App Permission question

expand collapsive

Hi, we have set app permissions for an enterprise application that is pushed to a device that is Enterprise enrolled with Device Admin privileges.  The device is not receiving those permissions and, upon launch, the app requests its permissions with the normal pop-up request. The device is running Android 6.0.1. Is there something we are missing?

All Replies

  • Avatar

    Jeff Black

    Hexnode

    Jeff Black

    Moderator

    Hi Jason,

    Hope you are doing well,

    The payload for deploying the app permissions to the device is done through the managed Google Play Store on the device which would be linked with the work account on the device. First, you would have to ensure that the work account has been successfully created on the device from Manage > Click on the device name > Device summary > Enrolment details > Work account creation. Please do confirm that this status is shown as a success and if not, you could click the red refresh icon next to it in order to reinitiate the work account creation.

    Regarding the permissions that you are looking to have deployed, please note that only run time permissions can be deployed remotely from the portal. These would not include the initial set of permissions that the app mandatorily requires asked during the initial launch of the app, but rather the permissions to perform certain actions including but not limited to location, network access and camera. The reason for this limitation is due to the privacy policy and restrictions that have been set by Google.

    You could refer to this link to find out the various types of permissions that have been set by Android https://developer.android.com/guide/topics/permissions/overview

    If the permissions that you have deployed are run time permissions, please ensure that the policy association with the device has been successful from Manage > Click on the device name > Action history. If this is seen to be pending, please ensure that the device is connected to an active internet connection and you could try initiating a scan device action as well from Manage > Click on the device name > Actions > Scan device.

    You would also be able to confirm that the run time permissions have been set on the device by checking the permission status of the app on any one of the devices associated with the policy. This can be checked by navigating to the settings app on the device from Settings > Apps > Select the app > Permissions. You would be able to confirm whether the run time permissions have been set remotely.

    Please try out these steps and let us know if you need any further assistance. You could always reach out to our support team directly via mdm-support@hexnode.com and we shall be happy to help you out.

    Cheers!
    Jeff Black
    Hexnode MDM