14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Managing 'Android Enterprise' Devices
  3. App management

Category filter

How to Blocklist / Allowlist apps in Android Enterprise enabled devices

Jump To

Organizations may require certain groups of apps to be allowed while preventing access to the rest of the applications. Situations like these necessitate the administrators to allow/block access to a set of applications.

Hexnode, with its immense device management capabilities, allows you to create a blocklist, which is a list of apps to be hidden or rendered unusable, or a allowlist, which is a list of apps to be allowed access on the devices. This allows to prevent the users’ access to inappropriate apps or allows users to access only the required applications.

You can blocklist or allowlist applications on devices enrolled in Android Enterprise; a Google-led initiative for easy management of corporate deployed devices.

Android Enterprise can be configured either in Profile Owner mode or Device Owner Mode.

Blocklisting Apps in Profile Owner mode

Warning

Only the work apps (ones with the work badge) can be blocklisted.

  1. Login to your Hexnode portal.
  2. Go to Policies.
  3. Select an existing policy or create a new policy by clicking on New Policy.
  4. From Android Settings select App Management > Blocklist/Allowlist and click on Configure.
  5. Change the Type to Blocklist.
  6. Click on +Add to add either an app or App group.
  7. Select the apps to be blocklisted and click on Done.
  8. Next, associate the policy to the target devices by clicking on Policy Targets > +Add Device. Choose the device and click Save. The policy will be pushed to the device.

Notes:

  • When blocklisted, the work app gets hidden from the device.
  • Users are not allowed to install or update a blocklisted app. If you try to install/update a blocklisted app, you will receive a notification in the device specifying that the action is restricted.

Allowlisting Apps in Profile Owner mode

Warning

Only the work apps (ones with the work badge) can be allowlisted.

  1. Login to your Hexnode portal.
  2. Go to Policies.
  3. Select an existing policy or create a new policy by clicking on New Policy.
  4. From Android select App Management > Blocklist/Allowlist and click on Configure.
  5. Change the Type to Allowlist.
  6. Enable the option Blocklist all non-launchable apps to blocklist the non-launchable applications (for example, Google Play services, Android System WebView, etc.) explicitly.
  7. Click on +Add to add either an app or App group.
  8. Select the apps to be allowlisted and click on Done.
  9. Now, add the target devices under Policy Targets > +Add Device and save the policy.

Allowlisted apps on Android devices enrolled in Android Enterprise Profile Owner.

Notes:

  • When allowlisted, it shows only the allowlisted work apps in the work profile.
  • Allowlisting a set of apps will automatically recognize the rest of the apps (except a few non-launchable apps such as Google Play Services necessary for proper device functioning) as blocklisted.
  • In the profile owner mode, the work profile will show only the allowlisted work apps and Hexnode for Work app. The user will not be able to install any other app from Play for Work. If you try to install a non-allowlisted app from Play for Work, you will receive a notification in the device specifying that the action is restricted.

Blocklisting Apps in Device Owner Mode

  1. Login to your Hexnode portal.
  2. Go to Policies.
  3. Select an existing policy or create a new policy by clicking on New Policy.
  4. From Android select App Management > Blocklist/Allowlist and click on Configure.
  5. Select the Blocklist button.
  6. Click on +Add to add either an app or App group.
  7. Select the apps to be blocklisted and click on Done.
  8. Apply the policy with the target devices by navigating to Policy Target > +Add Device.


Notes:

  • When blocklisted, the apps get hidden from the device.
  • Users are not allowed to install or update a blocklisted app. If you try to install/update a blocklisted app you will receive a notification specifying that the action is restricted.

Allowlisting Apps in Device Owner mode

  1. Login to your Hexnode portal.
  2. Go to Policies.
  3. Select an existing policy or create a new policy by clicking on New Policy.
  4. From Android select App Management > Blocklist/Allowlist and click on Configure.
  5. Select the Allowlist button.
  6. Enable the option Blocklist all non-launchable apps to blocklist the non-launchable applications (for example, Google Play services, Android System WebView, etc.) explicitly.
  7. Click on +Add to add either an app or App group.
  8. Select the apps to be allowlisted and click on Done.
  9. Now, move to Policy Targets > +Add Device. Choose your device and save the policy.

Allowlisted apps on Android devices enrolled in Android Enterprise Device Owner

Notes:

  • When allowlisted, it shows only the allowlisted apps and Hexnode for Work app in the entire device.
  • Allowlisting a set of apps will automatically recognize the rest of the apps (except a few non-launchable apps such as Google Play Services necessary for proper device functioning) as blocklisted. In the device owner mode, the device will only show the allowlisted apps and Hexnode for Work app. The user will not be able to install any other app from the Play Store. If you try to install a non-allowlisted app from the Play Store, you will receive a notification in the device specifying that the action is restricted.


Exceptions:

  • It is not possible to add a blocklisted app in kiosk mode.
  • If the apps are allowlisted, then only the allowlisted apps can be added in kiosk mode.

Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • Managing 'Android Enterprise' Devices