Unknown macro: {next_previous_link3}
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

This sections provides the details of the REST APIs used to carry out functions related to policies via the EMM console:

Adding a policy via the console

Description

Add a policy using this REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy. Using the REST API command given below you are able to save a created Policy and this policy will be in the inactive state.

Resource Path/inactive-policy
URL/mdm-admin/policies/inactive-policy
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/inactive-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to add a policy as the as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/inactive-policy
 Sample output
> POST /mdm-admin/policies/inactive-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 420
< HTTP/1.1 201 Created
< Date: Thu, 25 Feb 2016 06:30:18 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
{"statusCode":201,"messageFromServer":"Policy has been added successfully."}
Sample JSON Definition 
{  
   "policyName":"Camera",
   "description":"Optional",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{  
      "profileName":"Camera",
      "deviceType":{  
         "id":1
      },
      "profileFeaturesList":[  
         {  
            "featureCode":"CAMERA",
            "deviceTypeId":1,
            "content":{  
               "enabled":true
            }
         }
      ]
   },
   "users":[],
   "roles":[]
}
Property valueDescription
policyName

The name of the policy.

DescriptionProvide a description on what the policy is based on.
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
ownershipType

Define the define ownership type using the values given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
profileProvide the policy profile details.
profileNameThe name of the policy that is being added.
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID for the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

profileFeaturesList Lists the features that belong to the profile.
featureCode

Provide the code that defines the policy you wish to add.

Example: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

deviceTypeIdThe ID used to define the type of the device platform.
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

enabled

In the context of adding a policy for cameras. The filed is used to define if the camera on the device is permitted to be used or not.

  • true - The camera is enabled.
  • false - the camera is disabled.
usersDefine the users the policy needs to be applied on. The policy will be applied on the respective users devices.
rolesDefine the roles the policy needs to be applied on. The policy will be applied on the respective user roles devices.

If you wish to add a new policy criteria than what is already supported (users and roles) you can do so by defining a new policy criteria within the "policyCriterias":[] field.

 

Adding an active policy

Description

Add a policy that is in the active state using the REST API command. When adding a policy you will have the option of saving the policy or saving and publishing the policy. Using the REST API command given below you are able to save and publish a created policy and this policy will be in the active state.

Resource Path/active-policy
URL/mdm-admin/policies/active-policy
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>' -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/active-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to add an active policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/active-policy
 Sample output
> POST /mdm-admin/policies/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 326a1824316a122152570d2dfd137ee7
> Content-Length: 420
< HTTP/1.1 201 OK
< Date: Thu, 25 Feb 2016 08:26:09 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
{"statusCode":201,"messageFromServer":"Policy has been added successfully."}
Sample JSON Definition 
{  
   "policyName":"Camera",
   "description":"Optional",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{  
      "profileName":"Camera",
      "deviceType":{  
         "id":1
      },
      "profileFeaturesList":[  
         {  
            "featureCode":"CAMERA",
            "deviceTypeId":1,
            "content":{  
               "enabled":true
            }
         }
      ]
   },
   "users":[],
   "roles":[]
}
Property valueDescription
policyName

The name of the policy.

DescriptionProvide a description on what the policy is based on.
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
ownershipType

Define the ownership type using the values given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
profileProvide the policy profile details.
profileNameThe name of the policy that is being added.
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID of the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

profileFeaturesListLists the features that belong to the profile.
featureCode

Provide the code that defines the policy you wish to add.

Example: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

deviceTypeIdThe ID used to define the type of the device platform.
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

enabled

In the context of adding a policy for cameras this filed is used to define if the camera on the device is permitted to be used or not.

  • true - The camera is enabled.
  • false - the camera is disabled.
usersDefine the users the policy needs to be applied on. The policy will be applied on the respective user's devices.
rolesDefine the roles the policy needs to be applied on. The policy will be applied on the respective user role's devices.

If you wish to add a new policy criteria than what is already supported (users and roles) you can do so by defining a new policy criteria within the "policyCriterias":[] field.

 

Getting details of policies

Description

Retrieve the details of all the policies that you have created in WSO2 EMM.

Resource Path/
URL/mdm-admin/policies/
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/
 Sample output
> GET /mdm-admin/policies/ HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 08:29:09 GMT
< Content-Type: application/json
< Content-Length: 1205
< Server: WSO2 Carbon Server
{"id":1,"priorityId":1,"profile":{"profileId":1,"profileName":"Camera","tenantId":-1234,"deviceType":{"id":1,"name":"android"},"createdDate":"Feb 25, 2016 12:00:18 PM","updatedDate":"Feb 25, 2016 12:00:18 PM","profileFeaturesList":[{"id":1,"featureCode":"CAMERA","profileId":1,"deviceTypeId":1,"content":"{\"enabled\":true}"}]},"policyName":"Camera","generic":false,"roles":[],"ownershipType":"ANY","devices":[],"users":[],"active":false,"updated":false,"description":"Optional","compliance":"enforce","policyCriterias":[],"tenantId":-1234,"profileId":1}
Sample JSON Definition 
{  
   "id":1,
   "priorityId":1,
   "profile":{  
      "profileId":1,
      "profileName":"Camera",
      "tenantId":-1234,
      "deviceType":{  
         "id":1,
         "name":"android"
      },
      "createdDate":"Feb 25, 2016 12:00:18 PM",
      "updatedDate":"Feb 25, 2016 12:00:18 PM",
      "profileFeaturesList":[  
         {  
            "id":1,
            "featureCode":"CAMERA",
            "profileId":1,
            "deviceTypeId":1,
            "content":"{\"enabled\":true}"
         }
      ]
   },
   "policyName":"Camera",
   "generic":false,
   "roles":[],
   "ownershipType":"ANY",
   "devices":[],
   "users":[],
   "active":true,
   "updated":true,
   "description":"Optional",
   "compliance":"enforce",
   "policyCriterias":[],
   "tenantId":-1234,
   "profileId":1
}
Property valueDescription
idThe policy ID.
priorityIdThe priority order of the policy. 1 indicates the highest priority.
profile

Contains the details of the profile that is included in the policy.

Example: The policy will contain a profile of disabling a camera on a device and encrypting the storage.

profileIdThe ID of each profile that is in the selected policy.
profileNameThe name of the profile.
tenantIdThe ID of the tenant that added the policy.
deviceTypeContains the device type details the policy was created for.
idThe ID of the device type.
nameThe device platform type.

createdDate

The date the policy was created.

updatedDate

The date the changes made to the policy was published to the devices registered with the EMM.
profileFeaturesListContains the features specific to each profile in the policy.
idThe ID of the feature list.
featurecode

The code specific for the feature of the profile.

The code that defines the profile. Example for feature codes: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

profileIdThe ID of the profile the features belong to.
deviceTypeIdThe Id of the device type.
contentContains the details of the features and the values assigned when adding the policy.
policyNameThe name of the policy.
rolesThe roles to whom the policy is applied on.
ownershipType

The policy ownership type. It can be any of the following values:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
devicesLists out the devices the policy is enforced on. This field will be empty if you have not defined the devices the policy needs to be applied on. If a policy is enforced on a device when the device registers with EMM, those device details will not be shown here.
usersLists out the users on whose devices the policy is enforced.
activateIf the value is true it indicates that the policy is active. If the value is false it indicates that the policy is inactive.
updatedIf you have made changes to the policy but have not applied these changes to the devices that are registered with EMM, then the value is defined as true. But if you have already applied any changes made to the policy then the value is defined as false.
descriptionGives a description on the policy.
compliance

Provides the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.

policyCriteria

When adding a policy if you have added a policy criteria other than the ones given via WSO2 EMM those additional details will be given here.
tenantIdThe ID of the tenant that created the policy.
profileIdThe ID of the profile.

 

Getting details of a policy

Description

Retrieve the details of a selected policy in WSO2 EMM.

Resource Path/{id}
URL/mdm-admin/policies/{id}
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/{id}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.
  • Provide the policy ID as the value for {id}. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details.

Example: Retrieve the policy details of the policy having the ID 1.

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/1
 Sample output
> GET /mdm-admin/policies/1 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 09:53:45 GMT
< Content-Type: application/json
< Content-Length: 652
< Server: WSO2 Carbon Server
{"id":1,"priorityId":1,"profile":{"profileId":1,"profileName":"Camera","tenantId":-1234,"deviceType":{"id":1,"name":"android"},"createdDate":"Feb 25, 2016 12:00:18 PM","updatedDate":"Feb 25, 2016 12:00:18 PM","profileFeaturesList":[{"id":1,"featureCode":"CAMERA","profileId":1,"deviceTypeId":1,"content":"{\"enabled\":true}"}]},"policyName":"Camera","generic":false,"roles":[],"ownershipType":"ANY","devices":[],"users":[],"active":false,"updated":false,"description":"Optional","compliance":"enforce","policyCriterias":[],"tenantId":-1234,"profileId":1}
Sample JSON Definition 
{  
   "id":1,
   "priorityId":1,
   "profile":{  
      "profileId":1,
      "profileName":"Camera",
      "tenantId":-1234,
      "deviceType":{  
         "id":1,
         "name":"android"
      },
      "createdDate":"Feb 25, 2016 12:00:18 PM",
      "updatedDate":"Feb 25, 2016 12:00:18 PM",
      "profileFeaturesList":[  
         {  
            "id":1,
            "featureCode":"CAMERA",
            "profileId":1,
            "deviceTypeId":1,
            "content":"{\"enabled\":true}"
         }
      ]
   },
   "policyName":"Camera",
   "generic":false,
   "roles":[  

   ],
   "ownershipType":"ANY",
   "devices":[],
   "users":[],
   "active":false,
   "updated":false,
   "description":"Optional",
   "compliance":"enforce",
   "policyCriterias":[],
   "tenantId":-1234,
   "profileId":1
}
Property valueDescription
idThe policy ID.
priorityIdThe priority order of the policy. 1 indicates the highest priority
profile

Contains the details of the profile that is included in the policy.

Example: The policy will contain a profile of disabling a camera on a device and encrypting the storage.

profileIdThe ID of each profile that is in the selected policy.
profileNameThe name of the profile.
tenantIdThe ID of the tenant that added the policy.
deviceTypeContains the device type details the policy was created for.
idThe ID of the device type.
nameThe device platform type.

createdDate

The date the policy was created.

updatedDate

The date the changes made to the policy was published to the devices registered with the EMM.
profileFeaturesListContains the features specific to each profile in the policy.
idThe ID of the feature list.
featurecode

The code specific for the feature of the profile.

The code that defines the profile. Example for feature codes: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

profileIdThe ID of the profile the features belong to.
deviceTypeIdThe Id of the device type.
contentContains the details of the features and the values assigned when adding the policy.
policyNameThe name of the policy.
rolesThe roles to whom the policy is applied on.
ownershipType

The policy ownership type. It can be any of the following values:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
devicesLists out the devices the policy is enforced on. This field will be empty if you have not defined to what devices the policy needs to be applied on. If a policy is enforced on a device when the device registers with EMM, those device details will not be shown here.
usersLists out the users on whose devices the policy is enforced.
activateIf the value is true it indicates that the policy is active. If the value is false it indicates that the policy is inactive.
updatedIf you have made changes to the policy but have not applied these changes to the devices that are registered with EMM, then the value is defined as true. But if you have already applied any changes made to the policy then the value is defined as false.
descriptionGives a description on the policy.
compliance

Provides the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.

policyCriteria

When adding a policy if you have added a policy criteria other than the ones given via WSO2 EMM those additional details will be given here.
tenantIdThe ID of the tenant that created the policy.
profileIdThe ID of the profile.

 

Updating a policy

DescriptionIf you wish to make changes to an existing policy, you can do so by updating the policy using the REST API command given below.
Resource Path/{id}
URL/mdm-admin/policies/{id}
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/{id}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to update the policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.
  • Provide the policy ID as the value for {id}. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

Example: Update the policy having the policy ID 1, with the changes defined in the policy.json file.

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/1
 Sample output
> PUT /mdm-admin/policies/1 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 571
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 11:29:30 GMT
< Content-Type: application/json
< Content-Length: 78
< Server: WSO2 Carbon Server
{"messageFromServer":"Policy has been updated successfully."}
Sample JSON
Definition 
{  
   "policyName":"Camera",
   "description":"Optional",
   "compliance":"enforce",
   "ownershipType":"ANY",
   "profile":{  
      "profileName":"Camera",
      "deviceType":{  
         "id":1
      },
      "profileFeaturesList":[  
         {  
            "featureCode":"CAMERA",
            "deviceTypeId":1,
            "content":{  
               "enabled":true
            }
         },
         {  
            "featureCode":"ENCRYPT_STORAGE",
            "deviceTypeId":1,
            "content":{  
               "encrypted":true
            }
         }
      ]
   },
   "roles":["ANY"]
}
Property valueDescription
policyName

The name of the policy.

DescriptionProvide a description on what the policy is based on.
Compliance

Define the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforce the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
ownershipType

Define the define ownership type. It will be one of the options given below:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied on the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
profileProvide the policy profile details.
profileNameThe name of the policy that is being added.
deviceType

The ID used to define the type of the device platform.

For more information on the unique ID for the device platforms supported by the EMM, see Getting Details of the Devices Supported via WSO2 EMM.

profileFeaturesList Lists the features that belong to the profile.
featureCode

Provide the code that defines the policy you wish to add.

Example: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

deviceTypeIdThe ID used to define the type of the device platform.
content

The list of parameters that define the policy.

For more information on the feature list for Windows policies, see profileFeaturesList - policy based.

enabled

In the context of adding a policy for cameras this filed is used to define if the camera is allowed to be used or not.

  • true - The camera is enabled.
  • false - the camera is disabled.
usersDefine the users the policy needs to be applied on. The policy will then be applied on the respective user's devices.
rolesDefine the roles the policy needs to be applied on. The policy will then be applied on the respective user role's devices.

 

Updating the policy priority

DescriptionIf you wish to make changes to the existing policy priority order, you can do so by updating the priority order using the REST API command given below.
Resource Path/priorities
URL/mdm-admin/policies/priorities
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/priorities
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to update the policy priority as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/priorities
 Sample output
> PUT /mdm-admin/policies/priorities HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 13:01:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200",messageFromServer":"Policy Priorities successfully updated."}
Sample JSON
Definition 
[  
   {  
      "id":2,
      "priority":1
   }
]
PropertyDescription
id

Define the ID of the policy. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

priorityDefine the priority of the order, where 1 indicates the highest priority.

 

Removing multiple policies

DescriptionIn situations where you need to delete more than one policy you can do so using the REST API command given below.
Resource Path/bulk-remove
URL/mdm-admin/policies/bulk-remove
HTTP MethodPOST
Request/Response Formatapplication/json
cURL command
curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/bulk-remove
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to remove multiple policies as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/bulk-remove
 Sample output
> POST /mdm-admin/policies/bulk-remove HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 06:35:00 IST
< Date: Thu, 25 Feb 2016 14:06:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200",messageFromServer":"Policies have been successfully deleted."}
Sample JSON
Definition 
[1,2]

Define the IDs of the policies you wish to delete. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

 

Activating policies

DescriptionUsing the REST API command you are able to publish a policy in order to bring a policy that is in the inactive state to the active state.
Resource Path/activate
URL/mdm-admin/policies/activate
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/activate
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to activate a policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/activate
 Sample output
> PUT /mdm-admin/policies/activate HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 06:35:00 IST
< Date: Thu, 25 Feb 2016 14:06:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200","messageFromServer": "Selected policies have been successfully activated."}
Sample JSON
Definition 
[{1,2}]

Define the ID/IDs of the policies you wish to publish. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

 

Deactivating policies

DescriptionUsing the REST API command you are able to unpublish a policy in order to bring a policy that is in the active state to the inactive state.
Resource Path/inactivate
URL/mdm-admin/policies/inactivate
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -d @'<JSON_PAYLOAD>'-k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/inactivate
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • Define the path to the JSON file, which includes the required properties to inactivate a policy as the <JSON_PAYLOAD> value. For more information, see the Sample JSON Definition.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -d @'policy.json' -k -v https://localhost:9443/mdm-admin/policies/inactivate
 Sample output
> PUT /mdm-admin/policies/inactivate HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
> Content-Length: 23
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 06:35:00 IST
< Date: Thu, 25 Feb 2016 14:06:57 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200","messageFromServer": "Selected policies have been successfully inactivated."}
Sample JSON
Definition 
[{1,2}]

Define the ID/IDs of the policies you wish to unpublish. If you are unsure of the policy IDs run the REST API command to retrieve all the policy details in WSO2 EMM.

 

Applying changes on policies

DescriptionPolicies in the active state will be applied to new device that register with WSO2 EMM based on the policy enforcement criteria . In a situation where you need to make changes to existing policies (removing, activating, deactivating and updating) or add new policies, the existing devices will not receive these changes immediately. Once all the required changes are made you need to apply the changes to push the policy changes to the existing devices.
Resource Path/apply-changes
URL/mdm-admin/policies/apply-changes
HTTP MethodPUT
Request/Response Formatapplication/json
cURL command
curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/apply-changes
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X PUT -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/apply-changes
 Sample output
> PUT /mdm-admin/policies/apply-changes HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Fri, 26 Feb 2016 11:35:02 GMT
< Content-Type: application/json
< Content-Length: 80
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Changes have been successfully updated."}

 

Starting policy monitoring

Description

WSO2 EMM monitors the devices to identify any devices that have not complied to an enforced policy. The policy monitoring task begins at the point WSO2 EMM has a a published policy. It will monitor the device based on the policy monitoring frequency that you define in milliseconds.

Using this REST API to start the policy monitoring task is optional as WSO2 EMM uses an OSGI call to start the monitoring task.

Resource Path/start-task/{milliseconds}
URL/mdm-admin/policies/start-task/{milliseconds}
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/start-task/{milliseconds}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/start-task/6000
 Sample output
> GET /mdm-admin/policies/start-task/600 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Fri, 26 Feb 2016 11:50:37 GMT
< Content-Type: application/json
< Content-Length: 88
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Policy monitoring service started successfully."}

 

Updating policy monitoring

Description

WSO2 EMM monitors the devices to identify any devices that have not complied to an enforced policy. If you wish to update the policy monitoring frequency you can do so using the following REST API command.

Resource Path/update-task/{milliseconds}
URL/mdm-admin/policies/update-task/{milliseconds}
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/update-task/{milliseconds}
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/update-task/6500
 Sample output
> GET /mdm-admin/policies/update-task/6500 HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Sat, 27 Feb 2016 07:23:15 GMT
< Content-Type: application/json
< Content-Length: 88
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Policy monitoring service updated successfully."}

 

Stopping policy monitoring

Description

WSO2 EMM monitors the devices to identify any devices that have not complied to an enforced policy. The policy monitoring task begins at the point WSO2 EMM has a a published policy. If you wish to stop the policy monitoring task you can do so by using the REST API command given below.

Resource Path/stop-task
URL/mdm-admin/policies/stop-task
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/stop-task
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/stop-task
 Sample output
> GET /mdm-admin/policies/stop-task HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Sat, 27 Feb 2016 07:31:50 GMT
< Content-Type: application/json
< Content-Length: 88
< Server: WSO2 Carbon Server
{"statusCode":200,"messageFromServer":"Policy monitoring service stopped successfully."}

 

Getting policy enforced details of a device

Description

When a device registers with WSO2 EMM a policy is enforced on the device. Initially, the EMM filters the policies based on the Platform (device type), filters based on the device ownership type , filters based on the user role or name and finally the policy is enforced on the device.

For more information, see Managing Policies.

Resource Path/{type}/{id}/active-policy
URL/mdm-admin/policies/{type}/{id}/active-policy
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/{type}/{id}/active-policy
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.
  • Define the device type as the value for {type}. Example: ios, android, windows.
  • Define the device ID as the value for {id}.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/iso/ee07b9c45904ef3af3tt5r4t13d0d6cd58a4567y/active-policy
 Sample output
> GET /mdm-admin/policies/ios/ee07b9c45904ef3af3tt5r4t13d0d6cd58a4567y/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Sat, 27 Feb 2016 08:04:28 GMT
< Content-Type: application/json
< Content-Length: 797
< Server: WSO2 Carbon Server
{"id":38,"priorityId":3,"profile":{"profileId":38,"profileName":"iOS Policies","tenantId":-1234,"deviceType":{"id":33,"name":"ios"},"createdDate":"Feb 27, 2016 1:33:13 PM","updatedDate":"Feb 27, 2016 1:33:13 PM","profileFeaturesList":[{"id":39,"featureCode":"PASSCODE_POLICY","profileId":38,"deviceTypeId":33,"content":"{\"forcePIN\":true,\"allowSimple\":true,\"requireAlphanumeric\":true,\"minLength\":\"10\",
\"minComplexChars\":\"3\",\"maxPINAgeInDays\":\"50\",\"pinHistory\":\"25\",\"maxInactivity\":\"3\",
\"maxGracePeriod\":\"1\",\"maxFailedAttempts\":\"6\"}"}]},"policyName":"iOS Policies","generic":false,
"roles":["ANY"],"ownershipType":"BYOD","devices":[],"users":[],"active":true,"updated":false,"description":"","compliance":"enforce","policyCriterias":[],"tenantId":-1234,"profileId":38}
Sample JSON output
{  
   "id":38,
   "priorityId":3,
   "profile":{  
      "profileId":38,
      "profileName":"iOS Policies",
      "tenantId":-1234,
      "deviceType":{  
         "id":33,
         "name":"ios"
      },
      "createdDate":"Feb 27, 2016 1:33:13 PM",
      "updatedDate":"Feb 27, 2016 1:33:13 PM",
      "profileFeaturesList":[  
         {  
            "id":39,
            "featureCode":"PASSCODE_POLICY",
            "profileId":38,
            "deviceTypeId":33,
            "content":"{\"forcePIN\":true,\"allowSimple\":true,\"requireAlphanumeric\":true,\"minLength\":\"10\",
\"minComplexChars\":\"3\",\"maxPINAgeInDays\":\"50\",\"pinHistory\":\"25\",\"maxInactivity\":\"3\",
\"maxGracePeriod\":\"1\",\"maxFailedAttempts\":\"6\"}"
         }
      ]
   },
   "policyName":"iOS Policies",
   "generic":false,
   "roles":["ANY"],
   "ownershipType":"BYOD",
   "devices":[],
   "users":[],
   "active":true,
   "updated":false,
   "description":"",
   "compliance":"enforce",
   "policyCriterias":[],
   "tenantId":-1234,
   "profileId":38
}
Property valueDescription
idThe policy ID.
priorityIdThe priority order of the policy. 1 is defined as the highest priority policy.
profile

Contains the details of the profile that is included in the policy.

Example: The policy will contain a profile of disabling a camera on a device and encrypting the storage.

profileIdThe ID of each profile that is in the selected policy.
profileNameThe name of the profile.
tenantIdThe ID of the tenant that added the policy.
deviceTypeContains the device type details the policy was created for.
idThe ID of the device type.
nameThe device platform type.

createdDate

The date the policy was created.

updatedDate

The date the changes made to the policy was published to the devices registered with the EMM.
profileFeaturesListContains the features specific to each profile in the policy.
idThe ID of the feature list.
featurecode

The code specific for the feature of the profile.

The code that defines the profile. Example for feature codes: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.

profileIdThe ID of the profile the features belong to.
deviceTypeIdThe Id of the device type.
contentContains the details of the features and the values assigned when adding the policy.
policyNameThe name of the policy.
rolesThe roles to whom the policy is applied on.
ownershipType

The policy ownership type. It can be any of the following values:

  • ANY - The policy will be applied on the BYOD and COPE device types.
  • BYOD (Bring Your Own Device) - The policy will only be applied to the BYOD device type.
  • COPE (Corporate-Owned, Personally-Enabled) - The policy will only be applied to the COPE device type.
devicesLists the devices that the policy is enforced on. This field will be empty if you have not defined to what devices the policy needs to be applied on. If a policy is enforced on a device when the device registers with EMM, those device details will not be shown here.
usersLists the users on whose devices the policy is enforced.
activateIf the value is true it indicates that the policy is active. If the value is false it indicates that the policy is inactive.
updatedIf you have made changes to the policy but have not applied these changes to the devices that are registered with EMM, then the value is defined as true. But if you have already applied any changes made to the policy then the value is defined as false.
descriptionGives a description of the policy.
compliance

Provides the non-compliance rules. WSO2 EMM provides the following non-compliance rules:

  • Enforce - Forcefully enforces the policies on the devices.
  • Warning - If the device does not adhere to the given policies a warning message will be sent.
  • Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.

policyCriteria

When adding a policy if you have added the policy criteria other than the ones given via WSO2 EMM those additional details will be given here.
tenantIdThe ID of the tenant that created the policy.
profileIdThe ID of the profile.

 

Getting the policy count

DescriptionGet the number of policies that are created in WSO2 EMM.
Resource Path/count
URL/mdm-admin/policies/count
HTTP MethodGET
Request/Response Formatapplication/json
cURL command
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/count
  • For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
  • By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
  • By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/count
 Sample output
> GET /mdm-admin/policies/count HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Thu, 25 Feb 2016 10:58:30 GMT
< Content-Type: application/json
< Content-Length: 1
< Server: WSO2 Carbon Server
10
Sample JSON Output
Definition 

Provides the number of policies in WSO2 EMM at the time of running the REST API command as an integer value.

Example: As per the above sample output there are 10 policies in the EMM.

 

  • No labels