Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version 2

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Permissions associated with the APIs

Excerpt

 The following section describes the permission associated with the APIs under different areas:

...

Localtabgroup
Localtab
titleAndroid

Permissions related to the Android platform

The following section describes the permissions associated with the APIs:

Permission

Description

device-mgt/android/devices/enroll

Permission to access the device enrollment API.

device-mgt/android/devices/list

Permission to access the get all devices API.

device-mgt/android/devices/update

Permission to access the device information update API.

device-mgt/android/devices/update-app

Permission to access the device application list update API.

device-mgt/android/devices/view

Permission to access the get device API.

device-mgt/android/license/view

Permission to access the get android license API.

device-mgt/android/operations/{OPERATION_NAME}

There are several permissions that have the same format. Each one of those permissions represents a permission required to access a API related to Android device operations.

Example: device-mgt/android/operations/lock permission governs the access to lock the operation API.

device-mgt/android/operations/poll

Permission to access the get pending-operations API.

device-mgt/android/policies/view

Permission to access the get effective policy & features API.

device-mgt/android/tenant/configuration/view

Permission to access the get android configuration API.

device-mgt/android/tenant/configuration/modify

Permission to access the add/update android configuration APIs.

Localtab
titleiOS

Permissions related to the iOS platform

The following section describes the permissions associated with the APIs:

PermissionDescription
/device-mgt/ios-enrollment/licensePermission required to access retrieve the iOS license API.
/device-mgt/ios/operation/updateoperationPermission required to access the update operation API.
/device-mgt/ios/operation/cellularPermission required to access the cellular operation adding API.
/device-mgt/ios/operation/apnPermission required to access the APN operation adding API.
/device-mgt/ios/operation/ldapPermission required to access the LDAP operation adding API.
/device-mgt/ios/operation/emailPermission required to access email operation adding API.
/device-mgt/ios/operation/enterpriseapplicationPermission required to access the enterprise application operation adding API.
/device-mgt/ios/operation/storeapplicationPermission required to access the store application operation adding API.
/device-mgt/ios/operation/removeapplicationPermission required to access the remove application operation adding API.
/device-mgt/ios/operation/applicationlistPermission required to access the application list operation adding API.
/device-mgt/ios/operation/profilelistPermission required to access the profile list operation adding API.
/device-mgt/ios/operation/lockPermission required to access the lock operation adding API.
/device-mgt/ios/operation/enterprisewipePermission required to access the enterprise wipe operation adding API.
/device-mgt/ios/operation/deviceinfoPermission required to access the device info operation adding API.
/device-mgt/ios/operation/restrictionPermission required to access the restriction operation adding API.
/device-mgt/ios/operation/wifiPermission required to access the WiFi operation adding API.
/device-mgt/ios/operation/alarmPermission required to access the alarm operation adding API.
/device-mgt/ios/operation/locationPermission required to access the location operation adding API.
/device-mgt/ios/operation/airplayPermission required to access the airplay operation adding API.
/device-mgt/ios/operation/caldavPermission required to access the CalDav operation adding API.
/device-mgt/ios/operation/calsubscriptionPermission required to access the calendar subscription operation adding API.
/device-mgt/ios/operation/passcodepolicyPermission required to access the passcode policy operation adding API.
/device-mgt/ios/operation/webclipPermission required to access the webclip operation adding API.
/device-mgt/ios/operation/vpnPermission required to access the VPN operation adding API.
/device-mgt/ios/operation/perappvpnPermission required to access the per app VPN operation adding API.
/device-mgt/ios/operation/apptoperappvpnmappingPermission required to access the app to per app VPN mapping operation adding API.
/device-mgt/ios/operation/applockPermission required to access the app lock operation adding API.
/device-mgt/ios/operation/clearpasscodePermission required to access the clear passcode operation adding API.
/device-mgt/ios/operation/messagePermission required to access the message operation adding API.
/device-mgt/ios/operation/removeprofilePermission required to access the remove profile operation adding API.
/device-mgt/ios/operation/installedrestrictionsPermission required to access the installed restrictions operation adding API.
/device-mgt/ios/configurationPermission required to access the configuration operation adding API.
/device-mgt/ios/configurationPermission required to access the configuration get operation API.
/device-mgt/ios/configurationPermission required to access the configuration update operation API.
/device-mgt/ios/device/infoPermission required to access the get device info API.
/device-mgt/ios/device/pushtokenPermission required to access the update APNS token API.
/device-mgt/ios/device/locationPermission required to access the update location operation API.
/device-mgt/ios/device/udidPermission required to access the operation adding API.
/device-mgt/ios/device/applicationsPermission required to access the get application list API.
Localtab
titleWindows

Permissions related to the Windows platform

The following section describes the permissions associated with the APIs:

Permission

Description

device-mgt/windows/devices/getBST

Permission to access the get BST API.

device-mgt/windows/devices/getPolicy

Permission to access the get CSR policy API.

device-mgt/windows/devices/requestSecurityToken

Permission to access the provide CSR API.

device-mgt/windows/operations/{OPERATION_NAME}

There are several permissions adhering to this format. Each one of those permissions represents a permission required to access a API related to windows device operations.

Example: device-mgt/windows/operations/lock permission will govern the access to lock the operation API.

device-mgt/windows/policies/view

Permission to access the get effective policy & features API.

device-mgt/windows/license/view

Permission to access the get windows license API.

device-mgt/windows/tenant/configuration/view

Permission to access the get windows configuration API.

device-mgt/windows/tenant/configuration/modify

Permission to access the add/update windows configuration APIs.

Localtab
titleEMM admin

Permissions related to the EMM Admin

The following section describes the permissions associated with the APIs:

  

admin-device-access

Allows user to perform operations and configure policies for any device.

device-mgt/devices/count

Permission to access the device count API.

device-mgt/devices/list

Permission to access the get all devices API.

device-mgt/devices/types

Permission to access the get all device types API.

device-mgt/devices/view

Permission to access and retrieve device information from the APIs.

device-mgt/features/view

Permission to access and retrieve device features from the APIs.

device-mgt/notifications/view

Permission to access the get all notifications API.

device-mgt/notifications/add

Permission to access the add notification API.

device-mgt/operations/view

Permission to access the get all operations API.

device-mgt/operations/add

Permission to access the add operation API.

device-mgt/operations/application/view

Permission to access the get applications of the device API.

device-mgt/operations/application/install

Permission to access the add application-install operation API.

device-mgt/operations/application/uninstall

Permission to access the add application-uninstall operation API.

device-mgt/policies/view

Permission to access and retrieve policy information from the APIs.

device-mgt/policies/add

Permission to access the APIs related to add policy.

device-mgt/policies/delete

Permission to access the delete policy API.

device-mgt/policies/update

Permission to access theAPIs related to update policies.

device-mgt/policies/bulk-remove

Permission to access the bulk-policy delete API.

device-mgt/policies/compliance

Permission to access the policy-complaince API.

device-mgt/policies/task

Permission to access the APIs related to policy task service (start/update/stop task).

device-mgt/profiles/add

Permission to access the add profile API.

device-mgt/profiles/delete

Permission to access the delete profile API.

device-mgt/profiles/update

Permission to access the modify profile API.

device-mgt/roles/add

Permission to access the add role API.

device-mgt/roles/delete

Permission to access the delete role API.

device-mgt/roles/update

Permission to access the modify role API.

device-mgt/users/view

Permission to access the get user details API.

device-mgt/users/add

Permission to access the add user API.

device-mgt/users/delete

Permission to access the delete user API.

device-mgt/users/update

Permission to access the modify user API.

device-mgt/users/devices

Permission to access the get user devices API.

device-mgt/users/invite

Permission to access the invite user API.

device-mgt/users/reset-password

Permission to access the reset user password API.

device-mgt/users/roles

Permission to access the get user roles API.

device-mgt/tenant/configuration/view

Permission to access the get general configuration API.

device-mgt/tenant/configuration/modify

Permission to access the update general configuration API.

Localtab
titleOther

Other permissions

The following section describes the permissions associated other functions:

  

device-mgt/Device Management Admin/*

Defines the permission to access the UI.

login

Enables users to login.