecurity\r\nException\r\nif the calling application does not own an active administrator that uses DeviceAdminInfo.\r\nUSES_POLICY_FORCE_LOCK\r\nlockNow\r\npublic void lockNow (int flags)\r\nMake the device lock immediately, as if the lock screen timeout has expired at the point of this call.\r\nThis method secures the device in response to an urgent situation, such as a lost or stolen device. After this method is\r\ncalled, the device must be unlocked using strong authentication (PIN, pattern, or password). This API is intended for\r\nuse only by device admins.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 186 of 279\n\nFrom version Build.VERSION_CODES.R onwards, the caller must either have the LOCK_DEVICE permission or the\r\ndevice must have the device admin feature; if neither is true, then the method will return without completing any action.\r\nBefore version Build.VERSION_CODES.R , the device needed the device admin feature, regardless of the caller's\r\npermissions.\r\nA calling device admin must have requested DeviceAdminInfo.USES_POLICY_FORCE_LOCK to be able to call this method;\r\nif it has not, a security exception will be thrown.\r\nIf there's no lock type set, this method forces the device to go to sleep but doesn't lock the device. Device admins who\r\nfind the device in this state can lock an otherwise-insecure device by first calling resetPassword(String, int) to set\r\nthe password and then lock the device.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to lock the parent profile as well as the managed profile.\r\nNOTE: In order to lock the parent profile and evict the encryption key of the managed profile, lockNow() must be\r\ncalled twice: First, lockNow() should be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) , then lockNow(int) should be called on the DevicePolicyManager\r\ninstance associated with the managed profile, with the FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY flag. Calling the\r\nmethod twice in this order ensures that all users are locked and does not stop the device admin on the managed profile\r\nfrom issuing a second call to lock its own profile.\r\nNOTE: on automotive builds , this method doesn't turn off the screen as it would be a driving safety distraction.\r\nParameters\r\nflags\r\nint : May be 0 or FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY .\r\nValue is either 0 or\r\nFLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY\r\nThrows\r\nIllegalArgument\r\nException\r\nif the FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY flag is passed when locking the parent\r\nprofile.\r\nSecurity\r\nException\r\nif the calling application does not own an active administrator that uses DeviceAdminInfo.\r\nUSES_POLICY_FORCE_LOCK and the does not hold the LOCK_DEVICE permission, or the\r\nFLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY flag is passed by an application that is not a\r\nprofile owner of a managed profile.\r\nUnsupported\r\nOperation\r\nException\r\nif the FLAG_EVICT_CREDENTIAL_ENCRYPTION_KEY flag is passed when getStorageEncryption\r\nStatus() does not return ENCRYPTION_STATUS_ACTIVE_PER_USER .\r\nlogoutUser\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 187 of 279\n\npublic int logoutUser (ComponentName admin)\r\nCalled by a profile owner of secondary user that is affiliated with the device to stop the calling user and switch back to\r\nprimary user (when the user was switchUser(ComponentName,UserHandle) switched to) or stop the user (when it was\r\nstarted in background .\r\nNotice that on devices running with headless system user mode , there is no primary user, so it switches back to the\r\nuser that was in the foreground before the first call to switchUser(ComponentName,UserHandle) (or fails with\r\nUserManager.USER_OPERATION_ERROR_UNKNOWN if that method was not called prior to this call).\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nint\r\none of the following result codes: UserManager.USER_OPERATION_ERROR_UNKNOWN , UserManager.USER_\r\nOPERATION_SUCCESS , UserManager.USER_OPERATION_ERROR_MANAGED_PROFILE , UserManager.USER_\r\nOPERATION_ERROR_CURRENT_USER\r\nValue is one of the following:\r\nUserManager.USER_OPERATION_SUCCESS\r\nUserManager.USER_OPERATION_ERROR_UNKNOWN\r\nUserManager.USER_OPERATION_ERROR_MANAGED_PROFILE\r\nUserManager.USER_OPERATION_ERROR_MAX_RUNNING_USERS\r\nUserManager.USER_OPERATION_ERROR_CURRENT_USER\r\nUserManager.USER_OPERATION_ERROR_LOW_STORAGE\r\nUserManager.USER_OPERATION_ERROR_MAX_USERS\r\nThrows\r\nSecurityException if admin is not a profile owner affiliated with the device.\r\nreboot\r\npublic void reboot (ComponentName admin)\r\nCalled by device owner to reboot the device. If there is an ongoing call on the device, throws an\r\nIllegalStateException .\r\nParameters\r\nadmin\r\nComponentName : Which device owner the request is associated with.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 188 of 279\n\nThrows\r\nIllegalStateException if device has an ongoing call.\r\nSecurityException if admin is not a device owner.\r\nremoveActiveAdmin\r\npublic void removeActiveAdmin (ComponentName admin)\r\nRemove a current administration component. This can only be called by the application that owns the administration\r\ncomponent; if you try to remove someone else's component, a security exception will be thrown.\r\nNote that the operation is not synchronous and the admin might still be active (as indicated by getActiveAdmins() ) by\r\nthe time this method returns.\r\nParameters\r\nadmin\r\nComponentName : The administration compononent to remove.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if the caller is not in the owner application of admin .\r\nremoveCrossProfileWidgetProvider\r\npublic boolean removeCrossProfileWidgetProvider (ComponentName admin,\r\n String packageName)\r\nThis method was deprecated in API level 37.\r\nWhile this API still works to mutate the current allowlist, please consider switching to\r\nsetCrossProfileWidgetProviders(Set) for better performance.\r\nCalled by the profile owner of a managed profile or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION to disable widget providers from a given package\r\nto be available in the parent profile. For this method to take effect the package should have been added via\r\naddCrossProfileWidgetProvider(android.content.ComponentName,String) .\r\nNote: By default no widget provider package is allowlisted.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 189 of 279\n\npackage\r\nName\r\nString : The package from which widget providers are no longer allowlisted.\r\nReturns\r\nboolean Whether the package was removed.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a profile owner and not a holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_PROFILE_INTERACTION .\r\nSee also:\r\naddCrossProfileWidgetProvider(android.content.ComponentName,String)\r\ngetCrossProfileWidgetProviders(android.content.ComponentName)\r\nremoveKeyPair\r\npublic boolean removeKeyPair (ComponentName admin,\r\n String alias)\r\nThis API can be called by the following to remove a certificate and private key pair installed under a given alias:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API. If called by the credential\r\nmanagement app, the componentName must be null . Note, there can only be a credential management app on an\r\nunmanaged device.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the caller is\r\nnot a device admin.\r\nalias\r\nString : The private key alias under which the certificate is installed.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the private key alias no longer exists, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not null and not a device or profile owner, or admin is null but the calling\r\napplication is not a delegated certificate installer or credential management app.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 190 of 279\n\nremoveOverrideApn\r\npublic boolean removeOverrideApn (ComponentName admin,\r\n int apnId)\r\nCalled by device owner or managed profile owner to remove an override APN.\r\nThis method may returns false if there is no override APN with the given apnId .\r\nBefore Android version Build.VERSION_CODES.TIRAMISU : Only device owners can remove APNs.\r\nStarting from Android version Build.VERSION_CODES.TIRAMISU : Both device owners and managed profile owners can\r\nremove enterprise APNs ( ApnSetting.TYPE_ENTERPRISE ), while only device owners can remove other type of APNs.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\napnId int : the id of the override APN to remove\r\nReturns\r\nboolean true if the required override APN is successfully removed, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nIf request is for enterprise APN admin is either device owner or profile owner and in all other\r\ntypes of APN if admin is not a device owner.\r\nremoveUser\r\npublic boolean removeUser (ComponentName admin,\r\n UserHandle userHandle)\r\nCalled by a device owner to remove a user/profile and all associated data. The primary user can not be removed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nuserHandle\r\nUserHandle : the user to remove.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the user was removed, false otherwise.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 191 of 279\n\nThrows\r\nSecurityException if admin is not a device owner.\r\nrequestBugreport\r\npublic boolean requestBugreport (ComponentName admin)\r\nCalled by a device owner to request a bugreport.\r\nIf the device contains secondary users or profiles, they must be affiliated with the device. Otherwise a\r\nSecurityException will be thrown. See isAffiliatedUser() .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nboolean\r\ntrue if the bugreport collection started successfully, or false if it wasn't triggered because a\r\nprevious bugreport operation is still active (either the bugreport is still running or waiting for the user\r\nto share or decline)\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device owner, or there is at least one profile or secondary user that is not\r\naffiliated with the device.\r\nresetPassword\r\npublic boolean resetPassword (String password,\r\n int flags)\r\nThis method was deprecated in API level 30.\r\nPlease use resetPasswordWithToken(ComponentName, String, byte, int) instead.\r\nForce a new password for device unlock (the password needed to access the entire device) or the work profile challenge\r\non the current user. This takes effect immediately.\r\nBefore Build.VERSION_CODES.N , this API is available to device admin, profile owner and device owner. Starting from\r\nBuild.VERSION_CODES.N , legacy device admin (who is not also profile owner or device owner) can only call this API\r\nto set a new password if there is currently no password set. Profile owner and device owner can continue to force\r\nchange an existing password as long as the target user is unlocked, although device owner will not be able to call this\r\nAPI at all if there is also a managed profile on the device.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 192 of 279\n\nBetween Build.VERSION_CODES.O , Build.VERSION_CODES.P and Build.VERSION_CODES.Q , profile owner and devices\r\nowner targeting SDK level Build.VERSION_CODES.O or above who attempt to call this API will receive\r\nSecurityException ; they are encouraged to migrate to the new resetPasswordWithToken(ComponentName, String,\r\nbyte, int) API instead. Profile owner and device owner targeting older SDK levels are not affected: they continue to\r\nexperience the existing behaviour described in the previous paragraph.\r\nStarting from Build.VERSION_CODES.R , this API is no longer supported in most cases. Device owner and profile owner\r\ncalling this API will receive SecurityException if they target SDK level Build.VERSION_CODES.O or above, or they\r\nwill receive a silent failure (API returning false ) if they target lower SDK level. For legacy device admins, this API\r\nthrows SecurityException if they target SDK level Build.VERSION_CODES.N or above, and returns false\r\notherwise. Only privileged apps holding RESET_PASSWORD permission which are part of the system factory image\r\ncan still call this API to set a new password if there is currently no password set. In this case, if the device already has a\r\npassword, this API will throw SecurityException .\r\nThe given password must be sufficient for the current password quality and length constraints as returned by\r\ngetPasswordQuality(ComponentName) and getPasswordMinimumLength(ComponentName) ; if it does not meet these\r\nconstraints, then it will be rejected and false returned. Note that the password may be a stronger quality (containing\r\nalphanumeric characters when the requested quality is only numeric), in which case the currently active quality will be\r\nincreased to match.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, this methods does nothing.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_RESET_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\npassword String : The new password for the user. Null or empty clears the password.\r\nflags\r\nint : May be 0 or combination of RESET_PASSWORD_REQUIRE_ENTRY and RESET_PASSWORD_DO_NOT_\r\nASK_CREDENTIALS_ON_BOOT .\r\nReturns\r\nboolean Returns true if the password was applied, or false if it is not acceptable for the current constraints.\r\nThrows\r\nIllegalState\r\nException\r\nif the calling user is locked or has a managed profile.\r\nSecurityException\r\nif the calling application does not own an active administrator that uses DeviceAdminInfo.\r\nUSES_POLICY_RESET_PASSWORD\r\nresetPasswordWithToken\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 193 of 279\n\npublic boolean resetPasswordWithToken (ComponentName admin,\r\n String password,\r\n byte[] token,\r\n int flags)\r\nCalled by device or profile owner to force set a new device unlock password or a managed profile challenge on current\r\nuser. This takes effect immediately.\r\nUnlike resetPassword(String, int) , this API can change the password even before the user or device is unlocked or\r\ndecrypted. The supplied token must have been previously provisioned via setResetPasswordToken(ComponentName,\r\nbyte) , and in active state isResetPasswordTokenActive(ComponentName) .\r\nThe given password must be sufficient for the current password quality and length constraints as returned by\r\ngetPasswordQuality(ComponentName) and getPasswordMinimumLength(ComponentName) ; if it does not meet these\r\nconstraints, then it will be rejected and false returned. Note that the password may be a stronger quality, for example, a\r\npassword containing alphanumeric characters when the requested quality is only numeric.\r\nCalling with a null or empty password will clear any existing PIN, pattern or password if the current password\r\nconstraints allow it.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, calling this methods has no effect -\r\nthe password is always empty - and false is returned.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\npassword String : The new password for the user. null or empty clears the password.\r\ntoken\r\nbyte : the password reset token previously provisioned by setResetPasswordToken(ComponentName,\r\nbyte) .\r\nflags\r\nint : May be 0 or combination of RESET_PASSWORD_REQUIRE_ENTRY and RESET_PASSWORD_DO_NOT_\r\nASK_CREDENTIALS_ON_BOOT .\r\nReturns\r\nboolean Returns true if the password was applied, or false if it is not acceptable for the current constraints.\r\nThrows\r\nIllegalStateException if the provided token is not valid.\r\nSecurityException if admin is not a device or profile owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 194 of 279\n\nretrieveNetworkLogs\r\npublic List\u003cNetworkEvent\u003e retrieveNetworkLogs (ComponentName admin,\r\n long batchToken)\r\nCalled by device owner, profile owner of a managed profile or delegated app with DELEGATION_NETWORK_LOGGING to\r\nretrieve the most recent batch of network logging events.\r\nWhen network logging is enabled by a profile owner, the network logs will only include work profile network activity,\r\nnot activity on the personal profile. A device owner or profile owner has to provide a batchToken provided as part of\r\nDeviceAdminReceiver.onNetworkLogsAvailable callback. If the token doesn't match the token of the most recent\r\navailable batch of logs, null will be returned.\r\nNetworkEvent can be one of DnsEvent or ConnectEvent .\r\nThe list of network events is sorted chronologically, and contains at most 1200 events.\r\nAccess to the logs is rate limited and this method will only return a new batch of logs after the device device owner has\r\nbeen notified via DeviceAdminReceiver.onNetworkLogsAvailable .\r\nIf the caller is not a profile owner and a secondary user or profile is created, calling this method will throw a\r\nSecurityException until all users become affiliated again. It will also no longer be possible to retrieve the network\r\nlogs batch with the most recent batchToken provided by DeviceAdminReceiver.onNetworkLogsAvailable . See\r\nDevicePolicyManager.setAffiliationIds .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if called\r\nby a delegated app.\r\nbatch\r\nToken\r\nlong : A token of the batch to retrieve\r\nReturns\r\nList\u003cNetwork\r\nEvent\u003e\r\nA new batch of network logs which is a list of NetworkEvent . Returns null if the batch\r\nrepresented by batchToken is no longer available or if logging is disabled.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device owner, profile owner or if the admin is not a profile owner and there\r\nis at least one profile or secondary user that is not affiliated with the device.\r\nretrievePreRebootSecurityLogs\r\npublic List\u003cSecurityLog.SecurityEvent\u003e retrievePreRebootSecurityLogs (ComponentName admin)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 195 of 279\n\nCalled by device owner or profile owner of an organization-owned managed profile to retrieve device logs from before\r\nthe device's last reboot.\r\nThis API is not supported on all devices. Calling this API on unsupported devices will result in null being\r\nreturned. The device logs are retrieved from a RAM region which is not guaranteed to be corruption-free during\r\npower cycles, as a result be cautious about data corruption when parsing.\r\nWhen called by a device owner, if there is any other user or profile on the device, it must be affiliated with the device.\r\nOtherwise a SecurityException will be thrown. See isAffiliatedUser() .\r\nParameters\r\nadmin\r\nComponentName : Which device admin this request is associated with, or null if called by a delegated\r\napp.\r\nReturns\r\nList\u003cSecurityLog.Security\r\nEvent\u003e\r\nDevice logs from before the latest reboot of the system, or null if this API is\r\nnot supported on the device.\r\nThrows\r\nSecurity\r\nException\r\nif the caller is not allowed to access security logging, or there is at least one profile or\r\nsecondary user that is not affiliated with the device.\r\nretrieveSecurityLogs\r\npublic List\u003cSecurityLog.SecurityEvent\u003e retrieveSecurityLogs (ComponentName admin)\r\nCalled by device owner or profile owner of an organization-owned managed profile to retrieve all new security logging\r\nentries since the last call to this API after device boots.\r\nAccess to the logs is rate limited and it will only return new logs after the admin has been notified via\r\nDeviceAdminReceiver.onSecurityLogsAvailable .\r\nWhen called by a device owner, if there is any other user or profile on the device, it must be affiliated with the device.\r\nOtherwise a SecurityException will be thrown. See isAffiliatedUser() .\r\nParameters\r\nadmin\r\nComponentName : Which device admin this request is associated with, or null if called by a delegated\r\napp.\r\nReturns\r\nList\u003cSecurityLog.\r\nSecurityEvent\u003e\r\nthe new batch of security logs which is a list of SecurityEvent , or null if rate\r\nlimitation is exceeded or if logging is currently disabled.\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 196 of 279\n\nSecurity\r\nException\r\nif the caller is not allowed to access security logging, or there is at least one profile or\r\nsecondary user that is not affiliated with the device.\r\nrevokeKeyPairFromApp\r\npublic boolean revokeKeyPairFromApp (ComponentName admin,\r\n String alias,\r\n String packageName)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been delegated the\r\nDELEGATION_CERT_SELECTION privilege), to revoke an application's grant to a KeyChain key pair. Calls by the\r\napplication to KeyChain.getPrivateKey(Context, String) will fail after the grant is revoked. The grantee app will\r\nreceive the KeyChain.ACTION_KEY_ACCESS_CHANGED broadcast when access to a key is revoked. Starting from\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE throws an IllegalArgumentException if alias doesn't correspond to an\r\nexisting key.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if calling\r\nfrom a delegated certificate chooser.\r\nalias\r\nString : The alias of the key to revoke access from.\r\nThis value cannot be null .\r\npackage\r\nName\r\nString : The name of the (already installed) package to revoke access from.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the grant was revoked successfully, false otherwise.\r\nThrows\r\nIllegalArgument\r\nException\r\nif packageName or alias are empty, or if packageName is not a name of an\r\ninstalled package.\r\nSecurityException if the caller is not a device owner, a profile owner or delegated certificate chooser.\r\nrevokeKeyPairFromWifiAuth\r\npublic boolean revokeKeyPairFromWifiAuth (String alias)\r\nCalled by a device or profile owner, or delegated certificate chooser (an app that has been delegated the\r\nDELEGATION_CERT_SELECTION privilege), to deny using a KeyChain key pair for authentication to Wifi networks.\r\nConfigured networks using this key won't be able to authenticate. Starting from\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE throws an IllegalArgumentException if alias doesn't correspond to an\r\nexisting key.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 197 of 279\n\nParameters\r\nalias\r\nString : The alias of the key pair.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the operation was set successfully, false otherwise.\r\nThrows\r\nSecurityException if the caller is not a device owner, a profile owner or delegated certificate chooser.\r\nsetAccountManagementDisabled\r\npublic void setAccountManagementDisabled (ComponentName admin,\r\n String accountType,\r\n boolean disabled)\r\nCalled by a device owner or profile owner to disable account management for a specific type of account.\r\nThe calling device admin must be a device owner or profile owner. If it is not, a security exception will be thrown.\r\nWhen account management is disabled for an account type, adding or removing an account of that type will not be\r\npossible.\r\nFrom Build.VERSION_CODES.N the profile or device owner can still use AccountManager APIs to add or remove\r\naccounts when account management for a specific type is disabled.\r\nThis method may be called on the DevicePolicyManager instance returned from\r\ngetParentProfileInstance(ComponentName) by the profile owner on an organization-owned device, to restrict\r\naccounts that may not be managed on the primary profile.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the account management disabled policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.ACCOUNT_MANAGEMENT_DISABLED_POLICY\r\nThe additional policy params bundle, which contains PolicyUpdateReceiver.EXTRA_ACCOUNT_TYPE the account\r\ntype the policy applies to\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 198 of 279\n\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller\r\nis not a device admin.\r\nThis value may be null .\r\naccount\r\nType\r\nString : For which account management is disabled or enabled.\r\ndisabled\r\nboolean : The boolean indicating that account management will be disabled (true) or enabled\r\n(false).\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetAffiliationIds\r\npublic void setAffiliationIds (ComponentName admin,\r\n Set\u003cString\u003e ids)\r\nIndicates the entity that controls the device. Two users are affiliated if the set of ids set by the device owner and the\r\nadmin of the secondary user.\r\nA user that is affiliated with the device owner user is considered to be affiliated with the device.\r\nNote: Features that depend on user affiliation (such as security logging or\r\nbindDeviceAdminServiceAsUser(ComponentName, Intent, ServiceConnection, BindServiceFlags, UserHandle) )\r\nwon't be available when a secondary user is created, until it becomes affiliated. Therefore it is recommended that the\r\nappropriate affiliation ids are set by its owner as soon as possible after the user is created.\r\nNote: This method used to be available for affiliating device owner and profile owner. However, since Android 11, this\r\ncombination is not possible. This method is now only useful for affiliating the primary user with managed secondary\r\nusers.\r\nParameters\r\nadmin\r\nComponentName : Which device owner, or owner of secondary user, this request is associated with.\r\nThis value cannot be null .\r\nids\r\nSet : A set of opaque non-empty affiliation ids.\r\nThis value cannot be null .\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 199 of 279\n\nIllegalArgumentException if ids is null or contains an empty string.\r\nsetAlwaysOnVpnPackage\r\npublic void setAlwaysOnVpnPackage (ComponentName admin,\r\n String vpnPackage,\r\n boolean lockdownEnabled)\r\nCalled by a device or profile owner to configure an always-on VPN connection through a specific application for the\r\ncurrent user. This connection is automatically granted and persisted after a reboot.\r\nTo support the always-on feature, an app must\r\ndeclare a VpnService in its manifest, guarded by Manifest.permission.BIND_VPN_SERVICE ;\r\ntarget API 24 or above; and\r\nnot explicitly opt out of the feature through VpnService.SERVICE_META_DATA_SUPPORTS_ALWAYS_ON .\r\nThe call will fail if called with the package name of an unsupported VPN app.\r\nEnabling lockdown via lockdownEnabled argument carries the risk that any failure of the VPN provider could break\r\nnetworking for all apps. This method clears any lockdown allowlist set by\r\nsetAlwaysOnVpnPackage(ComponentName,String,boolean,Set) .\r\nStarting from API 31 calling this method with vpnPackage set to null only removes the existing configuration if it\r\nwas previously created by this admin. To remove VPN configuration created by the user use\r\nUserManager.DISALLOW_CONFIG_VPN .\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nvpnPackage\r\nString : The package name for an installed VPN app on the device, or null to remove an\r\nexisting always-on VPN configuration.\r\nlockdown\r\nEnabled\r\nboolean : true to disallow networking when the VPN is not connected or false otherwise.\r\nThis has no effect when clearing.\r\nThrows\r\nPackageManager.NameNotFound\r\nException\r\nif vpnPackage is not installed.\r\nSecurityException if admin is not a device or a profile owner.\r\nUnsupportedOperation\r\nException\r\nif vpnPackage exists but does not support being set as always-on, or if\r\nalways-on VPN is not available.\r\nsetAlwaysOnVpnPackage\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 200 of 279\n\npublic void setAlwaysOnVpnPackage (ComponentName admin,\r\n String vpnPackage,\r\n boolean lockdownEnabled,\r\n Set\u003cString\u003e lockdownAllowlist)\r\nA version of setAlwaysOnVpnPackage(ComponentName,String,boolean) that allows the admin to specify a set of apps\r\nthat should be able to access the network directly when VPN is not connected. When VPN connects these apps switch\r\nover to VPN if allowed to use that VPN. System apps can always bypass VPN.\r\nNote that the system doesn't update the allowlist when packages are installed or uninstalled, the admin app must call\r\nthis method to keep the list up to date.\r\nWhen lockdownEnabled is false lockdownAllowlist is ignored . When lockdownEnabled is true and\r\nlockdownAllowlist is null or empty, only system apps can bypass VPN.\r\nSetting always-on VPN package to null or using setAlwaysOnVpnPackage(ComponentName,String,boolean) clears\r\nlockdown allowlist.\r\nParameters\r\nadmin ComponentName : This value cannot be null .\r\nvpnPackage\r\nString : package name for an installed VPN app on the device, or null to remove an\r\nexisting always-on VPN configuration\r\nlockdown\r\nEnabled\r\nboolean : true to disallow networking when the VPN is not connected or false\r\notherwise. This has no effect when clearing.\r\nlockdown\r\nAllowlist\r\nSet : Packages that will be able to access the network directly when VPN is in lockdown\r\nmode but not connected. Has no effect when clearing.\r\nThis value may be null .\r\nThrows\r\nPackageManager.NameNotFound\r\nException\r\nif vpnPackage or one of lockdownAllowlist is not installed.\r\nSecurityException if admin is not a device or a profile owner.\r\nUnsupportedOperation\r\nException\r\nif vpnPackage exists but does not support being set as always-on, or if\r\nalways-on VPN is not available.\r\nsetAppFunctionsPolicy\r\npublic void setAppFunctionsPolicy (int policy)\r\nSets the AppFunctionManager policy which controls app functions operations on the device. An app function is a piece\r\nof functionality that apps expose to the system for cross-app orchestration.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 201 of 279\n\nThis function can only be called by a device owner, a profile owner or holders of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_APP_FUNCTIONS .\r\nParameters\r\npolicy\r\nint : The app functions policy to set. One of APP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY , APP_\r\nFUNCTIONS_DISABLED or APP_FUNCTIONS_DISABLED_CROSS_PROFILE\r\nValue is one of the following:\r\nAPP_FUNCTIONS_NOT_CONTROLLED_BY_POLICY\r\nAPP_FUNCTIONS_DISABLED\r\nAPP_FUNCTIONS_DISABLED_CROSS_PROFILE\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner or a holder of the permission Manifest.\r\npermission.MANAGE_DEVICE_POLICY_APP_FUNCTIONS .\r\nsetApplicationHidden\r\npublic boolean setApplicationHidden (ComponentName admin,\r\n String packageName,\r\n boolean hidden)\r\nHide or unhide packages. When a package is hidden it is unavailable for use, but the data and actual package file\r\nremain. This function can be called by a device owner, profile owner, or by a delegate given the\r\nDELEGATION_PACKAGE_ACCESS scope via setDelegatedScopes(ComponentName, String, List) .\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be the profile owner of an organization-owned\r\nmanaged profile and the package must be a system package. If called on the parent instance, then the package is hidden\r\nor unhidden in the personal profile.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the application hidden policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.APPLICATION_HIDDEN_POLICY\r\nThe additional policy params bundle, which contains PolicyUpdateReceiver.EXTRA_PACKAGE_NAME the package\r\nname the policy applies to\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 202 of 279\n\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the\r\ncaller is not a device admin.\r\npackage\r\nName\r\nString : The name of the package to hide or unhide.\r\nhidden boolean : true if the package should be hidden, false if it should be unhidden.\r\nReturns\r\nboolean boolean Whether the hidden setting of the package was successfully updated.\r\nThrows\r\nIllegalArgument\r\nException\r\nif called on the parent profile and the package provided is not a system package.\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or if called on the parent profile and the admin\r\nis not a profile owner of an organization-owned managed profile.\r\nsetApplicationRestrictions\r\npublic void setApplicationRestrictions (ComponentName admin,\r\n String packageName,\r\n Bundle settings)\r\nSets the application restrictions for a given target application running in the calling user.\r\nThe caller must be a profile or device owner on that user, or the package allowed to manage application restrictions via\r\nsetDelegatedScopes(ComponentName, String, List) with the DELEGATION_APP_RESTRICTIONS scope; otherwise a\r\nsecurity exception will be thrown.\r\nThe provided Bundle consists of key-value pairs, where the types of values may be:\r\nboolean\r\nint\r\nString or String[]\r\nFrom Build.VERSION_CODES.M , Bundle or Bundle[]\r\nIf the restrictions are not available yet, but may be applied in the near future, the caller can notify the target application\r\nof that by adding UserManager.KEY_RESTRICTIONS_PENDING to the settings parameter.\r\nThe application restrictions are only made visible to the target application via\r\nUserManager.getApplicationRestrictions(String) , in addition to the profile or device owner, and the application\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 203 of 279\n\nrestrictions managing package via getApplicationRestrictions(ComponentName, String) .\r\nStarting from Android Version Build.VERSION_CODES.UPSIDE_DOWN_CAKE , multiple admins can set app restrictions for\r\nthe same application, the target application can get the list of app restrictions set by each admin via\r\nRestrictionsManager.getApplicationRestrictionsPerAdmin() .\r\nStarting from Android Version Build.VERSION_CODES.VANILLA_ICE_CREAM , the device policy management role holder\r\ncan also set app restrictions on any applications in the calling user, as well as the parent user of an organization-owned\r\nmanaged profile via the DevicePolicyManager instance returned by getParentProfileInstance(ComponentName) .\r\nApp restrictions set by the device policy management role holder are returned by\r\nUserManager.getApplicationRestrictions(String) but the target application should use\r\nRestrictionsManager.getApplicationRestrictionsPerAdmin() to retrieve them, alongside any app restrictions the\r\nprofile or device owner might have set.\r\nNOTE: The method performs disk I/O and shouldn't be called on the main thread.\r\nThis method may take several seconds to complete, so it should only be called from a worker thread.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if called\r\nby the application restrictions managing package.\r\npackage\r\nName\r\nString : The name of the package to update restricted settings for.\r\nsettings\r\nBundle : A Bundle to be parsed by the receiving application, conveying a new set of active\r\nrestrictions.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nSee also:\r\nsetDelegatedScopes(ComponentName, String, List)\r\nDELEGATION_APP_RESTRICTIONS\r\nUserManager.KEY_RESTRICTIONS_PENDING\r\nsetApplicationRestrictionsManagingPackage\r\npublic void setApplicationRestrictionsManagingPackage (ComponentName admin,\r\n String packageName)\r\nThis method was deprecated in API level 26.\r\nFrom Build.VERSION_CODES.O . Use setDelegatedScopes(ComponentName, String, List) with the\r\nDELEGATION_APP_RESTRICTIONS scope instead.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 204 of 279\n\nCalled by a profile owner or device owner to grant permission to a package to manage application restrictions for the\r\ncalling user via setApplicationRestrictions(ComponentName, String, Bundle) and\r\ngetApplicationRestrictions(ComponentName, String) .\r\nThis permission is persistent until it is later cleared by calling this method with a null value or uninstalling the\r\nmanaging package.\r\nThe supplied application restriction managing package must be installed when calling this API, otherwise an\r\nNameNotFoundException will be thrown.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\npackage\r\nName\r\nString : The package name which will be given access to application restrictions APIs. If null\r\nis given the current package will be cleared.\r\nThrows\r\nPackageManager.NameNotFoundException if packageName is not found\r\nSecurityException if admin is not a device or profile owner.\r\nsetAutoTimeEnabled\r\npublic void setAutoTimeEnabled (ComponentName admin,\r\n boolean enabled)\r\nCalled by a device owner, a profile owner for the primary user or a profile owner of an organization-owned managed\r\nprofile to turn auto time on and off.\r\nCallers are recommended to use UserManager.DISALLOW_CONFIG_DATE_TIME to prevent the user from changing this\r\nsetting, that way no user will be able set the date and time zone.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\nenabled boolean : Whether time should be obtained automatically from the network or not.\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile.\r\nsetAutoTimePolicy\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 205 of 279\n\npublic void setAutoTimePolicy (int policy)\r\nCalled by a device owner, a profile owner for the primary user or a profile owner of an organization-owned managed\r\nprofile to turn auto time on and off i.e. Whether time should be obtained automatically from the network or not.\r\nCallers are recommended to use UserManager.DISALLOW_CONFIG_DATE_TIME to prevent the user from changing this\r\nsetting, that way no user will be able set the date and time zone.\r\nParameters\r\npolicy\r\nint : The desired state among AUTO_TIME_ENABLED to enable, AUTO_TIME_DISABLED to disable and\r\nAUTO_TIME_NOT_CONTROLLED_BY_POLICY to unset the policy.\r\nValue is one of the following:\r\nAUTO_TIME_NOT_CONTROLLED_BY_POLICY\r\nAUTO_TIME_DISABLED\r\nAUTO_TIME_ENABLED\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile, or if the caller does not hold the required permission.\r\nsetAutoTimeRequired\r\npublic void setAutoTimeRequired (ComponentName admin,\r\n boolean required)\r\nThis method was deprecated in API level 30.\r\nFrom Build.VERSION_CODES.R . Use setAutoTimeEnabled(ComponentName, boolean) to turn auto time on or off and\r\nuse UserManager.DISALLOW_CONFIG_DATE_TIME to prevent the user from changing this setting.\r\nCalled by a device owner, or alternatively a profile owner from Android 8.0 (API level 26) or higher, to set whether\r\nauto time is required. If auto time is required, no user will be able set the date and time and network date and time will\r\nbe used.\r\nNote: If auto time is required the user can still manually set the time zone. Staring from Android 11, if auto time is\r\nrequired, the user cannot manually set the time zone.\r\nThe calling device admin must be a device owner, or alternatively a profile owner from Android 8.0 (API level 26) or\r\nhigher. If it is not, a security exception will be thrown.\r\nStaring from Android 11, this API switches to use UserManager.DISALLOW_CONFIG_DATE_TIME to enforce the auto time\r\nsettings. Calling this API to enforce auto time will result in UserManager.DISALLOW_CONFIG_DATE_TIME being set, while\r\ncalling this API to lift the requirement will result in UserManager.DISALLOW_CONFIG_DATE_TIME being cleared. From\r\nAndroid 11, this API can also no longer be called on a managed profile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 206 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nrequired boolean : Whether auto time is set required or not.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device owner, not a profile owner or if this API is called on a managed\r\nprofile.\r\nsetAutoTimeZoneEnabled\r\npublic void setAutoTimeZoneEnabled (ComponentName admin,\r\n boolean enabled)\r\nCalled by a device owner, a profile owner for the primary user or a profile owner of an organization-owned managed\r\nprofile to turn auto time zone on and off.\r\nCallers are recommended to use UserManager.DISALLOW_CONFIG_DATE_TIME to prevent the user from changing this\r\nsetting, that way no user will be able set the date and time zone.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with or Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\nenabled boolean : Whether time zone should be obtained automatically from the network or not.\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile.\r\nsetAutoTimeZonePolicy\r\npublic void setAutoTimeZonePolicy (int policy)\r\nCalled by a device owner, a profile owner for the primary user or a profile owner of an organization-owned managed\r\nprofile to turn auto time zone on and off.\r\nCallers are recommended to use UserManager.DISALLOW_CONFIG_DATE_TIME to prevent the user from changing this\r\nsetting, that way no user will be able set the date and time zone.\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 207 of 279\n\npolicy\r\nint : The desired state among AUTO_TIME_ZONE_ENABLED to enable it, AUTO_TIME_ZONE_DISABLED to\r\ndisable it or AUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY to unset the policy.\r\nValue is one of the following:\r\nAUTO_TIME_ZONE_NOT_CONTROLLED_BY_POLICY\r\nAUTO_TIME_ZONE_DISABLED\r\nAUTO_TIME_ZONE_ENABLED\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner, a profile owner for the primary user, or a profile owner of an\r\norganization-owned managed profile, or if the caller does not hold the required permission.\r\nsetBackupServiceEnabled\r\npublic void setBackupServiceEnabled (ComponentName admin,\r\n boolean enabled)\r\nAllows the device owner or profile owner to enable or disable the backup service.\r\nEach user has its own backup service which manages the backup and restore mechanisms in that user. Disabling the\r\nbackup service will prevent data from being backed up or restored.\r\nDevice owner calls this API to control backup services across all users on the device. Profile owner can use this API to\r\nenable or disable the profile's backup service. However, for a managed profile its backup functionality is only enabled if\r\nboth the device owner and the profile owner have enabled the backup service.\r\nBy default, backup service is disabled on a device with device owner, and within a managed profile.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nenabled boolean : true to enable the backup service, false to disable it.\r\nThrows\r\nSecurityException if admin is not a device owner or a profile owner.\r\nsetBluetoothContactSharingDisabled\r\npublic void setBluetoothContactSharingDisabled (ComponentName admin,\r\n boolean disabled)\r\nCalled by a profile owner of a managed profile to set whether bluetooth devices can access enterprise contacts.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 208 of 279\n\nThe calling device admin must be a profile owner. If it is not, a security exception will be thrown.\r\nThis API works on managed profile only.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ndisabled boolean : If true, bluetooth devices cannot access enterprise contacts.\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\nsetCameraDisabled\r\npublic void setCameraDisabled (ComponentName admin,\r\n boolean disabled)\r\nCalled by an application that is administering the device to disable all cameras on the device, for this user. After setting\r\nthis, no applications running as this user will be able to access any cameras on the device.\r\nStarting with Android Build.VERSION_CODES.CINNAMON_BUN , this method also blocks application access to external\r\nUSB cameras that connect directly via the UsbConstants.USB_CLASS_VIDEO interface.\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be the profile owner of an organization-owned\r\nmanaged profile.\r\nIf the caller is device owner, then the restriction will be applied to all users. If called on the parent instance, then the\r\nrestriction will be applied on the personal profile.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_DISABLE_CAMERA to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nNote, this policy type is deprecated for legacy device admins since Build.VERSION_CODES.Q . On Android\r\nBuild.VERSION_CODES.Q devices, legacy device admins targeting SDK version Build.VERSION_CODES.P or below can\r\nstill call this API to disable camera, while legacy device admins targeting SDK version Build.VERSION_CODES.Q will\r\nreceive a SecurityException. Starting from Android Build.VERSION_CODES.R , requests to disable camera from legacy\r\ndevice admins targeting SDK version Build.VERSION_CODES.P or below will be silently ignored.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the camera disabled policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier: userRestriction_no_camera\r\nThe TargetUser that this policy relates to\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 209 of 279\n\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with or null if the caller is\r\nnot a device admin\r\ndisabled boolean : Whether or not the camera should be disabled.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator or does not use DeviceAdminInfo.USES_POLICY_\r\nDISABLE_CAMERA .\r\nsetCertInstallerPackage\r\npublic void setCertInstallerPackage (ComponentName admin,\r\n String installerPackage)\r\nThis method was deprecated in API level 26.\r\nFrom Build.VERSION_CODES.O . Use setDelegatedScopes(ComponentName, String, List) with the\r\nDELEGATION_CERT_INSTALL scope instead.\r\nCalled by a profile owner or device owner to grant access to privileged certificate manipulation APIs to a third-party\r\ncertificate installer app. Granted APIs include getInstalledCaCerts(ComponentName) ,\r\nhasCaCertInstalled(ComponentName, byte) , installCaCert(ComponentName, byte) ,\r\nuninstallCaCert(ComponentName, byte) , uninstallAllUserCaCerts(ComponentName) and\r\ninstallKeyPair(ComponentName, PrivateKey, Certificate, String) .\r\nDelegated certificate installer is a per-user state. The delegated access is persistent until it is later cleared by calling this\r\nmethod with a null value or uninstalling the certificate installer.\r\nNote:Starting from Build.VERSION_CODES.N , if the caller application's target SDK version is Build.VERSION_CODES.N\r\nor newer, the supplied certificate installer package must be installed when calling this API, otherwise an\r\nIllegalArgumentException will be thrown.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 210 of 279\n\ninstaller\r\nPackage\r\nString : The package name of the certificate installer which will be given access. If null is\r\ngiven the current package will be cleared.\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\nsetCommonCriteriaModeEnabled\r\npublic void setCommonCriteriaModeEnabled (ComponentName admin,\r\n boolean enabled)\r\nCalled by device owner or profile owner of an organization-owned managed profile to toggle Common Criteria mode\r\nfor the device. When the device is in Common Criteria mode, certain device functionalities are tuned to meet the higher\r\nsecurity level required by Common Criteria certification. For example:\r\nBluetooth long term key material is additionally integrity-protected with AES-GCM.\r\nWiFi configuration store is additionally integrity-protected with AES-GCM.\r\nCommon Criteria mode is disabled by default.\r\nNote: if Common Critera mode is turned off after being enabled previously, all existing WiFi configurations will be lost.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\nenabled boolean : whether Common Criteria mode should be enabled or not.\r\nsetConfiguredNetworksLockdownState\r\npublic void setConfiguredNetworksLockdownState (ComponentName admin,\r\n boolean lockdown)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to control whether the user can\r\nchange networks configured by the admin. When this lockdown is enabled, the user can still configure and connect to\r\nother Wi-Fi networks, or use other Wi-Fi capabilities such as tethering.\r\nWiFi network configuration lockdown is controlled by a global settings\r\nSettings.Global.WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN and calling this API effectively modifies the global settings.\r\nPreviously device owners can also control this directly via setGlobalSetting(ComponentName, String, String) but\r\nthey are recommended to switch to this API.\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 211 of 279\n\nadmin\r\nComponentName : admin Which DeviceAdminReceiver this request is associated with. Null if the\r\ncaller is not a device admin.\r\nThis value may be null .\r\nlockdown boolean : Whether the admin configured networks should be unmodifiable by the user.\r\nThrows\r\nSecurity\r\nException\r\nif caller is not a device owner or a profile owner of an organization-owned managed\r\nprofile.\r\nsetContentProtectionPolicy\r\npublic void setContentProtectionPolicy (ComponentName admin,\r\n int policy)\r\nSets the content protection policy which controls scanning for deceptive apps.\r\nThis function can only be called by the device owner, a profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holders of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_CONTENT_PROTECTION . See isAffiliatedUser() . Any policy set via this\r\nmethod will be cleared if the user becomes unaffiliated.\r\nAfter the content protection policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.CONTENT_PROTECTION_POLICY\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not\r\na device admin.\r\nThis value may be null .\r\npolicy int : The content protection policy to set. One of CONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY ,\r\nCONTENT_PROTECTION_DISABLED or CONTENT_PROTECTION_ENABLED .\r\nValue is one of the following:\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 212 of 279\n\nCONTENT_PROTECTION_NOT_CONTROLLED_BY_POLICY\r\nCONTENT_PROTECTION_DISABLED\r\nCONTENT_PROTECTION_ENABLED\r\nThrows\r\nSecurity\r\nException\r\nif admin is not the device owner, the profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holder of the permission Manifest.permission.MANAGE_\r\nDEVICE_POLICY_CONTENT_PROTECTION .\r\nsetCredentialManagerPolicy\r\npublic void setCredentialManagerPolicy (PackagePolicy policy)\r\nCalled by a device owner or profile owner of a managed profile to set the credential manager policy.\r\nAffects APIs exposed by CredentialManager .\r\nA PackagePolicy.PACKAGE_POLICY_ALLOWLIST policy type will limit the credential providers that the user can use to the\r\nlist of packages in the policy.\r\nA PackagePolicy.PACKAGE_POLICY_ALLOWLIST_AND_SYSTEM policy type allows access from the OEM default credential\r\nproviders and the allowlist of credential providers.\r\nA PackagePolicy.PACKAGE_POLICY_BLOCKLIST policy type will block the credential providers listed in the policy from\r\nbeing used by the user.\r\nParameters\r\npolicy PackagePolicy : the policy to set, setting this value to null will allow all packages\r\nThrows\r\nSecurityException if caller is not a device owner or profile owner of a managed profile\r\nsetCrossProfileCalendarPackages\r\npublic void setCrossProfileCalendarPackages (ComponentName admin,\r\n Set\u003cString\u003e packageNames)\r\nThis method was deprecated in API level 34.\r\nUse setCrossProfilePackages(ComponentName,Set) .\r\nAllows a set of packages to access cross-profile calendar APIs.\r\nCalled by a profile owner of a managed profile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 213 of 279\n\nCalling with a null value for the set disables the restriction so that all packages are allowed to access cross-profile\r\ncalendar APIs. Calling with an empty set disallows all packages from accessing cross-profile calendar APIs. If this\r\nmethod isn't called, no package is allowed to access cross-profile calendar APIs by default.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\npackageNames\r\nSet : set of packages to be allowlisted.\r\nThis value may be null .\r\nThrows\r\nSecurityException if admin is not a profile owner\r\nsetCrossProfileCallerIdDisabled\r\npublic void setCrossProfileCallerIdDisabled (ComponentName admin,\r\n boolean disabled)\r\nThis method was deprecated in API level 34.\r\nstarting with Build.VERSION_CODES.UPSIDE_DOWN_CAKE , use\r\nsetManagedProfileCallerIdAccessPolicy(PackagePolicy) instead\r\nCalled by a profile owner of a managed profile to set whether caller-Id information from the managed profile will be\r\nshown in the parent profile, for incoming calls.\r\nThe calling device admin must be a profile owner. If it is not, a security exception will be thrown.\r\nStarting with Build.VERSION_CODES.UPSIDE_DOWN_CAKE , calling this function is similar to calling\r\nsetManagedProfileCallerIdAccessPolicy(PackagePolicy) with a PackagePolicy.PACKAGE_POLICY_BLOCKLIST policy\r\ntype when disabled is false or a PackagePolicy.PACKAGE_POLICY_ALLOWLIST policy type when disabled is true.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ndisabled boolean : If true caller-Id information in the managed profile is not displayed.\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\nsetCrossProfileContactsSearchDisabled\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 214 of 279\n\npublic void setCrossProfileContactsSearchDisabled (ComponentName admin,\r\n boolean disabled)\r\nThis method was deprecated in API level 34.\r\nFrom Build.VERSION_CODES.UPSIDE_DOWN_CAKE use setManagedProfileContactsAccessPolicy(PackagePolicy)\r\nCalled by a profile owner of a managed profile to set whether contacts search from the managed profile will be shown\r\nin the parent profile, for incoming calls.\r\nThe calling device admin must be a profile owner. If it is not, a security exception will be thrown. Starting with\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE , calling this function is similar to calling\r\nsetManagedProfileContactsAccessPolicy(PackagePolicy) with a PackagePolicy.PACKAGE_POLICY_BLOCKLIST policy\r\ntype when disabled is false or a PackagePolicy.PACKAGE_POLICY_ALLOWLIST policy type when disabled is true.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ndisabled boolean : If true contacts search in the managed profile is not displayed.\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\nsetCrossProfilePackages\r\npublic void setCrossProfilePackages (ComponentName admin,\r\n Set\u003cString\u003e packageNames)\r\nSets the set of admin-allowlisted package names that are allowed to request user consent for cross-profile\r\ncommunication.\r\nAssumes that the caller is a profile owner and is the given admin .\r\nPrevious calls are overridden by each subsequent call to this method.\r\nNote that other apps may be able to request user consent for cross-profile communication if they have been explicitly\r\nallowlisted by the OEM.\r\nWhen previously-set cross-profile packages are missing from packageNames , the app-op for\r\nINTERACT_ACROSS_PROFILES will be reset for those packages. This will not occur for packages that are allowlisted by\r\nthe OEM.\r\nParameters\r\nadmin\r\nComponentName : the DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 215 of 279\n\npackageNames\r\nSet : the new cross-profile package names.\r\nThis value cannot be null .\r\nsetCrossProfileWidgetProviders\r\npublic void setCrossProfileWidgetProviders (Set\u003cString\u003e packageNames)\r\nCalled by the profile owner of a managed profile or a holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_PROFILE_INTERACTION to enable widget providers from packages to be\r\navailable in the parent profile. As a result the user will be able to add widgets from the allowlisted package running\r\nunder the profile to a widget host which runs under the parent profile, for example the home screen. Note that a package\r\nmay have zero or more provider components, where each component provides a different widget type.\r\nNote: By default no widget provider package is allowlisted.\r\nNote: This API updates the entire allowlist in one-go, overriding any previous allowlist. This is more efficient than\r\nusing addCrossProfileWidgetProvider(ComponentName, String) and\r\nremoveCrossProfileWidgetProvider(ComponentName, String) to update the allowlist one package a time, especially if\r\nthe allowlist consists of many packages.\r\nParameters\r\npackageNames\r\nSet : The packages from which widget providers are allowlisted.\r\nThis value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a profile owner and not a holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_PROFILE_INTERACTION .\r\nsetDefaultDialerApplication\r\npublic void setDefaultDialerApplication (String packageName)\r\nMust be called by a device owner or a profile owner of an organization-owned managed profile to set the default dialer\r\napplication for the calling user.\r\nWhen the profile owner of an organization-owned managed profile calls this method, it sets the default dialer\r\napplication in the work profile. This is only meaningful when work profile telephony is enabled by\r\nsetManagedSubscriptionsPolicy(ManagedSubscriptionsPolicy) .\r\nIf the device does not support telephony ( PackageManager.FEATURE_TELEPHONY ), calling this method will do nothing.\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 216 of 279\n\npackageName\r\nString : The name of the package to set as the default dialer application.\r\nThis value cannot be null .\r\nThrows\r\nIllegalArgument\r\nException\r\nif the package cannot be set as the default dialer, for example if the package is not installed\r\nor does not expose the expected activities or services that a dialer app is required to have.\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or a profile owner of an organization-owned\r\nmanaged profile.\r\nsetDefaultSmsApplication\r\npublic void setDefaultSmsApplication (ComponentName admin,\r\n String packageName)\r\nMust be called by a device owner or a profile owner of an organization-owned managed profile to set the default SMS\r\napplication.\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be the profile owner of an organization-owned\r\nmanaged profile and the package must be a pre-installed system package. If called on the parent instance, then the\r\ndefault SMS application is set on the personal profile.\r\nStarting from Android Build.VERSION_CODES.UPSIDE_DOWN_CAKE , the profile owner of an organization-owned managed\r\nprofile can also call this method directly (not on the parent profile instance) to set the default SMS application in the\r\nwork profile. This is only meaningful when work profile telephony is enabled by\r\nsetManagedSubscriptionsPolicy(ManagedSubscriptionsPolicy) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\npackage\r\nName\r\nString : The name of the package to set as the default SMS application.\r\nThis value cannot be null .\r\nThrows\r\nIllegalArgument\r\nException\r\nif called on the parent profile and the package provided is not a pre-installed system\r\npackage.\r\nIllegalState\r\nException\r\nwhile trying to set default sms app on the profile and ManagedSubscriptionsPolicy.TYPE_\r\nALL_MANAGED_SUBSCRIPTIONS policy is not set.\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or if called on the parent profile and the admin\r\nis not a profile owner of an organization-owned managed profile.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 217 of 279\n\nsetDelegatedScopes\r\npublic void setDelegatedScopes (ComponentName admin,\r\n String delegatePackage,\r\n List\u003cString\u003e scopes)\r\nCalled by a profile owner or device owner to grant access to privileged APIs to another app. Granted APIs are\r\ndetermined by scopes , which is a list of the DELEGATION_* constants.\r\nA broadcast with the ACTION_APPLICATION_DELEGATION_SCOPES_CHANGED action will be sent to the delegatePackage\r\nwith its new scopes in an ArrayList\u003cString\u003e extra under the EXTRA_DELEGATION_SCOPES key. The broadcast is sent\r\nwith the Intent.FLAG_RECEIVER_REGISTERED_ONLY flag.\r\nDelegated scopes are a per-user state. The delegated access is persistent until it is later cleared by calling this method\r\nwith an empty scopes list or uninstalling the delegatePackage .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ndelegate\r\nPackage\r\nString : The package name of the app which will be given access.\r\nThis value cannot be null .\r\nscopes\r\nList : The groups of privileged APIs whose access should be granted to delegated\r\nPackage .\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a device or a profile owner.\r\nsetDeviceOwnerLockScreenInfo\r\npublic void setDeviceOwnerLockScreenInfo (ComponentName admin,\r\n CharSequence info)\r\nSets the device owner information to be shown on the lock screen.\r\nDevice owner information set using this method overrides any owner information manually set by the user and prevents\r\nthe user from further changing it.\r\nIf the device owner information is null or empty then the device owner info is cleared and the user owner info is\r\nshown on the lock screen if it is set.\r\nIf the device owner information contains only whitespaces then the message on the lock screen will be blank and the\r\nuser will not be allowed to change it.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 218 of 279\n\nIf the device owner information needs to be localized, it is the responsibility of the DeviceAdminReceiver to listen to\r\nthe Intent.ACTION_LOCALE_CHANGED broadcast and set a new version of this string accordingly.\r\nMay be called by the device owner or the profile owner of an organization-owned device.\r\nParameters\r\nadmin\r\nComponentName : The name of the admin component to check. Null if the caller is not a device admin.\r\nThis value may be null .\r\ninfo CharSequence : Device owner information which will be displayed instead of the user owner info.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nsetEndUserSessionMessage\r\npublic void setEndUserSessionMessage (ComponentName admin,\r\n CharSequence endUserSessionMessage)\r\nCalled by a device owner to specify the user session end message. This may be displayed during a user switch.\r\nThe message should be limited to a short statement or it may be truncated.\r\nIf the message needs to be localized, it is the responsibility of the DeviceAdminReceiver to listen to the\r\nIntent.ACTION_LOCALE_CHANGED broadcast and set a new version of this message accordingly.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nendUserSession\r\nMessage\r\nCharSequence : message for ending user session, or null to use system default\r\nmessage.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nsetFactoryResetProtectionPolicy\r\npublic void setFactoryResetProtectionPolicy (ComponentName admin,\r\n FactoryResetProtectionPolicy policy)\r\nCallable by device owner or profile owner of an organization-owned device, to set a factory reset protection (FRP)\r\npolicy. When a new policy is set, the system notifies the FRP management agent of a policy change by broadcasting\r\nACTION_RESET_PROTECTION_POLICY_CHANGED .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 219 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not\r\na device admin.\r\nThis value may be null .\r\npolicy FactoryResetProtectionPolicy : the new FRP policy, or null to clear the current policy.\r\nThrows\r\nSecurityException\r\nif admin is not a device owner or a profile owner of an organization-owned\r\ndevice.\r\nUnsupportedOperation\r\nException\r\nif factory reset protection is not supported on the device.\r\nsetGlobalPrivateDnsModeOpportunistic\r\npublic int setGlobalPrivateDnsModeOpportunistic (ComponentName admin)\r\nSets the global Private DNS mode to opportunistic. May only be called by the device owner.\r\nIn this mode, the DNS subsystem will attempt a TLS handshake to the network-supplied resolver prior to attempting\r\nname resolution in cleartext.\r\nNote: The device owner won't be able to set the global private DNS mode if there are unaffiliated secondary users or\r\nprofiles on the device. It's recommended that affiliation ids are set for new users as soon as possible after provisioning\r\nvia setAffiliationIds(ComponentName, Set) .\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nReturns\r\nint\r\nPRIVATE_DNS_SET_NO_ERROR if the mode was set successfully, or PRIVATE_DNS_SET_ERROR_FAILURE_\r\nSETTING if it could not be set.\r\nValue is one of the following:\r\nPRIVATE_DNS_SET_NO_ERROR\r\nPRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING\r\nPRIVATE_DNS_SET_ERROR_FAILURE_SETTING\r\nThrows\r\nSecurityException if the caller is not the device owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 220 of 279\n\nsetGlobalPrivateDnsModeSpecifiedHost\r\npublic int setGlobalPrivateDnsModeSpecifiedHost (ComponentName admin,\r\n String privateDnsHost)\r\nSets the global Private DNS host to be used. May only be called by the device owner.\r\nNote that the method is blocking as it will perform a connectivity check to the resolver, to ensure it is valid. Because of\r\nthat, the method should not be called on any thread that relates to user interaction, such as the UI thread.\r\nIn case a VPN is used in conjunction with Private DNS resolver, the Private DNS resolver must be reachable both from\r\nwithin and outside the VPN. Otherwise, the device may lose the ability to resolve hostnames as system traffic to the\r\nresolver may not go through the VPN.\r\nNote: The device owner won't be able to set the global private DNS mode if there are unaffiliated secondary users or\r\nprofiles on the device. It's recommended that affiliation ids are set for new users as soon as possible after provisioning\r\nvia setAffiliationIds(ComponentName, Set) .\r\nThis method may take several seconds to complete, so it should only be called from a worker thread.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nprivateDnsHost\r\nString : The hostname of a server that implements DNS over TLS (RFC7858).\r\nThis value cannot be null .\r\nReturns\r\nint\r\nPRIVATE_DNS_SET_NO_ERROR if the mode was set successfully, PRIVATE_DNS_SET_ERROR_FAILURE_SETTING\r\nif it could not be set or PRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING if the specified host does not\r\nimplement RFC7858.\r\nValue is one of the following:\r\nPRIVATE_DNS_SET_NO_ERROR\r\nPRIVATE_DNS_SET_ERROR_HOST_NOT_SERVING\r\nPRIVATE_DNS_SET_ERROR_FAILURE_SETTING\r\nThrows\r\nIllegalArgumentException if the privateDnsHost is not a valid hostname.\r\nSecurityException if the caller is not the device owner.\r\nsetGlobalSetting\r\npublic void setGlobalSetting (ComponentName admin,\r\n String setting,\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 221 of 279\n\nString value)\r\nThis method is mostly deprecated. Most of the settings that still have an effect have dedicated setter methods or user\r\nrestrictions. See individual settings for details.\r\nCalled by device owner to update Settings.Global settings. Validation that the value of the setting is in the correct\r\nform for the setting type should be performed by the caller.\r\nThe settings that can be updated with this method are:\r\nSettings.Global.ADB_ENABLED : use UserManager.DISALLOW_DEBUGGING_FEATURES instead to restrict users\r\nfrom enabling debugging features and this setting to turn adb on.\r\nSettings.Global.USB_MASS_STORAGE_ENABLED\r\nSettings.Global.STAY_ON_WHILE_PLUGGED_IN This setting is only available from Build.VERSION_CODES.M\r\nonwards and can only be set if setMaximumTimeToLock(ComponentName, long) is not used to set a timeout.\r\nSettings.Global.WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN\r\nThis setting is only available from Build.VERSION_CODES.M onwards.\r\nThe following settings used to be supported, but can be controlled in other ways:\r\nSettings.Global.AUTO_TIME : Use setAutoTimeEnabled(ComponentName, boolean) and\r\nUserManager.DISALLOW_CONFIG_DATE_TIME instead.\r\nSettings.Global.AUTO_TIME_ZONE : Use setAutoTimeZoneEnabled(ComponentName, boolean) and\r\nUserManager.DISALLOW_CONFIG_DATE_TIME instead.\r\nSettings.Global.DATA_ROAMING : Use UserManager.DISALLOW_DATA_ROAMING instead.\r\nChanging the following settings has no effect as of Build.VERSION_CODES.M :\r\nSettings.Global.BLUETOOTH_ON . Use BluetoothAdapter.enable() and BluetoothAdapter.disable()\r\ninstead.\r\nSettings.Global.DEVELOPMENT_SETTINGS_ENABLED\r\nSettings.Global.MODE_RINGER . Use AudioManager.setRingerMode(int) instead.\r\nSettings.Global.NETWORK_PREFERENCE\r\nSettings.Global.WIFI_ON . Use WifiManager.setWifiEnabled(boolean) instead.\r\nSettings.Global.WIFI_SLEEP_POLICY . No longer has effect.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nsetting String : The name of the setting to update.\r\nvalue String : The value to update the setting to.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 222 of 279\n\nsetKeepUninstalledPackages\r\npublic void setKeepUninstalledPackages (ComponentName admin,\r\n List\u003cString\u003e packageNames)\r\nSet a list of apps to keep around as APKs even if no user has currently installed it. This function can be called by a\r\ndevice owner or by a delegate given the DELEGATION_KEEP_UNINSTALLED_PACKAGES scope via\r\nsetDelegatedScopes(ComponentName, String, List) .\r\nPlease note that setting this policy does not imply that specified apps will be automatically pre-cached.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the\r\ncaller is a keep uninstalled packages delegate.\r\npackage\r\nNames\r\nList : List of package names to keep cached.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nsetKeyPairCertificate\r\npublic boolean setKeyPairCertificate (ComponentName admin,\r\n String alias,\r\n List\u003cCertificate\u003e certs,\r\n boolean isUserSelectable)\r\nThis API can be called by the following to associate certificates with a key pair that was generated using\r\ngenerateKeyPair(ComponentName, String, KeyGenParameterSpec, int) , and set whether the key is available for the\r\nuser to choose in the certificate selection prompt:\r\nDevice owner\r\nProfile owner\r\nDelegated certificate installer\r\nCredential management app\r\nFrom Android Build.VERSION_CODES.S , the credential management app can call this API. If called by the credential\r\nmanagement app, the componentName must be null . Note, there can only be a credential management app on an\r\nunmanaged device.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if the\r\ncaller is not a device admin.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 223 of 279\n\nalias\r\nString : The private key alias under which to install the certificate. The alias should denote\r\nan existing private key. If a certificate with that alias already exists, it will be overwritten.\r\nThis value cannot be null .\r\ncerts\r\nList : The certificate chain to install. The chain should start with the leaf certificate and include\r\nthe chain of trust in order. This will be returned by KeyChain.getCertificateChain(Context,\r\nString) .\r\nThis value cannot be null .\r\nisUser\r\nSelectable\r\nboolean : true to indicate that a user can select this key via the certificate selection prompt,\r\nfalse to indicate that this key can only be granted access by implementing DeviceAdmin\r\nReceiver.onChoosePrivateKeyAlias(Context, Intent, int, Uri, String) .\r\nReturns\r\nboolean\r\ntrue if the provided alias exists and the certificates has been successfully associated with it,\r\nfalse otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not null and not a device or profile owner, or admin is null but the calling\r\napplication is not a delegated certificate installer or credential management app.\r\nsetKeyguardDisabled\r\npublic boolean setKeyguardDisabled (ComponentName admin,\r\n boolean disabled)\r\nCalled by a device owner or profile owner of secondary users that is affiliated with the device to disable the keyguard\r\naltogether.\r\nSetting the keyguard to disabled has the same effect as choosing \"None\" as the screen lock type. However, this call has\r\nno effect if a password, pin or pattern is currently set. If a password, pin or pattern is set after the keyguard was\r\ndisabled, the keyguard stops being disabled.\r\nAs of Build.VERSION_CODES.P , this call also dismisses the keyguard if it is currently shown.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ndisabled boolean : true disables the keyguard, false reenables it.\r\nReturns\r\nboolean false if attempting to disable the keyguard while a lock password was in place. true otherwise.\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 224 of 279\n\nSecurity\r\nException\r\nif admin is not the device owner, or a profile owner of secondary user that is affiliated with\r\nthe device.\r\nsetKeyguardDisabledFeatures\r\npublic void setKeyguardDisabledFeatures (ComponentName admin,\r\n int which)\r\nCalled by an application that is administering the device to disable keyguard customizations, such as widgets. After\r\nsetting this, keyguard features will be disabled according to the provided feature list.\r\nA calling device admin must have requested DeviceAdminInfo.USES_POLICY_DISABLE_KEYGUARD_FEATURES to be able to\r\ncall this method; if it has not, a security exception will be thrown.\r\nCalling this from a managed profile before version Build.VERSION_CODES.M will throw a security exception. From\r\nversion Build.VERSION_CODES.M the profile owner of a managed profile can set:\r\nKEYGUARD_DISABLE_TRUST_AGENTS , which affects the parent user, but only if there is no separate challenge set on\r\nthe managed profile.\r\nKEYGUARD_DISABLE_FINGERPRINT , KEYGUARD_DISABLE_FACE or KEYGUARD_DISABLE_IRIS which affects the\r\nmanaged profile challenge if there is one, or the parent user otherwise.\r\nKEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS which affects notifications generated by applications in the\r\nmanaged profile.\r\nFrom version Build.VERSION_CODES.VANILLA_ICE_CREAM , the profile owner of a managed profile can also set\r\nKEYGUARD_DISABLE_WIDGETS_ALL which disables keyguard widgets for the managed profile.\r\nFrom version Build.VERSION_CODES.R the profile owner of an organization-owned managed profile can set:\r\nKEYGUARD_DISABLE_SECURE_CAMERA which affects the parent user when called on the parent profile.\r\nKEYGUARD_DISABLE_SECURE_NOTIFICATIONS which affects the parent user when called on the parent profile.\r\nStarting from version Build.VERSION_CODES.VANILLA_ICE_CREAM the profile owner of an organization-owned managed\r\nprofile can set:\r\nKEYGUARD_DISABLE_WIDGETS_ALL which affects the parent user when called on the parent profile.\r\nKEYGUARD_DISABLE_TRUST_AGENTS , KEYGUARD_DISABLE_FINGERPRINT , KEYGUARD_DISABLE_FACE ,\r\nKEYGUARD_DISABLE_IRIS , KEYGUARD_DISABLE_SECURE_CAMERA and KEYGUARD_DISABLE_SECURE_NOTIFICATIONS can also\r\nbe set on the DevicePolicyManager instance returned by getParentProfileInstance(ComponentName) in order to set\r\nrestrictions on the parent profile. KEYGUARD_DISABLE_SECURE_CAMERA can only be set on the parent profile instance if\r\nthe calling device admin is the profile owner of an organization-owned managed profile.\r\nRequests to disable other features on a managed profile will be ignored.\r\nThe admin can check which features have been disabled by calling getKeyguardDisabledFeatures(ComponentName)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 225 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nwhich\r\nint : The disabled features flag which can be either KEYGUARD_DISABLE_FEATURES_NONE (default),\r\nKEYGUARD_DISABLE_FEATURES_ALL , or a combination of KEYGUARD_DISABLE_WIDGETS_ALL , KEYGUARD_\r\nDISABLE_SECURE_CAMERA , KEYGUARD_DISABLE_SECURE_NOTIFICATIONS , KEYGUARD_DISABLE_TRUST_\r\nAGENTS , KEYGUARD_DISABLE_UNREDACTED_NOTIFICATIONS , KEYGUARD_DISABLE_FINGERPRINT , KEYGUARD_\r\nDISABLE_FACE , KEYGUARD_DISABLE_IRIS , KEYGUARD_DISABLE_SHORTCUTS_ALL .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator or does not use DeviceAdminInfo.USES_POLICY_\r\nDISABLE_KEYGUARD_FEATURES\r\nsetLocationEnabled\r\npublic void setLocationEnabled (ComponentName admin,\r\n boolean locationEnabled)\r\nCalled by device owners to set the user's global location setting.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlocation\r\nEnabled\r\nboolean : whether location should be enabled or disabled. Note: on automotive builds ,\r\ncalls to disable will be ignored.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nsetLockTaskFeatures\r\npublic void setLockTaskFeatures (ComponentName admin,\r\n int flags)\r\nSets which system features are enabled when the device runs in lock task mode. This method doesn't affect the features\r\nwhen lock task mode is inactive. Any system features not included in flags are implicitly disabled when calling this\r\nmethod. By default, only LOCK_TASK_FEATURE_GLOBAL_ACTIONS is enabled; all the other features are disabled. To disable\r\nthe global actions dialog, call this method omitting LOCK_TASK_FEATURE_GLOBAL_ACTIONS .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 226 of 279\n\nThis method can only be called by the device owner, a profile owner of an affiliated user or profile, or the profile owner\r\nwhen no device owner is set or holders of the permission Manifest.permission.MANAGE_DEVICE_POLICY_LOCK_TASK .\r\nSee isAffiliatedUser() . Any features set using this method are cleared if the user becomes unaffiliated.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the lock task features policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.LOCK_TASK_POLICY\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , lock task features and lock task packages are bundled as one\r\npolicy. A failure to apply one will result in a failure to apply the other.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nflags\r\nint : The system features enabled during lock task mode.\r\nValue is either 0 or a combination of the following:\r\nLOCK_TASK_FEATURE_NONE\r\nLOCK_TASK_FEATURE_SYSTEM_INFO\r\nLOCK_TASK_FEATURE_NOTIFICATIONS\r\nLOCK_TASK_FEATURE_HOME\r\nLOCK_TASK_FEATURE_OVERVIEW\r\nLOCK_TASK_FEATURE_GLOBAL_ACTIONS\r\nLOCK_TASK_FEATURE_KEYGUARD\r\nLOCK_TASK_FEATURE_BLOCK_ACTIVITY_START_IN_TASK\r\nThrows\r\nSecurity\r\nException\r\nif admin is not the device owner, the profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holder of the permission Manifest.permission.MANAGE_\r\nDEVICE_POLICY_LOCK_TASK .\r\nsetLockTaskPackages\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 227 of 279\n\npublic void setLockTaskPackages (ComponentName admin,\r\n String[] packages)\r\nSets which packages may enter lock task mode.\r\nAny packages that share uid with an allowed package will also be allowed to activate lock task. From\r\nBuild.VERSION_CODES.M removing packages from the lock task package list results in locked tasks belonging to those\r\npackages to be finished.\r\nThis function can only be called by the device owner, a profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holders of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_LOCK_TASK . See isAffiliatedUser() . Any package set via this method\r\nwill be cleared if the user becomes unaffiliated.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the lock task policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.LOCK_TASK_POLICY\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , lock task features and lock task packages are bundled as one\r\npolicy. A failure to apply one will result in a failure to apply the other.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\npackages\r\nString : The list of packages allowed to enter lock task mode.\r\nThis value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not the device owner, the profile owner of an affiliated user or profile, or the profile\r\nowner when no device owner is set or holder of the permission Manifest.permission.MANAGE_\r\nDEVICE_POLICY_LOCK_TASK .\r\nSee also:\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 228 of 279\n\nisAffiliatedUser()\r\nActivity.startLockTask()\r\nDeviceAdminReceiver.onLockTaskModeEntering(Context,Intent,String)\r\nDeviceAdminReceiver.onLockTaskModeExiting(Context,Intent)\r\nUserManager.DISALLOW_CREATE_WINDOWS\r\nsetLogoutEnabled\r\npublic void setLogoutEnabled (ComponentName admin,\r\n boolean enabled)\r\nCalled by a device owner to specify whether logout is enabled for all secondary users. The system may show a logout\r\nbutton that stops the user and switches back to the primary user.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nenabled boolean : whether logout should be enabled or not.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nsetLongSupportMessage\r\npublic void setLongSupportMessage (ComponentName admin,\r\n CharSequence message)\r\nCalled by a device admin to set the long support message. This will be displayed to the user in the device administrators\r\nsettings screen. If the message is longer than 20000 characters it may be truncated.\r\nIf the long support message needs to be localized, it is the responsibility of the DeviceAdminReceiver to listen to the\r\nIntent.ACTION_LOCALE_CHANGED broadcast and set a new version of this string accordingly.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nmessage\r\nCharSequence : Long message to be displayed to the user in settings or null to clear the existing\r\nmessage.\r\nThrows\r\nSecurityException if admin is not an active administrator.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 229 of 279\n\nsetManagedProfileCallerIdAccessPolicy\r\npublic void setManagedProfileCallerIdAccessPolicy (PackagePolicy policy)\r\nCalled by a profile owner of a managed profile to set the packages that are allowed to lookup contacts in the managed\r\nprofile based on caller id information.\r\nFor example, the policy determines if a dialer app in the parent profile resolving an incoming call can search the caller\r\nid data, such as phone number, of managed contacts and return managed contacts that match.\r\nThe calling device admin must be a profile owner of a managed profile. If it is not, a SecurityException will be\r\nthrown.\r\nA PackagePolicy.PACKAGE_POLICY_ALLOWLIST_AND_SYSTEM policy type allows access from the OEM default packages\r\nfor the Sms, Dialer and Contact roles, in addition to the packages specified in PackagePolicy.getPackageNames()\r\nParameters\r\npolicy PackagePolicy : the policy to set, setting this value to null will allow all packages\r\nThrows\r\nSecurityException if caller is not a profile owner of a managed profile\r\nsetManagedProfileContactsAccessPolicy\r\npublic void setManagedProfileContactsAccessPolicy (PackagePolicy policy)\r\nCalled by a profile owner of a managed profile to set the packages that are allowed access to the managed profile\r\ncontacts from the parent user.\r\nFor example, the system will enforce the provided policy and determine if contacts in the managed profile are shown\r\nwhen queried by an application in the parent user.\r\nThe calling device admin must be a profile owner of a managed profile. If it is not, a SecurityException will be\r\nthrown.\r\nA PackagePolicy.PACKAGE_POLICY_ALLOWLIST_AND_SYSTEM policy type allows access from the OEM default packages\r\nfor the Sms, Dialer and Contact roles, in addition to the packages specified in PackagePolicy.getPackageNames()\r\nParameters\r\npolicy PackagePolicy : the policy to set, setting this value to null will allow all packages\r\nThrows\r\nSecurityException if caller is not a profile owner of a managed profile\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 230 of 279\n\nsetManagedProfileMaximumTimeOff\r\npublic void setManagedProfileMaximumTimeOff (ComponentName admin,\r\n long timeoutMillis)\r\nCalled by a profile owner of an organization-owned managed profile to set maximum time the profile is allowed to be\r\nturned off. If the profile is turned off for longer, personal apps are suspended on the device.\r\nWhen personal apps are suspended, an ongoing notification about that is shown to the user. When the user taps the\r\nnotification, system invokes ACTION_CHECK_POLICY_COMPLIANCE in the profile owner package. Profile owner\r\nimplementation that uses personal apps suspension must handle this intent.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ntimeout\r\nMillis\r\nlong : Maximum time the profile is allowed to be off in milliseconds or 0 if not limited. The\r\nminimum non-zero value corresponds to 72 hours. If an admin sets a smaller non-zero value, 72\r\nhours will be set instead.\r\nThrows\r\nIllegalState\r\nException\r\nif the profile owner doesn't have an activity that handles ACTION_CHECK_POLICY_\r\nCOMPLIANCE\r\nsetManagedSubscriptionsPolicy\r\npublic void setManagedSubscriptionsPolicy (ManagedSubscriptionsPolicy policy)\r\nCalled by a profile owner of an organization-owned device to specify ManagedSubscriptionsPolicy\r\nManaged subscriptions policy controls how SIMs would be associated with the managed profile. For example a policy\r\nof type ManagedSubscriptionsPolicy.TYPE_ALL_MANAGED_SUBSCRIPTIONS assigns all SIM-based subscriptions to the\r\nmanaged profile. In this case OEM default dialer and messages app are automatically installed in the managed profile\r\nand all incoming and outgoing calls and text messages are handled by them.\r\nThis API can only be called during device setup.\r\nParameters\r\npolicy\r\nManagedSubscriptionsPolicy : ManagedSubscriptionsPolicy policy, passing null for this resets the\r\npolicy to be the default.\r\nThrows\r\nIllegalStateException if called after the device setup has been completed.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 231 of 279\n\nSecurityException if the caller is not a profile owner on an organization-owned managed profile.\r\nUnsupportedOperation\r\nException\r\nif managed subscriptions policy is not explicitly enabled by the device policy\r\nmanagement role holder during device setup.\r\nsetMasterVolumeMuted\r\npublic void setMasterVolumeMuted (ComponentName admin,\r\n boolean on)\r\nCalled by profile or device owners to set the global volume mute on or off. This has no effect when set on a managed\r\nprofile.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\non boolean : true to mute global volume, false to turn mute off.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetMaximumFailedPasswordsForWipe\r\npublic void setMaximumFailedPasswordsForWipe (ComponentName admin,\r\n int num)\r\nSetting this to a value greater than zero enables a policy that will perform a device or profile wipe after too many\r\nincorrect device-unlock passwords have been entered. This policy combines watching for failed passwords and wiping\r\nthe device, and requires that calling Device Admins request both DeviceAdminInfo.USES_POLICY_WATCH_LOGIN and\r\nDeviceAdminInfo.USES_POLICY_WIPE_DATA }.\r\nWhen this policy is set on the system or the main user, the device will be factory reset after too many incorrect\r\npassword attempts. When set on any other user, only the corresponding user or profile will be wiped.\r\nTo implement any other policy (e.g. wiping data for a particular application only, erasing or revoking credentials, or\r\nreporting the failure to a server), you should implement\r\nDeviceAdminReceiver.onPasswordFailed(Context,android.content.Intent) instead. Do not use this API, because if\r\nthe maximum count is reached, the device or profile will be wiped immediately, and your callback will not be invoked.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to set a value on the parent profile. This allows a profile wipe\r\nafter too many incorrect device-unlock password have been entered on the parent profile even if each profile has a\r\nseparate challenge.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 232 of 279\n\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always empty and\r\nthis method has no effect - i.e. the policy is not set.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\nnum int : The number of failed password attempts at which point the device or profile will be wiped.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not null, and admin is not an active administrator or does not use both Device\r\nAdminInfo.USES_POLICY_WATCH_LOGIN and DeviceAdminInfo.USES_POLICY_WIPE_DATA , or if\r\nadmin is null and the caller does not have permission to wipe the device.\r\nsetMaximumTimeToLock\r\npublic void setMaximumTimeToLock (ComponentName admin,\r\n long timeMs)\r\nCalled by an application that is administering the device to set the maximum time for user activity until the device will\r\nlock. This limits the length that the user can set. It takes effect immediately.\r\nA calling device admin must have requested DeviceAdminInfo.USES_POLICY_FORCE_LOCK to be able to call this method;\r\nif it has not, a security exception will be thrown.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not\r\na device admin.\r\nThis value may be null .\r\ntime\r\nMs\r\nlong : The new desired maximum time to lock in milliseconds. A value of 0 means there is no\r\nrestriction.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator or it does not use DeviceAdminInfo.USES_POLICY_\r\nFORCE_LOCK\r\nsetMeteredDataDisabledPackages\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 233 of 279\n\npublic List\u003cString\u003e setMeteredDataDisabledPackages (ComponentName admin,\r\n List\u003cString\u003e packageNames)\r\nCalled by a device or profile owner to restrict packages from using metered data.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\npackageNames\r\nList : the list of package names to be restricted.\r\nThis value cannot be null .\r\nReturns\r\nList\u003cString\u003e\r\na list of package names which could not be restricted.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetMinimumRequiredWifiSecurityLevel\r\npublic void setMinimumRequiredWifiSecurityLevel (int level)\r\nCalled by device owner or profile owner of an organization-owned managed profile to specify the minimum security\r\nlevel required for Wi-Fi networks. The device may not connect to networks that do not meet the minimum security\r\nlevel. If the current network does not meet the minimum security level set, it will be disconnected. The following shows\r\nthe Wi-Fi security levels from the lowest to the highest security level: WIFI_SECURITY_OPEN WIFI_SECURITY_PERSONAL\r\nWIFI_SECURITY_ENTERPRISE_EAP WIFI_SECURITY_ENTERPRISE_192\r\nParameters\r\nlevel\r\nint : minimum security level.\r\nValue is one of the following:\r\nWIFI_SECURITY_OPEN\r\nWIFI_SECURITY_PERSONAL\r\nWIFI_SECURITY_ENTERPRISE_EAP\r\nWIFI_SECURITY_ENTERPRISE_192\r\nThrows\r\nSecurityException if the caller is not permitted to set this policy\r\nsetMtePolicy\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 234 of 279\n\npublic void setMtePolicy (int policy)\r\nCalled by a device owner, profile owner of an organization-owned device, to set the Memory Tagging Extension (MTE)\r\npolicy. MTE is a CPU extension that allows to protect against certain classes of security problems at a small runtime\r\nperformance cost overhead.\r\nThe MTE policy can only be set to MTE_DISABLED if called by a device owner. Otherwise a SecurityException will\r\nbe thrown.\r\nThe device needs to be rebooted to apply changes to the MTE policy.\r\nParameters\r\npolicy\r\nint : the MTE policy to be set.\r\nValue is one of the following:\r\nMTE_ENABLED\r\nMTE_DISABLED\r\nMTE_NOT_CONTROLLED_BY_POLICY\r\nThrows\r\nSecurityException if caller is not permitted to set Mte policy\r\nUnsupportedOperationException if the device does not support MTE\r\nsetNearbyAppStreamingPolicy\r\npublic void setNearbyAppStreamingPolicy (int policy)\r\nCalled by a device/profile owner to set nearby app streaming policy. App streaming is when the device starts an app on\r\na virtual display and sends a video stream of the app to nearby devices.\r\nParameters\r\npolicy\r\nint : One of the NearbyStreamingPolicy constants.\r\nValue is one of the following:\r\nNEARBY_STREAMING_NOT_CONTROLLED_BY_POLICY\r\nNEARBY_STREAMING_DISABLED\r\nNEARBY_STREAMING_ENABLED\r\nNEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY\r\nThrows\r\nSecurityException if caller is not a device or profile owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 235 of 279\n\nsetNearbyNotificationStreamingPolicy\r\npublic void setNearbyNotificationStreamingPolicy (int policy)\r\nCalled by a device/profile owner to set nearby notification streaming policy. Notification streaming is sending\r\nnotification data from pre-installed apps to nearby devices.\r\nParameters\r\npolicy\r\nint : One of the NearbyStreamingPolicy constants.\r\nValue is one of the following:\r\nNEARBY_STREAMING_NOT_CONTROLLED_BY_POLICY\r\nNEARBY_STREAMING_DISABLED\r\nNEARBY_STREAMING_ENABLED\r\nNEARBY_STREAMING_SAME_MANAGED_ACCOUNT_ONLY\r\nThrows\r\nSecurityException if caller is not a device or profile owner\r\nsetNetworkLoggingEnabled\r\npublic void setNetworkLoggingEnabled (ComponentName admin,\r\n boolean enabled)\r\nCalled by a device owner, profile owner of a managed profile or delegated app with DELEGATION_NETWORK_LOGGING to\r\ncontrol the network logging feature.\r\nSupported for a device owner from Android 8 and a delegated app granted by a device owner from Android 10.\r\nSupported for a profile owner of a managed profile and a delegated app granted by a profile owner from Android 12.\r\nWhen network logging is enabled by a profile owner, the network logs will only include work profile network activity,\r\nnot activity on the personal profile.\r\nNetwork logs contain DNS lookup and connect() library call events. The following library functions are recorded while\r\nnetwork logging is active:\r\ngetaddrinfo()\r\ngethostbyname()\r\nconnect()\r\nNetwork logging is a low-overhead tool for forensics but it is not guaranteed to use full system call logging; event\r\nreporting is enabled by default for all processes but not strongly enforced. Events from applications using alternative\r\nimplementations of libc, making direct kernel calls, or deliberately obfuscating traffic may not be recorded.\r\nSome common network events may not be reported. For example:\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 236 of 279\n\nApplications may hardcode IP addresses to reduce the number of DNS lookups, or use an alternative system for\r\nname resolution, and so avoid calling getaddrinfo() or gethostbyname .\r\nApplications may use datagram sockets for performance reasons, for example for a game client. Calling\r\nconnect() is unnecessary for this kind of socket, so it will not trigger a network event.\r\nIt is possible to directly intercept layer 3 traffic leaving the device using an always-on VPN service. See\r\nsetAlwaysOnVpnPackage(ComponentName,String,boolean) and VpnService for details.\r\nNote: The device owner won't be able to retrieve network logs if there are unaffiliated secondary users or profiles on\r\nthe device, regardless of whether the feature is enabled. Logs will be discarded if the internal buffer fills up while\r\nwaiting for all users to become affiliated. Therefore it's recommended that affiliation ids are set for new users as soon as\r\npossible after provisioning via setAffiliationIds(ComponentName, Set) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if called by\r\na delegated app.\r\nenabled boolean : whether network logging should be enabled or not.\r\nThrows\r\nSecurityException if admin is not a device owner or profile owner.\r\nsetOrganizationColor\r\npublic void setOrganizationColor (ComponentName admin,\r\n int color)\r\nThis method was deprecated in API level 31.\r\nFrom Build.VERSION_CODES.R , the organization color is never used as the background color of the confirm credentials\r\nscreen.\r\nCalled by a profile owner of a managed profile to set the color used for customization. This color is used as background\r\ncolor of the confirm credentials screen for that user. The default color is teal (#00796B).\r\nThe confirm credentials screen can be created using\r\nKeyguardManager.createConfirmDeviceCredentialIntent(CharSequence, CharSequence) .\r\nStarting from Android R, the organization color will no longer be used as the background color of the confirm\r\ncredentials screen.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\ncolor int : The 24bit (0xRRGGBB) representation of the color to be used.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 237 of 279\n\nThrows\r\nSecurityException if admin is not a profile owner.\r\nsetOrganizationId\r\npublic void setOrganizationId (String enterpriseId)\r\nSets the Enterprise ID for the work profile or managed device. This is a requirement for generating an enrollment-specific ID for the device, see getEnrollmentSpecificId() . It is recommended that the Enterprise ID is at least 6\r\ncharacters long, and no more than 64 characters.\r\nParameters\r\nenterpriseId\r\nString : An identifier of the organization this work profile or device is enrolled into.\r\nThis value cannot be null .\r\nsetOrganizationName\r\npublic void setOrganizationName (ComponentName admin,\r\n CharSequence title)\r\nCalled by the device owner (since API 26) or profile owner (since API 24) to set the name of the organization under\r\nmanagement.\r\nIf the organization name needs to be localized, it is the responsibility of the caller to listen to the\r\nIntent.ACTION_LOCALE_CHANGED broadcast and set a new version of this string accordingly.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\ntitle CharSequence : The organization name or null to clear a previously set name.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetOverrideApnsEnabled\r\npublic void setOverrideApnsEnabled (ComponentName admin,\r\n boolean enabled)\r\nCalled by device owner to set if override APNs should be enabled.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 238 of 279\n\nOverride APNs are separated from other APNs on the device, and can only be inserted or modified by the device owner.\r\nWhen enabled, only override APNs are in use, any other APNs are ignored.\r\nNote: Enterprise APNs added by managed profile owners do not need to be enabled by this API. They are part of the\r\npreferential network service config and is controlled by setPreferentialNetworkServiceConfigs(List) .\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nenabled boolean : true if override APNs should be enabled, false otherwise\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nsetPackagesSuspended\r\npublic String[] setPackagesSuspended (ComponentName admin,\r\n String[] packageNames,\r\n boolean suspended)\r\nCalled by device or profile owners to suspend packages for this user. This function can be called by a device owner,\r\nprofile owner, or by a delegate given the DELEGATION_PACKAGE_ACCESS scope via setDelegatedScopes(ComponentName,\r\nString, List) .\r\nA suspended package will not be able to start activities. Its notifications will be hidden, it will not show up in recents,\r\nwill not be able to show toasts or dialogs or ring the device.\r\nThe package must already be installed. If the package is uninstalled while suspended the package will no longer be\r\nsuspended. The admin can block this by using setUninstallBlocked(ComponentName, String, boolean) .\r\nSome apps cannot be suspended, such as device admins, the active launcher, the required package installer, the required\r\npackage uninstaller, the required package verifier, the default dialer, and the permission controller.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller\r\nis not a device admin.\r\nThis value may be null .\r\npackage\r\nNames\r\nString : The package names to suspend or unsuspend.\r\nThis value cannot be null .\r\nsuspended\r\nboolean : If set to true than the packages will be suspended, if set to false the packages\r\nwill be unsuspended.\r\nReturns\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 239 of 279\n\nString[]\r\nan array of package names for which the suspended status is not set as requested in this method.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetPasswordExpirationTimeout\r\npublic void setPasswordExpirationTimeout (ComponentName admin,\r\n long timeout)\r\nCalled by a device admin to set the password expiration timeout. Calling this method will restart the countdown for\r\npassword expiration for the given admin, as will changing the device password (for all admins).\r\nThe provided timeout is the time delta in ms and will be added to the current time. For example, to have the password\r\nexpire 5 days from now, timeout would be 5 * 86400 * 1000 = 432000000 ms for timeout.\r\nTo disable password expiration, a value of 0 may be used for timeout.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password expiration is always\r\ndisabled.\r\nA calling device admin must have requested DeviceAdminInfo.USES_POLICY_EXPIRE_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nNote that setting the password will automatically reset the expiration time for all active admins. Active admins do not\r\nneed to explicitly call this method in that case.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\ntimeout\r\nlong : The limit (in ms) that a password can remain in effect. A value of 0 means there is no\r\nrestriction (unlimited).\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_EXPIRE_PASSWORD\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 240 of 279\n\nsetPasswordHistoryLength\r\npublic void setPasswordHistoryLength (ComponentName admin,\r\n int length)\r\nCalled by an application that is administering the device to set the length of the password history. After setting this, the\r\nuser will not be able to enter a new password that is the same as any password in the history. Note that the current\r\npassword will remain until the user has set a new one, so the change does not take place immediately. To prompt the\r\nuser for a new password, use ACTION_SET_NEW_PASSWORD or ACTION_SET_NEW_PARENT_PROFILE_PASSWORD after setting\r\nthis value.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password history length is\r\nalways 0.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlength int : The new desired length of password history. A value of 0 means there is no restriction.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordMinimumLength\r\npublic void setPasswordMinimumLength (ComponentName admin,\r\n int length)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nCalled by an application that is administering the device to set the minimum allowed password length. After setting this,\r\nthe user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the\r\ncurrent password will remain until the user has set a new one, so the change does not take place immediately. To prompt\r\nthe user for a new password, use ACTION_SET_NEW_PASSWORD or ACTION_SET_NEW_PARENT_PROFILE_PASSWORD after\r\nsetting this value. This constraint is only imposed if the administrator has also requested either\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 241 of 279\n\nPASSWORD_QUALITY_NUMERIC , PASSWORD_QUALITY_NUMERIC_COMPLEX , PASSWORD_QUALITY_ALPHABETIC ,\r\nPASSWORD_QUALITY_ALPHANUMERIC , or PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int) .\r\nIf an app targeting SDK level Build.VERSION_CODES.R and above enforces this constraint without settings password\r\nquality to one of these values first, this method will throw IllegalStateException .\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlength int : The new desired minimum password length. A value of 0 means there is no restriction.\r\nThrows\r\nIllegalState\r\nException\r\nif the calling app is targeting SDK level Build.VERSION_CODES.R and above and didn't set a\r\nsufficient password quality requirement prior to calling this method.\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordMinimumLetters\r\npublic void setPasswordMinimumLetters (ComponentName admin,\r\n int length)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nCalled by an application that is administering the device to set the minimum number of letters required in the password.\r\nAfter setting this, the user will not be able to enter a new password that is not at least as restrictive as what has been set.\r\nNote that the current password will remain until the user has set a new one, so the change does not take place\r\nimmediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD or\r\nACTION_SET_NEW_PARENT_PROFILE_PASSWORD after setting this value. This constraint is only imposed if the administrator\r\nhas also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int) . If an app targeting\r\nSDK level Build.VERSION_CODES.R and above enforces this constraint without settings password quality to\r\nPASSWORD_QUALITY_COMPLEX first, this method will throw IllegalStateException . The default value is 1.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 242 of 279\n\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlength\r\nint : The new desired minimum number of letters required in the password. A value of 0 means there\r\nis no restriction.\r\nThrows\r\nIllegalState\r\nException\r\nif the calling app is targeting SDK level Build.VERSION_CODES.R and above and didn't set a\r\nsufficient password quality requirement prior to calling this method.\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordMinimumLowerCase\r\npublic void setPasswordMinimumLowerCase (ComponentName admin,\r\n int length)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nCalled by an application that is administering the device to set the minimum number of lower case letters required in\r\nthe password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as\r\nwhat has been set. Note that the current password will remain until the user has set a new one, so the change does not\r\ntake place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD or\r\nACTION_SET_NEW_PARENT_PROFILE_PASSWORD after setting this value. This constraint is only imposed if the administrator\r\nhas also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int) . If an app targeting\r\nSDK level Build.VERSION_CODES.R and above enforces this constraint without settings password quality to\r\nPASSWORD_QUALITY_COMPLEX first, this method will throw IllegalStateException . The default value is 0.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 243 of 279\n\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlength\r\nint : The new desired minimum number of lower case letters required in the password. A value of 0\r\nmeans there is no restriction.\r\nThrows\r\nIllegalState\r\nException\r\nif the calling app is targeting SDK level Build.VERSION_CODES.R and above and didn't set a\r\nsufficient password quality requirement prior to calling this method.\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordMinimumNonLetter\r\npublic void setPasswordMinimumNonLetter (ComponentName admin,\r\n int length)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nCalled by an application that is administering the device to set the minimum number of non-letter characters (numerical\r\ndigits or symbols) required in the password. After setting this, the user will not be able to enter a new password that is\r\nnot at least as restrictive as what has been set. Note that the current password will remain until the user has set a new\r\none, so the change does not take place immediately. To prompt the user for a new password, use\r\nACTION_SET_NEW_PASSWORD or ACTION_SET_NEW_PARENT_PROFILE_PASSWORD after setting this value. This constraint is\r\nonly imposed if the administrator has also requested PASSWORD_QUALITY_COMPLEX with\r\nsetPasswordQuality(ComponentName, int) . If an app targeting SDK level Build.VERSION_CODES.R and above\r\nenforces this constraint without settings password quality to PASSWORD_QUALITY_COMPLEX first, this method will throw\r\nIllegalStateException . The default value is 0.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 244 of 279\n\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlength\r\nint : The new desired minimum number of letters required in the password. A value of 0 means there\r\nis no restriction.\r\nThrows\r\nIllegalState\r\nException\r\nif the calling app is targeting SDK level Build.VERSION_CODES.R and above and didn't set a\r\nsufficient password quality requirement prior to calling this method.\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordMinimumNumeric\r\npublic void setPasswordMinimumNumeric (ComponentName admin,\r\n int length)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nCalled by an application that is administering the device to set the minimum number of numerical digits required in the\r\npassword. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what\r\nhas been set. Note that the current password will remain until the user has set a new one, so the change does not take\r\nplace immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD or\r\nACTION_SET_NEW_PARENT_PROFILE_PASSWORD after setting this value. This constraint is only imposed if the administrator\r\nhas also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int) . If an app targeting\r\nSDK level Build.VERSION_CODES.R and above enforces this constraint without settings password quality to\r\nPASSWORD_QUALITY_COMPLEX first, this method will throw IllegalStateException . The default value is 1.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 245 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlength\r\nint : The new desired minimum number of numerical digits required in the password. A value of 0\r\nmeans there is no restriction.\r\nThrows\r\nIllegalState\r\nException\r\nif the calling app is targeting SDK level Build.VERSION_CODES.R and above and didn't set a\r\nsufficient password quality requirement prior to calling this method.\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordMinimumSymbols\r\npublic void setPasswordMinimumSymbols (ComponentName admin,\r\n int length)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nCalled by an application that is administering the device to set the minimum number of symbols required in the\r\npassword. After setting this, the user will not be able to enter a new password that is not at least as restrictive as what\r\nhas been set. Note that the current password will remain until the user has set a new one, so the change does not take\r\nplace immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD or\r\nACTION_SET_NEW_PARENT_PROFILE_PASSWORD after setting this value. This constraint is only imposed if the administrator\r\nhas also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int) . If an app targeting\r\nSDK level Build.VERSION_CODES.R and above enforces this constraint without settings password quality to\r\nPASSWORD_QUALITY_COMPLEX first, this method will throw IllegalStateException . The default value is 1.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 246 of 279\n\nlength\r\nint : The new desired minimum number of symbols required in the password. A value of 0 means\r\nthere is no restriction.\r\nThrows\r\nIllegalState\r\nException\r\nif the calling app is targeting SDK level Build.VERSION_CODES.R and above and didn't set a\r\nsufficient password quality requirement prior to calling this method.\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordMinimumUpperCase\r\npublic void setPasswordMinimumUpperCase (ComponentName admin,\r\n int length)\r\nThis method was deprecated in API level 31.\r\nsee setPasswordQuality(ComponentName,int) for details.\r\nCalled by an application that is administering the device to set the minimum number of upper case letters required in\r\nthe password. After setting this, the user will not be able to enter a new password that is not at least as restrictive as\r\nwhat has been set. Note that the current password will remain until the user has set a new one, so the change does not\r\ntake place immediately. To prompt the user for a new password, use ACTION_SET_NEW_PASSWORD or\r\nACTION_SET_NEW_PARENT_PROFILE_PASSWORD after setting this value. This constraint is only imposed if the administrator\r\nhas also requested PASSWORD_QUALITY_COMPLEX with setPasswordQuality(ComponentName, int) . If an app targeting\r\nSDK level Build.VERSION_CODES.R and above enforces this constraint without settings password quality to\r\nPASSWORD_QUALITY_COMPLEX first, this method will throw IllegalStateException . The default value is 0.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nlength\r\nint : The new desired minimum number of upper case letters required in the password. A value of 0\r\nmeans there is no restriction.\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 247 of 279\n\nIllegalState\r\nException\r\nif the calling app is targeting SDK level Build.VERSION_CODES.R and above and didn't set a\r\nsufficient password quality requirement prior to calling this method.\r\nSecurity\r\nException\r\nif admin is not an active administrator or admin does not use DeviceAdminInfo.USES_\r\nPOLICY_LIMIT_PASSWORD\r\nsetPasswordQuality\r\npublic void setPasswordQuality (ComponentName admin,\r\n int quality)\r\nThis method was deprecated in API level 31.\r\nPrefer using setRequiredPasswordComplexity(int) , to require a password that satisfies a complexity level defined by\r\nthe platform, rather than specifying custom password requirement. Setting custom, overly-complicated password\r\nrequirements leads to passwords that are hard for users to remember and may not provide any security benefits given as\r\nAndroid uses hardware-backed throttling to thwart online and offline brute-forcing of the device's screen lock.\r\nCompany-owned devices (fully-managed and organization-owned managed profile devices) are able to continue using\r\nthis method, though it is recommended that setRequiredPasswordComplexity(int) should be used instead.\r\nCalled by an application that is administering the device to set the password restrictions it is imposing. After setting\r\nthis, the user will not be able to enter a new password that is not at least as restrictive as what has been set. Note that the\r\ncurrent password will remain until the user has set a new one, so the change does not take place immediately. To prompt\r\nthe user for a new password, use ACTION_SET_NEW_PASSWORD or ACTION_SET_NEW_PARENT_PROFILE_PASSWORD after\r\ncalling this method.\r\nQuality constants are ordered so that higher values are more restrictive; thus the highest requested quality constant\r\n(between the policy set here, the user's preference, and any other considerations) is the one that is in effect.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the password is always treated as\r\nempty.\r\nThe calling device admin must have requested DeviceAdminInfo.USES_POLICY_LIMIT_PASSWORD to be able to call this\r\nmethod; if it has not, a security exception will be thrown.\r\nApps targeting Build.VERSION_CODES.R and below can call this method on the DevicePolicyManager instance\r\nreturned by getParentProfileInstance(ComponentName) in order to set restrictions on the parent profile. Apps\r\ntargeting Build.VERSION_CODES.S and above, with the exception of a profile owner on an organization-owned device\r\n(as can be identified by isOrganizationOwnedDeviceWithManagedProfile() ), will get a IllegalArgumentException\r\nwhen calling this method on the parent DevicePolicyManager instance.\r\nNote: Specifying password requirements using this method clears the password complexity requirements set using\r\nsetRequiredPasswordComplexity(int) . If this method is called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) , then password complexity requirements set on the primary\r\nDevicePolicyManager must be cleared first by calling setRequiredPasswordComplexity(int) with\r\nPASSWORD_COMPLEXITY_NONE first.\r\nNote: this method is ignored on {PackageManager#FEATURE_AUTOMOTIVE automotive builds}.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 248 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nquality\r\nint : The new desired quality. One of PASSWORD_QUALITY_UNSPECIFIED , PASSWORD_QUALITY_\r\nBIOMETRIC_WEAK , PASSWORD_QUALITY_SOMETHING , PASSWORD_QUALITY_NUMERIC , PASSWORD_QUALITY_\r\nNUMERIC_COMPLEX , PASSWORD_QUALITY_ALPHABETIC , PASSWORD_QUALITY_ALPHANUMERIC or PASSWORD_\r\nQUALITY_COMPLEX .\r\nThrows\r\nIllegalState\r\nException\r\nif the caller is trying to set password quality on the parent DevicePolicyManager instance while\r\npassword complexity was set on the primary DevicePolicyManager instance.\r\nSecurity\r\nException\r\nif admin is not an active administrator, if admin does not use DeviceAdminInfo.USES_POLICY_\r\nLIMIT_PASSWORD or if the calling app is targeting Build.VERSION_CODES.S and above, and is\r\ncalling the method the DevicePolicyManager instance returned by getParentProfileInstance(\r\nComponentName) .\r\nsetPermissionGrantState\r\npublic boolean setPermissionGrantState (ComponentName admin,\r\n String packageName,\r\n String permission,\r\n int grantState)\r\nSets the grant state of a runtime permission for a specific application. The state can be default in which a user can\r\nmanage it through the UI, denied , in which the permission is denied and the user cannot manage it through the UI,\r\nand granted in which the permission is granted and the user cannot manage it through the UI. This method can only\r\nbe called by a profile owner, device owner, or a delegate given the DELEGATION_PERMISSION_GRANT scope via\r\nsetDelegatedScopes(ComponentName, String, List) .\r\nNote that user cannot manage other permissions in the affected group through the UI either and their granted state will\r\nbe kept as the current value. Thus, it's recommended that you set the grant state of all the permissions in the affected\r\ngroup.\r\nSetting the grant state to default does not revoke the permission. It retains the previous grant, if any.\r\nDevice admins with a targetSdkVersion \u003c Build.VERSION_CODES.Q cannot grant and revoke permissions for\r\napplications built with a targetSdkVersion \u003c Build.VERSION_CODES.M .\r\nAdmins with a targetSdkVersion ≥ Build.VERSION_CODES.Q can grant and revoke permissions of all apps. Similar to\r\nthe user revoking a permission from a application built with a targetSdkVersion \u003c Build.VERSION_CODES.M the app-op matching the permission is set to AppOpsManager.MODE_IGNORED , but the permission stays granted.\r\nNOTE: On devices running Build.VERSION_CODES.S and above, control over the following, sensors-related,\r\npermissions is restricted:\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 249 of 279\n\nManifest.permission.ACCESS_FINE_LOCATION\r\nManifest.permission.ACCESS_BACKGROUND_LOCATION\r\nManifest.permission.ACCESS_COARSE_LOCATION\r\nManifest.permission.CAMERA\r\nManifest.permission.RECORD_AUDIO\r\nManifest.permission.RECORD_BACKGROUND_AUDIO\r\nManifest.permission.ACTIVITY_RECOGNITION\r\nManifest.permission.BODY_SENSORS\r\nOn devices running Build.VERSION_CODES.BAKLAVA , the HealthPermissions are also included in the restricted list.\r\nA profile owner may not grant these permissions (i.e. call this method with any of the permissions listed above and\r\ngrantState of #PERMISSION_GRANT_STATE_GRANTED ), but may deny them.\r\nA device owner, by default, may continue granting these permissions. However, for increased user control, the admin\r\nmay opt out of controlling grants for these permissions by including\r\nEXTRA_PROVISIONING_SENSORS_PERMISSION_GRANT_OPT_OUT in the provisioning parameters. In that case the device\r\nowner's control will be limited to denying these permissions.\r\nWhen sensor-related permissions aren't grantable due to the above cases, calling this method to grant these permissions\r\nwill silently fail, if device admins are built with targetSdkVersion \u003c Build.VERSION_CODES.VANILLA_ICE_CREAM . If\r\nthey are built with targetSdkVersion \u003e= Build.VERSION_CODES.VANILLA_ICE_CREAM , this method will throw a\r\nSecurityException .\r\nNOTE: On devices running Build.VERSION_CODES.S and above, control over the following permissions are restricted\r\nfor managed profile owners:\r\nManifest.permission.READ_SMS\r\nA managed profile owner may not grant these permissions (i.e. call this method with any of the permissions listed above\r\nand grantState of #PERMISSION_GRANT_STATE_GRANTED ), but may deny them.\r\nAttempts by the admin to grant these permissions, when the admin is restricted from doing so, will be silently ignored\r\n(no exception will be thrown). Control over the following permissions are restricted for managed profile owners:\r\nManifest.permission.READ_SMS\r\nA managed profile owner may not grant these permissions (i.e. call this method with any of the permissions listed above\r\nand grantState of #PERMISSION_GRANT_STATE_GRANTED ), but may deny them.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller\r\nis not a device admin.\r\nThis value may be null .\r\npackage\r\nName\r\nString : The application to grant or revoke a permission to.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 250 of 279\n\npermission\r\nString : The permission to grant or revoke.\r\nThis value cannot be null .\r\ngrantState\r\nint : The permission grant state which is one of PERMISSION_GRANT_STATE_DENIED ,\r\nPERMISSION_GRANT_STATE_DEFAULT , PERMISSION_GRANT_STATE_GRANTED ,.\r\nValue is one of the following:\r\nPERMISSION_GRANT_STATE_DEFAULT\r\nPERMISSION_GRANT_STATE_GRANTED\r\nPERMISSION_GRANT_STATE_DENIED\r\nReturns\r\nboolean whether the permission was successfully granted or revoked.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nSee also:\r\nPERMISSION_GRANT_STATE_DENIED\r\nPERMISSION_GRANT_STATE_DEFAULT\r\nPERMISSION_GRANT_STATE_GRANTED\r\nsetDelegatedScopes(ComponentName, String, List)\r\nDELEGATION_PERMISSION_GRANT\r\nsetPermissionPolicy\r\npublic void setPermissionPolicy (ComponentName admin,\r\n int policy)\r\nSet the default response for future runtime permission requests by applications. This function can be called by a device\r\nowner, profile owner, or by a delegate given the DELEGATION_PERMISSION_GRANT scope via\r\nsetDelegatedScopes(ComponentName, String, List) . The policy can allow for normal operation which prompts the\r\nuser to grant a permission, or can allow automatic granting or denying of runtime permission requests by an application.\r\nThis also applies to new permissions declared by app updates. When a permission is denied or granted this way, the\r\neffect is equivalent to setting the permission * grant state via setPermissionGrantState(ComponentName, String,\r\nString, int) .\r\nAs this policy only acts on runtime permission requests, it only applies to applications built with a targetSdkVersion\r\nof Build.VERSION_CODES.M or later.\r\nNOTE: On devices running Build.VERSION_CODES.S and above, an auto-grant policy will not apply to certain sensors-related permissions on some configurations. See setPermissionGrantState(ComponentName,String,String,int) for\r\nthe list of permissions affected, and the behavior change for managed profiles and fully-managed devices.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 251 of 279\n\nParameters\r\nadmin\r\nComponentName : Which profile or device owner this request is associated with, or null if the caller\r\nis a set permission policy delegate.\r\npolicy\r\nint : One of the policy constants PERMISSION_POLICY_PROMPT , PERMISSION_POLICY_AUTO_GRANT and\r\nPERMISSION_POLICY_AUTO_DENY .\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nSee also:\r\nsetPermissionGrantState(ComponentName, String, String, int)\r\nsetDelegatedScopes(ComponentName, String, List)\r\nDELEGATION_PERMISSION_GRANT\r\nsetPermittedAccessibilityServices\r\npublic boolean setPermittedAccessibilityServices (ComponentName admin,\r\n List\u003cString\u003e packageNames)\r\nCalled by a profile or device owner to set the permitted AccessibilityService . When set by a device owner or profile\r\nowner the restriction applies to all profiles of the user the device owner or profile owner is an admin for. By default, the\r\nuser can use any accessibility service. When zero or more packages have been added, accessibility services that are not\r\nin the list and not part of the system can not be enabled by the user.\r\nCalling with a null value for the list disables the restriction so that all services can be used, calling with an empty list\r\nonly allows the built-in system services. Any non-system accessibility service that's currently enabled must be included\r\nin the list.\r\nSystem accessibility services are always available to the user and this method can't disable them.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\npackageNames List : List of accessibility service package names.\r\nReturns\r\nboolean\r\ntrue if the operation succeeded, or false if the list didn't contain every enabled non-system\r\naccessibility service.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 252 of 279\n\nsetPermittedCrossProfileNotificationListeners\r\npublic boolean setPermittedCrossProfileNotificationListeners (ComponentName admin,\r\n List\u003cString\u003e packageList)\r\nCalled by a profile owner of a managed profile to set the packages that are allowed to use a\r\nNotificationListenerService in the primary user to see notifications from the managed profile. By default all\r\npackages are permitted by this policy. When zero or more packages have been added, notification listeners installed on\r\nthe primary user that are not in the list and are not part of the system won't receive events for managed profile\r\nnotifications.\r\nCalling with a null value for the list disables the restriction so that all notification listener services be used. Calling\r\nwith an empty list disables all but the system's own notification listeners. System notification listener services are\r\nalways available to the user.\r\nIf a device or profile owner want to stop notification listeners in their user from seeing that user's notifications they\r\nshould prevent that service from running instead (e.g. via setApplicationHidden(ComponentName,String,boolean) )\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\npackageList\r\nList : List of package names to allowlist.\r\nThis value may be null .\r\nReturns\r\nboolean true if setting the restriction succeeded. It will fail if called outside a managed profile\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\nsetPermittedInputMethods\r\npublic boolean setPermittedInputMethods (ComponentName admin,\r\n List\u003cString\u003e packageNames)\r\nCalled by a profile or device owner or holder of the Manifest.permission.MANAGE_DEVICE_POLICY_INPUT_METHODS\r\npermission to set the permitted input methods services for this user. By default, the user can use any input method.\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the caller must be a profile owner of an organization-owned\r\ndevice.\r\nIf called on the parent instance:\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 253 of 279\n\nThe permitted input methods will be applied on the personal profile\r\nCan only permit all input methods (calling this method with a null package list) or only permit system input\r\nmethods (calling this method with an empty package list). This is to prevent the caller from learning which\r\npackages are installed on the personal side\r\nWhen zero or more packages have been added, input method that are not in the list and not part of the system can not be\r\nenabled by the user. This method will fail if it is called for a admin that is not for the foreground user or a profile of the\r\nforeground user. Any non-system input method service that's currently enabled must be included in the list.\r\nCalling with a null value for the list disables the restriction so that all input methods can be used, calling with an empty\r\nlist disables all but the system's own input methods.\r\nSystem input methods are always available to the user - this method can't modify this.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller\r\nis not a device admin.\r\nThis value may be null .\r\npackage\r\nNames\r\nList : List of input method package names.\r\nReturns\r\nboolean\r\ntrue if the operation succeeded, or false if the list didn't contain every enabled non-system input\r\nmethod service.\r\nThrows\r\nIllegal\r\nArgument\r\nException\r\nif called on the parent profile, the admin is a profile owner of an organization-owned\r\nmanaged profile and the list of permitted input method package names is not null or empty.\r\nSecurity\r\nException\r\nif admin is not a device or profile owner and does not hold the Manifest.permission.\r\nMANAGE_DEVICE_POLICY_INPUT_METHODS permission, or if called on the parent profile and the\r\nadmin is not a profile owner of an organization-owned managed profile.\r\nsetPersonalAppsSuspended\r\npublic void setPersonalAppsSuspended (ComponentName admin,\r\n boolean suspended)\r\nCalled by a profile owner of an organization-owned managed profile to suspend personal apps on the device. When\r\npersonal apps are suspended the device can only be used for calls.\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 254 of 279\n\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nsuspended boolean : Whether personal apps should be suspended.\r\nThrows\r\nIllegalState\r\nException\r\nif the profile owner doesn't have an activity that handles ACTION_CHECK_POLICY_\r\nCOMPLIANCE\r\nsetPreferentialNetworkServiceConfigs\r\npublic void setPreferentialNetworkServiceConfigs (List\u003cPreferentialNetworkServiceConfig\u003e preferentialNetwo\r\nSets preferential network configurations. An example of a supported preferential network service is the Enterprise slice\r\non 5G networks. For devices on 4G networks, the profile owner needs to additionally configure enterprise APN to set\r\nup data call for the preferential network service. These APNs can be added using addOverrideApn(ComponentName,\r\nApnSetting) . By default, preferential network service is disabled on the work profile and fully managed devices, on\r\nsupported carriers and devices. Admins can explicitly enable it with this API. If admin wants to have multiple enterprise\r\nslices, it can be configured by passing list of PreferentialNetworkServiceConfig objects.\r\nParameters\r\npreferentialNetworkServiceConfigs\r\nList : list of preferential network configurations.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if the caller is not the profile owner or device owner.\r\nsetPreferentialNetworkServiceEnabled\r\npublic void setPreferentialNetworkServiceEnabled (boolean enabled)\r\nSets whether preferential network service is enabled. For example, an organization can have a deal/agreement with a\r\ncarrier that all of the work data from its employees\\u2019 devices will be sent via a network service dedicated for\r\nenterprise use. An example of a supported preferential network service is the Enterprise slice on 5G networks. For\r\ndevices on 4G networks, the profile owner needs to additionally configure enterprise APN to set up data call for the\r\npreferential network service. These APNs can be added using addOverrideApn(ComponentName, ApnSetting) . By\r\ndefault, preferential network service is disabled on the work profile and fully managed devices, on supported carriers\r\nand devices. Admins can explicitly enable it with this API.\r\nThis method enables preferential network service with a default configuration. To fine-tune the configuration, use\r\nsetPreferentialNetworkServiceConfigs(List) instead.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 255 of 279\n\nBefore Android version Build.VERSION_CODES.TIRAMISU : this method can be called by the profile owner of a managed\r\nprofile.\r\nStarting from Android version Build.VERSION_CODES.TIRAMISU : This method can be called by the profile owner of a\r\nmanaged profile or device owner.\r\nParameters\r\nenabled boolean : whether preferential network service should be enabled.\r\nThrows\r\nSecurityException if the caller is not the profile owner or device owner.\r\nsetProfileEnabled\r\npublic void setProfileEnabled (ComponentName admin)\r\nSets the enabled state of the profile. A profile should be enabled only once it is ready to be used. Only the profile owner\r\ncan call this.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nThrows\r\nSecurityException if admin is not a profile owner.\r\nsetProfileName\r\npublic void setProfileName (ComponentName admin,\r\n String profileName)\r\nSets the name of the profile. In the device owner case it sets the name of the user which it is called from. Only a profile\r\nowner or device owner can call this. If this is never called by the profile or device owner, the name will be set to default\r\nvalues.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associate with.\r\nThis value cannot be null .\r\nprofileName String : The name of the profile. If the name is longer than 200 characters it will be truncated.\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 256 of 279\n\nSecurityException if admin is not a device or profile owner.\r\nsetRecommendedGlobalProxy\r\npublic void setRecommendedGlobalProxy (ComponentName admin,\r\n ProxyInfo proxyInfo)\r\nSet a network-independent global HTTP proxy. This is not normally what you want for typical HTTP proxies - they are\r\ngenerally network dependent. However if you're doing something unusual like general internal filtering this may be\r\nuseful. On a private network where the proxy is not accessible, you may break HTTP using this.\r\nThis method requires the caller to be the device owner.\r\nThis proxy is only a recommendation and it is possible that some apps will ignore it.\r\nNote: The device owner won't be able to set a global HTTP proxy if there are unaffiliated secondary users or profiles on\r\nthe device. It's recommended that affiliation ids are set for new users as soon as possible after provisioning via\r\nsetAffiliationIds(ComponentName, Set) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nproxy\r\nInfo\r\nProxyInfo : The a ProxyInfo object defining the new global HTTP proxy. A null value will\r\nclear the global HTTP proxy.\r\nThrows\r\nSecurityException if admin is not the device owner.\r\nsetRequiredPasswordComplexity\r\npublic void setRequiredPasswordComplexity (int passwordComplexity)\r\nSets a minimum password complexity requirement for the user's screen lock. The complexity level is one of the pre-defined levels, and the user is unable to set a password with a lower complexity level.\r\nNote that when called on a profile which uses an unified challenge with its parent, the complexity would apply to the\r\nunified challenge.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nNote: Specifying password requirements using this method clears any password requirements set using the obsolete\r\nsetPasswordQuality(ComponentName,int) and any of its associated methods. Additionally, if there are password\r\nrequirements set using the obsolete setPasswordQuality(ComponentName,int) on the parent DevicePolicyManager\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 257 of 279\n\ninstance, they must be cleared by calling setPasswordQuality(ComponentName,int) with\r\nPASSWORD_QUALITY_UNSPECIFIED on that instance prior to setting complexity requirement for the managed profile.\r\nStarting from Build.VERSION_CODES.VANILLA_ICE_CREAM , after the password requirement has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.PASSWORD_COMPLEXITY_POLICY\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\npasswordComplexity\r\nint : Value is one of the following:\r\nPASSWORD_COMPLEXITY_NONE\r\nPASSWORD_COMPLEXITY_LOW\r\nPASSWORD_COMPLEXITY_MEDIUM\r\nPASSWORD_COMPLEXITY_HIGH\r\nThrows\r\nIllegalArgument\r\nException\r\nif the complexity level is not one of the four above.\r\nIllegalState\r\nException\r\nif the caller is trying to set password complexity while there are password requirements\r\nspecified using setPasswordQuality(ComponentName,int) on the parent DevicePolicy\r\nManager instance.\r\nSecurity\r\nException\r\nif the calling application is not a device owner or a profile owner.\r\nsetRequiredStrongAuthTimeout\r\npublic void setRequiredStrongAuthTimeout (ComponentName admin,\r\n long timeoutMs)\r\nCalled by a device/profile owner to set the timeout after which unlocking with secondary, non strong auth\r\n(e.g. fingerprint, face, trust agents) times out, i.e. the user has to use a strong authentication method like password, pin\r\nor pattern.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 258 of 279\n\nThis timeout is used internally to reset the timer to require strong auth again after specified timeout each time it has\r\nbeen successfully used.\r\nFingerprint can also be disabled altogether using KEYGUARD_DISABLE_FINGERPRINT .\r\nTrust agents can also be disabled altogether using KEYGUARD_DISABLE_TRUST_AGENTS .\r\nA calling device admin can verify the value it has set by calling getRequiredStrongAuthTimeout(ComponentName) and\r\npassing in its instance.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to set restrictions on the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, calling this methods has no effect -\r\ni.e. the timeout is not set.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not\r\na device admin.\r\nThis value may be null .\r\ntimeout\r\nMs\r\nlong : The new timeout in milliseconds, after which the user will have to unlock with strong\r\nauthentication method. A value of 0 means the admin is not participating in controlling the timeout.\r\nThe minimum and maximum timeouts are platform-defined and are typically 1 hour and 72 hours,\r\nrespectively. Though discouraged, the admin may choose to require strong auth at all times using\r\nKEYGUARD_DISABLE_FINGERPRINT and/or KEYGUARD_DISABLE_TRUST_AGENTS .\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetResetPasswordToken\r\npublic boolean setResetPasswordToken (ComponentName admin,\r\n byte[] token)\r\nCalled by a profile or device owner to provision a token which can later be used to reset the device lockscreen password\r\n(if called by device owner), or managed profile challenge (if called by profile owner), via\r\nresetPasswordWithToken(ComponentName, String, byte, int) .\r\nIf the user currently has a lockscreen password, the provisioned token will not be immediately usable; it only becomes\r\nactive after the user performs a confirm credential operation, which can be triggered by\r\nKeyguardManager.createConfirmDeviceCredentialIntent . If the user has no lockscreen password, the token is\r\nactivated immediately. In all cases, the active state of the current token can be checked by\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 259 of 279\n\nisResetPasswordTokenActive(ComponentName) . For security reasons, un-activated tokens are only stored in memory\r\nand will be lost once the device reboots. In this case a new token needs to be provisioned again.\r\nOnce provisioned and activated, the token will remain effective even if the user changes or clears the lockscreen\r\npassword.\r\nThis token is highly sensitive and should be treated at the same level as user credentials. In particular, NEVER store\r\nthis token on device in plaintext. Do not store the plaintext token in device-encrypted storage if it will be needed to reset\r\npassword on file-based encryption devices before user unlocks. Consider carefully how any password token will be\r\nstored on your server and who will need access to them. Tokens may be the subject of legal access requests.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, the reset token is not set and this\r\nmethod returns false.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not a\r\ndevice admin.\r\nThis value may be null .\r\ntoken\r\nbyte : a secure token a least 32-byte long, which must be generated by a cryptographically strong\r\nrandom number generator.\r\nReturns\r\nboolean true if the operation is successful, false otherwise.\r\nThrows\r\nIllegalArgumentException if the supplied token is invalid.\r\nSecurityException if admin is not a device or profile owner.\r\nsetRestrictionsProvider\r\npublic void setRestrictionsProvider (ComponentName admin,\r\n ComponentName provider)\r\nDesignates a specific service component as the provider for making permission requests of a local or remote\r\nadministrator of the user.\r\nOnly a device owner or profile owner can designate the restrictions provider.\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 260 of 279\n\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nprovider\r\nComponentName : The component name of the service that implements RestrictionsReceiver . If\r\nthis param is null, it removes the restrictions provider previously assigned.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetScreenCaptureDisabled\r\npublic void setScreenCaptureDisabled (ComponentName admin,\r\n boolean disabled)\r\nCalled by a device/profile owner to set whether the screen capture is disabled. Disabling screen capture also prevents\r\nthe content from being shown on display devices that do not have a secure video output. See Display.FLAG_SECURE for\r\nmore details about secure surfaces and secure displays.\r\nThis method can be called on the DevicePolicyManager instance, returned by\r\ngetParentProfileInstance(ComponentName) , where the calling device admin must be the profile owner of an\r\norganization-owned managed profile. If it is not, a security exception will be thrown.\r\nIf the caller is device owner or called on the parent instance by a profile owner of an organization-owned managed\r\nprofile, then the restriction will be applied to all users.\r\nFrom version Build.VERSION_CODES.M disabling screen capture also blocks assist requests for all activities of the\r\nrelevant user.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\ndisabled boolean : Whether screen capture is disabled or not.\r\nThrows\r\nSecurityException if the caller is not permitted to control screen capture policy.\r\nsetSecureSetting\r\npublic void setSecureSetting (ComponentName admin,\r\n String setting,\r\n String value)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 261 of 279\n\nThis method is mostly deprecated. Most of the settings that still have an effect have dedicated setter methods (e.g.\r\nsetLocationEnabled(ComponentName, boolean) ) or user restrictions.\r\nCalled by profile or device owners to update Settings.Secure settings. Validation that the value of the setting is in the\r\ncorrect form for the setting type should be performed by the caller.\r\nThe settings that can be updated by a profile or device owner with this method are:\r\nSettings.Secure.DEFAULT_INPUT_METHOD\r\nSettings.Secure.SKIP_FIRST_USE_HINTS\r\nA device owner can additionally update the following settings:\r\nSettings.Secure.LOCATION_MODE , but see note below.\r\nNote: Starting from Android O, apps should no longer call this method with the setting\r\nSettings.Secure.INSTALL_NON_MARKET_APPS , which is deprecated. Instead, device owners or profile owners should\r\nuse the restriction UserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES . If any app targeting Build.VERSION_CODES.O\r\nor higher calls this method with Settings.Secure.INSTALL_NON_MARKET_APPS , an UnsupportedOperationException\r\nis thrown. Starting from Android Q, the device and profile owner can also call\r\nUserManager.DISALLOW_INSTALL_UNKNOWN_SOURCES_GLOBALLY to restrict unknown sources for all users. Note:\r\nStarting from Android R, apps should no longer call this method with the setting\r\nSettings.Secure.LOCATION_MODE , which is deprecated. Instead, device owners should call\r\nsetLocationEnabled(ComponentName,boolean) . This will be enforced for all apps targeting Android R or above.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nsetting String : The name of the setting to update.\r\nvalue String : The value to update the setting to.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetSecurityLoggingEnabled\r\npublic void setSecurityLoggingEnabled (ComponentName admin,\r\n boolean enabled)\r\nCalled by device owner or a profile owner of an organization-owned managed profile to control the security logging\r\nfeature.\r\nSecurity logs contain various information intended for security auditing purposes. When security logging is enabled by\r\nany app other than the device owner, certain security logs are not visible (for example personal app launch events) or\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 262 of 279\n\nthey will be redacted (for example, details of the physical volume mount events). Please see SecurityEvent for\r\ndetails.\r\nNote: The device owner won't be able to retrieve security logs if there are unaffiliated secondary users or profiles on the\r\ndevice, regardless of whether the feature is enabled. Logs will be discarded if the internal buffer fills up while waiting\r\nfor all users to become affiliated. Therefore it's recommended that affiliation ids are set for new users as soon as\r\npossible after provisioning via setAffiliationIds(ComponentName, Set) . Non device owners are not subject to this\r\nrestriction since all privacy-sensitive events happening outside the managed profile would have been redacted already.\r\nStarting from Build.VERSION_CODES.VANILLA_ICE_CREAM , after the security logging policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.SECURITY_LOGGING_POLICY\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which device admin this request is associated with, or null if called by a\r\ndelegated app.\r\nenabled boolean : whether security logging should be enabled or not.\r\nThrows\r\nSecurityException if the caller is not permitted to control security logging.\r\nsetShortSupportMessage\r\npublic void setShortSupportMessage (ComponentName admin,\r\n CharSequence message)\r\nCalled by a device admin to set the short support message. This will be displayed to the user in settings screens where\r\nfunctionality has been disabled by the admin. The message should be limited to a short statement such as \"This setting\r\nis disabled by your administrator. Contact someone@example.com for support.\" If the message is longer than 200\r\ncharacters it may be truncated.\r\nIf the short support message needs to be localized, it is the responsibility of the DeviceAdminReceiver to listen to the\r\nIntent.ACTION_LOCALE_CHANGED broadcast and set a new version of this string accordingly.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 263 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\nmessage\r\nCharSequence : Short message to be displayed to the user in settings or null to clear the existing\r\nmessage.\r\nThrows\r\nSecurityException if admin is not an active administrator.\r\nsetStartUserSessionMessage\r\npublic void setStartUserSessionMessage (ComponentName admin,\r\n CharSequence startUserSessionMessage)\r\nCalled by a device owner to specify the user session start message. This may be displayed during a user switch.\r\nThe message should be limited to a short statement or it may be truncated.\r\nIf the message needs to be localized, it is the responsibility of the DeviceAdminReceiver to listen to the\r\nIntent.ACTION_LOCALE_CHANGED broadcast and set a new version of this message accordingly.\r\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nstartUserSession\r\nMessage\r\nCharSequence : message for starting user session, or null to use system default\r\nmessage.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nsetStatusBarDisabled\r\npublic boolean setStatusBarDisabled (ComponentName admin,\r\n boolean disabled)\r\nCalled by device owner or profile owner of secondary users that is affiliated with the device to disable the status bar.\r\nDisabling the status bar blocks notifications and quick settings.\r\nNote: This method has no effect for LockTask mode. The behavior of the status bar in LockTask mode can be\r\nconfigured with setLockTaskFeatures(ComponentName,int) . Calls to this method when the device is in LockTask\r\nmode will be registered, but will only take effect when the device leaves LockTask mode.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 264 of 279\n\nThis policy does not have any effect while on the lock screen, where the status bar will not be disabled. Using LockTask\r\ninstead of this method is recommended.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\ndisabled boolean : true disables the status bar, false reenables it.\r\nReturns\r\nboolean false if attempting to disable the status bar failed. true otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not the device owner, or a profile owner of secondary user that is affiliated with\r\nthe device.\r\nsetStorageEncryption\r\npublic int setStorageEncryption (ComponentName admin,\r\n boolean encrypt)\r\nThis method was deprecated in API level 30.\r\nThis method does not actually modify the storage encryption of the device. It has never affected the encryption status of\r\na device. Called by an application that is administering the device to request that the storage system be encrypted. Does\r\nnothing if the caller is on a secondary user or a managed profile.\r\nWhen multiple device administrators attempt to control device encryption, the most secure, supported setting will\r\nalways be used. If any device administrator requests device encryption, it will be enabled; Conversely, if a device\r\nadministrator attempts to disable device encryption while another device administrator has enabled it, the call to disable\r\nwill fail (most commonly returning ENCRYPTION_STATUS_ACTIVE ).\r\nThis policy controls encryption of the secure (application data) storage area. Data written to other storage areas may or\r\nmay not be encrypted, and this policy does not require or control the encryption of any other storage areas. There is one\r\nexception: If Environment.isExternalStorageEmulated() is true , then the directory returned by\r\nEnvironment.getExternalStorageDirectory() must be written to disk within the encrypted storage area.\r\nImportant Note: On some devices, it is possible to encrypt storage without requiring the user to create a device PIN or\r\nPassword. In this case, the storage is encrypted, but the encryption key may not be fully secured. For maximum\r\nsecurity, the administrator should also require (and check for) a pattern, PIN, or password.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 265 of 279\n\nencrypt boolean : true to request encryption, false to release any previous request\r\nReturns\r\nint\r\nthe new total request status (for all active admins), or DevicePolicyManager.ENCRYPTION_STATUS_\r\nUNSUPPORTED if called for a non-system user. Will be one of ENCRYPTION_STATUS_UNSUPPORTED ,\r\nENCRYPTION_STATUS_INACTIVE , or ENCRYPTION_STATUS_ACTIVE . This is the value of the requests; use get\r\nStorageEncryptionStatus() to query the actual device state.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator or does not use DeviceAdminInfo.USES_ENCRYPTED_\r\nSTORAGE\r\nsetSystemSetting\r\npublic void setSystemSetting (ComponentName admin,\r\n String setting,\r\n String value)\r\nCalled by a device or profile owner to update Settings.System settings. Validation that the value of the setting is in\r\nthe correct form for the setting type should be performed by the caller.\r\nThe settings that can be updated by a device owner or profile owner of secondary user with this method are:\r\nSettings.System.SCREEN_BRIGHTNESS\r\nSettings.System.SCREEN_BRIGHTNESS_MODE\r\nSettings.System.SCREEN_OFF_TIMEOUT\r\nStarting from Android Build.VERSION_CODES.VANILLA_ICE_CREAM , a profile owner on an organization-owned device\r\ncan call this method on the parent DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) to set system settings on the parent user.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nsetting\r\nString : The name of the setting to update.\r\nThis value cannot be null .\r\nValue is one of the following:\r\nSettings.System.SCREEN_BRIGHTNESS_MODE\r\nSettings.System.SCREEN_BRIGHTNESS\r\nSettings.System.SCREEN_OFF_TIMEOUT\r\nvalue String : The value to update the setting to.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 266 of 279\n\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetSystemUpdatePolicy\r\npublic void setSystemUpdatePolicy (ComponentName admin,\r\n SystemUpdatePolicy policy)\r\nCalled by device owners or profile owners of an organization-owned managed profile to set a local system update\r\npolicy. When a new policy is set, ACTION_SYSTEM_UPDATE_POLICY_CHANGED is broadcast.\r\nIf the supplied system update policy has freeze periods set but the freeze periods do not meet 90-day maximum length\r\nor 60-day minimum separation requirement set out in SystemUpdatePolicy.setFreezePeriods ,\r\nSystemUpdatePolicy.ValidationFailedException will the thrown. Note that the system keeps a record of freeze\r\nperiods the device experienced previously, and combines them with the new freeze periods to be set when checking the\r\nmaximum freeze length and minimum freeze separation constraints. As a result, freeze periods that passed validation\r\nduring SystemUpdatePolicy.setFreezePeriods might fail the additional checks here due to the freeze period history. If\r\nthis is causing issues during development, adb shell dpm clear-freeze-period-record can be used to clear the\r\nrecord.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. All components in the\r\npackage can set system update policies and the most recent policy takes effect. This should be null if\r\nthe caller is not a device admin.\r\npolicy SystemUpdatePolicy : the new policy, or null to clear the current policy.\r\nThrows\r\nSystemUpdatePolicy.\r\nValidationFailedException\r\nif the policy's freeze period does not meet the requirement.\r\nIllegalArgumentException if the policy type or maintenance window is not valid.\r\nSecurityException\r\nif admin is not a device owner or a profile owner of an organization-owned\r\nmanaged profile, or the caller is not permitted to set this policy\r\nsetTime\r\npublic boolean setTime (ComponentName admin,\r\n long millis)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to set the system wall clock\r\ntime. This only takes effect if called when Settings.Global.AUTO_TIME is 0, otherwise false will be returned.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 267 of 279\n\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is not\r\na device admin.\r\nThis value may be null .\r\nmillis long : time in milliseconds since the Epoch\r\nReturns\r\nboolean true if set time succeeded, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device owner or a profile owner of an organization-owned managed\r\nprofile.\r\nsetTimeZone\r\npublic boolean setTimeZone (ComponentName admin,\r\n String timeZone)\r\nCalled by a device owner or a profile owner of an organization-owned managed profile to set the system's persistent\r\ndefault time zone. This only takes effect if called when Settings.Global.AUTO_TIME_ZONE is 0, otherwise false will\r\nbe returned.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\ntime\r\nZone\r\nString : one of the Olson ids from the list returned by TimeZone.getAvailableIDs()\r\nReturns\r\nboolean true if set timezone succeeded, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device owner or a profile owner of an organization-owned managed\r\nprofile.\r\nsetTrustAgentConfiguration\r\npublic void setTrustAgentConfiguration (ComponentName admin,\r\n ComponentName target,\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 268 of 279\n\nPersistableBundle configuration)\r\nSets a list of configuration features to enable for a trust agent component. This is meant to be used in conjunction with\r\nKEYGUARD_DISABLE_TRUST_AGENTS , which disables all trust agents but those enabled by this function call. If flag\r\nKEYGUARD_DISABLE_TRUST_AGENTS is not set, then this call has no effect.\r\nFor any specific trust agent, whether it is disabled or not depends on the aggregated state of each admin's\r\nKEYGUARD_DISABLE_TRUST_AGENTS setting and its trust agent configuration as set by this function call. In particular: if\r\nany admin sets KEYGUARD_DISABLE_TRUST_AGENTS and does not additionally set any trust agent configuration, the trust\r\nagent is disabled completely. Otherwise, the trust agent will receive the list of configurations from all admins who set\r\nKEYGUARD_DISABLE_TRUST_AGENTS and aggregate the configurations to determine its behavior. The exact meaning of\r\naggregation is trust-agent-specific.\r\nA calling device admin must have requested DeviceAdminInfo.USES_POLICY_DISABLE_KEYGUARD_FEATURES to be able to\r\ncall this method; if not, a security exception will be thrown.\r\nThis method can be called on the DevicePolicyManager instance returned by\r\ngetParentProfileInstance(ComponentName) in order to set the configuration for the parent profile.\r\nOn devices not supporting PackageManager.FEATURE_SECURE_LOCK_SCREEN feature, calling this method has no effect -\r\nno trust agent configuration will be set.\r\nRequires the PackageManager#FEATURE_SECURE_LOCK_SCREEN feature which can be detected using\r\nPackageManager.hasSystemFeature(String) .\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the\r\ncaller is not a device admin.\r\nThis value may be null .\r\ntarget\r\nComponentName : Component name of the agent to be configured.\r\nThis value cannot be null .\r\nconfiguration\r\nPersistableBundle : Trust-agent-specific feature configuration bundle. Please consult\r\ndocumentation of the specific trust agent to determine the interpretation of this bundle.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not an active administrator or does not use DeviceAdminInfo.USES_POLICY_\r\nDISABLE_KEYGUARD_FEATURES\r\nsetUninstallBlocked\r\npublic void setUninstallBlocked (ComponentName admin,\r\n String packageName,\r\n boolean uninstallBlocked)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 269 of 279\n\nChange whether a user can uninstall a package. This function can be called by a device owner, profile owner, or by a\r\ndelegate given the DELEGATION_BLOCK_UNINSTALL scope via setDelegatedScopes(ComponentName, String, List) or\r\nholders of the permission Manifest.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL .\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the set uninstall blocked policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.PACKAGE_UNINSTALL_BLOCKED_POLICY\r\nThe additional policy params bundle, which contains PolicyUpdateReceiver.EXTRA_PACKAGE_NAME the package\r\nname the policy applies to\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the\r\ncaller is not a device admin.\r\nThis value may be null .\r\npackageName String : package to change.\r\nuninstall\r\nBlocked\r\nboolean : true if the user shouldn't be able to uninstall the package.\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device or profile owner or holder of the permission Manifest.permission.\r\nMANAGE_DEVICE_POLICY_APPS_CONTROL .\r\nsetUsbDataSignalingEnabled\r\npublic void setUsbDataSignalingEnabled (boolean enabled)\r\nCalled by a device owner or profile owner of an organization-owned managed profile to enable or disable USB data\r\nsignaling for the device. When disabled, USB data connections (except from charging functions) are prohibited.\r\nThis API is not supported on all devices, the caller should call canUsbDataSignalingBeDisabled() to check whether\r\nenabling or disabling USB data signaling is supported on the device. Starting from Android 15, after the USB data\r\nsignaling policy has been set,\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 270 of 279\n\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nenabled boolean : whether USB data signaling should be enabled or not.\r\nThrows\r\nIllegalState\r\nException\r\nif disabling USB data signaling is not supported or if USB data signaling fails to be\r\nenabled/disabled.\r\nSecurityException if the caller is not permitted to set this policy\r\nsetUserControlDisabledPackages\r\npublic void setUserControlDisabledPackages (ComponentName admin,\r\n List\u003cString\u003e packages)\r\nCalled by a device owner or a profile owner or holder of the permission\r\nManifest.permission.MANAGE_DEVICE_POLICY_APPS_CONTROL to disable user control over apps. User will not be able to\r\nclear app data or force-stop packages. When called by a device owner, applies to all users on the device. Packages with\r\nuser control disabled are exempted from App Standby Buckets.\r\nStarting from Build.VERSION_CODES.UPSIDE_DOWN_CAKE , after the user control disabled packages policy has been set,\r\nPolicyUpdateReceiver.onPolicySetResult(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nadmin on whether the policy was successfully set or not. This callback will contain:\r\nThe policy identifier DevicePolicyIdentifiers.USER_CONTROL_DISABLED_PACKAGES_POLICY\r\nThe TargetUser that this policy relates to\r\nThe PolicyUpdateResult , which will be PolicyUpdateResult.RESULT_POLICY_SET if the policy was\r\nsuccessfully set or the reason the policy failed to be set (e.g.\r\nPolicyUpdateResult.RESULT_FAILURE_CONFLICTING_ADMIN_POLICY )\r\nIf there has been a change to the policy,\r\nPolicyUpdateReceiver.onPolicyChanged(Context,String,Bundle,TargetUser,PolicyUpdateResult) will notify the\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 271 of 279\n\nadmin of this change. This callback will contain the same parameters as PolicyUpdateReceiver#onPolicySetResult and\r\nthe PolicyUpdateResult will contain the reason why the policy changed.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with. Null if the caller is\r\nnot a device admin.\r\nThis value may be null .\r\npackages\r\nList : The package names for the apps.\r\nThis value cannot be null .\r\nThrows\r\nSecurity\r\nException\r\nif admin is not a device owner or a profile owner or holder of the permission Manifest.\r\npermission.MANAGE_DEVICE_POLICY_APPS_CONTROL .\r\nsetUserIcon\r\npublic void setUserIcon (ComponentName admin,\r\n Bitmap icon)\r\nCalled by profile or device owners to set the user's photo.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nicon Bitmap : the bitmap to set as the photo.\r\nThrows\r\nSecurityException if admin is not a device or profile owner.\r\nsetWifiSsidPolicy\r\npublic void setWifiSsidPolicy (WifiSsidPolicy policy)\r\nCalled by device owner or profile owner of an organization-owned managed profile to specify the Wi-Fi SSID policy\r\n( WifiSsidPolicy ). Wi-Fi SSID policy specifies the SSID restriction the network must satisfy in order to be eligible for\r\na connection. Providing a null policy results in the deactivation of the SSID restriction\r\nParameters\r\npolicy\r\nWifiSsidPolicy : Wi-Fi SSID policy.\r\nThis value may be null .\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 272 of 279\n\nThrows\r\nSecurityException if the caller is not permitted to manage wifi policy\r\nstartUserInBackground\r\npublic int startUserInBackground (ComponentName admin,\r\n UserHandle userHandle)\r\nCalled by a device owner to start the specified secondary user in background.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nuserHandle\r\nUserHandle : the user to be started in background.\r\nThis value cannot be null .\r\nReturns\r\nint\r\none of the following result codes: UserManager.USER_OPERATION_ERROR_UNKNOWN , UserManager.USER_\r\nOPERATION_SUCCESS , UserManager.USER_OPERATION_ERROR_MANAGED_PROFILE , UserManager.USER_\r\nOPERATION_ERROR_MAX_RUNNING_USERS ,.\r\nValue is one of the following:\r\nUserManager.USER_OPERATION_SUCCESS\r\nUserManager.USER_OPERATION_ERROR_UNKNOWN\r\nUserManager.USER_OPERATION_ERROR_MANAGED_PROFILE\r\nUserManager.USER_OPERATION_ERROR_MAX_RUNNING_USERS\r\nUserManager.USER_OPERATION_ERROR_CURRENT_USER\r\nUserManager.USER_OPERATION_ERROR_LOW_STORAGE\r\nUserManager.USER_OPERATION_ERROR_MAX_USERS\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nstopUser\r\npublic int stopUser (ComponentName admin,\r\n UserHandle userHandle)\r\nCalled by a device owner to stop the specified secondary user.\r\nParameters\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 273 of 279\n\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nuserHandle\r\nUserHandle : the user to be stopped.\r\nThis value cannot be null .\r\nReturns\r\nint\r\none of the following result codes: UserManager.USER_OPERATION_ERROR_UNKNOWN , UserManager.USER_\r\nOPERATION_SUCCESS , UserManager.USER_OPERATION_ERROR_MANAGED_PROFILE , UserManager.USER_\r\nOPERATION_ERROR_CURRENT_USER\r\nValue is one of the following:\r\nUserManager.USER_OPERATION_SUCCESS\r\nUserManager.USER_OPERATION_ERROR_UNKNOWN\r\nUserManager.USER_OPERATION_ERROR_MANAGED_PROFILE\r\nUserManager.USER_OPERATION_ERROR_MAX_RUNNING_USERS\r\nUserManager.USER_OPERATION_ERROR_CURRENT_USER\r\nUserManager.USER_OPERATION_ERROR_LOW_STORAGE\r\nUserManager.USER_OPERATION_ERROR_MAX_USERS\r\nThrows\r\nSecurityException if admin is not a device owner.\r\nswitchUser\r\npublic boolean switchUser (ComponentName admin,\r\n UserHandle userHandle)\r\nCalled by a device owner to switch the specified secondary user to the foreground.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\nuserHandle UserHandle : the user to switch to; null will switch to primary.\r\nReturns\r\nboolean true if the switch was successful, false otherwise.\r\nThrows\r\nSecurityException if admin is not a device owner.\r\ntransferOwnership\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 274 of 279\n\npublic void transferOwnership (ComponentName admin,\n ComponentName target,\n PersistableBundle bundle)\nChanges the current administrator to another one. All policies from the current administrator are migrated to the new\nadministrator. The whole operation is atomic - the transfer is either complete or not done at all.\nDepending on the current administrator (device owner, profile owner), you have the following expected behaviour:\nA device owner can only be transferred to a new device owner\nA profile owner can only be transferred to a new profile owner\nUse the bundle parameter to pass data to the new administrator. The data will be received in the\nDeviceAdminReceiver.onTransferOwnershipComplete(Context,PersistableBundle) callback of the new administrator.\nThe transfer has failed if the original administrator is still the corresponding owner after calling this method.\nThe incoming target administrator must have the tag inside the tags in the xml file referenced by DeviceAdminReceiver.DEVICE_ADMIN_META_DATA . Otherwise an\nIllegalArgumentException will be thrown.\nParameters\nadmin\nComponentName : which DeviceAdminReceiver this request is associated with.\nThis value cannot be null .\ntarget\nComponentName : which DeviceAdminReceiver we want the new administrator to be.\nThis value cannot be null .\nbundle\nPersistableBundle : data to be sent to the new administrator.\nThis value may be null .\nThrows\nIllegalArgument\nException\nif admin or target is null , they are components in the same package or target\nis not an active admin.\nSecurityException if admin is not a device owner nor a profile owner.\nuninstallAllUserCaCerts\npublic void uninstallAllUserCaCerts (ComponentName admin)\nUninstalls all custom trusted CA certificates from the profile. Certificates installed by means other than device policy\nwill also be removed, except for system CA certificates.\nParameters\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\nPage 275 of 279\n\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if calling from\r\na delegated certificate installer.\r\nThrows\r\nSecurityException if admin is not null and not a device or profile owner.\r\nuninstallCaCert\r\npublic void uninstallCaCert (ComponentName admin,\r\n byte[] certBuffer)\r\nUninstalls the given certificate from trusted user CAs, if present. The caller must be a profile or device owner on that\r\nuser, or a delegate package given the DELEGATION_CERT_INSTALL scope via setDelegatedScopes(ComponentName,\r\nString, List) ; otherwise a security exception will be thrown.\r\nParameters\r\nadmin\r\nComponentName : Which DeviceAdminReceiver this request is associated with, or null if calling\r\nfrom a delegated certificate installer.\r\ncert\r\nBuffer\r\nbyte : encoded form of the certificate to remove.\r\nThrows\r\nSecurityException if admin is not null and not a device or profile owner.\r\nupdateOverrideApn\r\npublic boolean updateOverrideApn (ComponentName admin,\r\n int apnId,\r\n ApnSetting apnSetting)\r\nCalled by device owner or managed profile owner to update an override APN.\r\nThis method may returns false if there is no override APN with the given apnId .\r\nThis method may also returns false if apnSetting conflicts with an existing override APN. Update the existing\r\nconflicted APN instead.\r\nSee addOverrideApn(ComponentName, ApnSetting) for the definition of conflict.\r\nBefore Android version Build.VERSION_CODES.TIRAMISU : Only device owners can update APNs.\r\nStarting from Android version Build.VERSION_CODES.TIRAMISU : Both device owners and managed profile owners can\r\nupdate enterprise APNs ( ApnSetting.TYPE_ENTERPRISE ), while only device owners can update other type of APNs.\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 276 of 279\n\nParameters\r\nadmin\r\nComponentName : which DeviceAdminReceiver this request is associated with.\r\nThis value cannot be null .\r\napnId int : the id of the override APN to update\r\napnSetting\r\nApnSetting : the override APN to update.\r\nThis value cannot be null .\r\nReturns\r\nboolean true if the required override APN is successfully updated, false otherwise.\r\nThrows\r\nSecurity\r\nException\r\nIf request is for enterprise APN admin is either device owner or profile owner and in all other\r\ntypes of APN if admin is not a device owner.\r\nwipeData\r\npublic void wipeData (int flags,\r\n CharSequence reason)\r\nAsk that all user data be wiped.\r\nIf called as a secondary user or managed profile, the user itself and its associated user data will be wiped. In particular,\r\nIf the caller is a profile owner of an organization-owned managed profile, calling this method will relinquish the device\r\nfor personal use, removing the managed profile and all policies set by the profile owner.\r\nCalling this method from the primary user will only work if the calling app is targeting SDK level\r\nBuild.VERSION_CODES.TIRAMISU or below, in which case it will cause the device to reboot, erasing all device data -\r\nincluding all the secondary users and their data - while booting up. If an app targeting SDK level\r\nBuild.VERSION_CODES.UPSIDE_DOWN_CAKE and above is calling this method from the primary user or last full user,\r\nIllegalStateException will be thrown.\r\nIf an app wants to wipe the entire device irrespective of which user they are from, they should use wipeDevice(int)\r\ninstead.\r\nParameters\r\nflags\r\nint : Bit mask of additional options: currently supported flags are WIPE_EXTERNAL_STORAGE and\r\nWIPE_RESET_PROTECTION_DATA .\r\nreason\r\nCharSequence : a string that contains the reason for wiping data, which can be presented to the user.\r\nThis value cannot be null .\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 277 of 279\n\nIllegal\r\nArgument\r\nException\r\nif the input reason string is null or empty, or if WIPE_SILENTLY is set.\r\nIllegalState\r\nException\r\nif called on last full-user or system-user\r\nSecurity\r\nException\r\nif the calling application does not own an active administrator that uses DeviceAdminInfo.\r\nUSES_POLICY_WIPE_DATA and is not granted the Manifest.permission.MASTER_CLEAR or\r\nManifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA permissions.\r\nwipeData\r\npublic void wipeData (int flags)\r\nSee wipeData(int,CharSequence)\r\nParameters\r\nflags\r\nint : Bit mask of additional options: currently supported flags are WIPE_EXTERNAL_STORAGE , WIPE_\r\nRESET_PROTECTION_DATA and WIPE_SILENTLY .\r\nThrows\r\nIllegalState\r\nException\r\nif called on last full-user or system-user\r\nSecurity\r\nException\r\nif the calling application does not own an active administrator that uses DeviceAdminInfo.\r\nUSES_POLICY_WIPE_DATA and is not granted the Manifest.permission.MASTER_CLEAR or\r\nManifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA permissions.\r\nwipeDevice\r\npublic void wipeDevice (int flags)\r\nAsk that the device be wiped and factory reset.\r\nThe calling Device Owner or Organization Owned Profile Owner must have requested\r\nDeviceAdminInfo.USES_POLICY_WIPE_DATA to be able to call this method; if it has not, a security exception will be\r\nthrown.\r\nParameters\r\nflags\r\nint : Bit mask of additional options: currently supported flags are WIPE_EXTERNAL_STORAGE , WIPE_\r\nRESET_PROTECTION_DATA , WIPE_EUICC and WIPE_SILENTLY .\r\nThrows\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 278 of 279\n\nSecurity\r\nException\r\nif the calling application does not own an active administrator that uses DeviceAdminInfo.USES_\r\nPOLICY_WIPE_DATA and is not granted the Manifest.permission.MASTER_CLEAR or both the\r\nManifest.permission.MANAGE_DEVICE_POLICY_WIPE_DATA and Manifest.permission.MANAGE_\r\nDEVICE_POLICY_ACROSS_USERS permissions.\r\nSource: https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nhttps://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)\r\nPage 279 of 279",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://developer.android.com/reference/android/app/admin/DevicePolicyManager.html#resetPassword(java.lang.String,%20int)"
	],
	"report_names": [
		"DevicePolicyManager.html#resetPassword(java.lang.String,%20int)"
	],
	"threat_actors": [
		{
			"id": "08c8f238-1df5-4e75-b4d8-276ebead502d",
			"created_at": "2023-01-06T13:46:39.344081Z",
			"updated_at": "2026-04-10T02:00:03.294222Z",
			"deleted_at": null,
			"main_name": "Copy-Paste",
			"aliases": [],
			"source_name": "MISPGALAXY:Copy-Paste",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434231,
	"ts_updated_at": 1775826762,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/5ad1a5db4dca3cc38caf58662510a1ffa2cb691a.pdf",
		"text": "https://archive.orkl.eu/5ad1a5db4dca3cc38caf58662510a1ffa2cb691a.txt",
		"img": "https://archive.orkl.eu/5ad1a5db4dca3cc38caf58662510a1ffa2cb691a.jpg"
	}
}