Getting Policy Enforced Details of a Device

Description

When a device registers with WSO2 EMM a policy is enforced on the device. Initially, the EMM filters the policies based on the Platform (device type), filters based on the device ownership type , filters based on the user role or name and finally the policy is enforced on the device.

For more information, see Working with Policies.

Resource Path /{type}/{id}/active-policy

URL /mdm-admin/policies/{type}/{id}/active-policy

HTTP Method GET

Request/Response Format application/json

cURL command

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer <EMM_API_TOKEN>" -k -v https://<EMM_HOST>:<EMM_HTTPS_PORT>/mdm-admin/policies/{type}/{id}/active-policy

For more information on how to generate the <EMM_API_TOKEN>, see Generating the EMM API Token.
By default, <EMM_HOST> is localhost. However, if you are using a public IP, the respective IP address or domain needs to be specified.
By default, <EMM_HTTPS_PORT> has been set to 9443. However, if the port offset has been incremented by n, the default port value needs to be incremented by n.
Define the device type as the value for {type}. Example: ios, android, windows.
Define the device ID as the value for {id}.

Example:

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a" -k -v https://localhost:9443/mdm-admin/policies/iso/ee07b9c45904ef3af3tt5r4t13d0d6cd58a4567y/active-policy

Sample output

> GET /mdm-admin/policies/ios/ee07b9c45904ef3af3tt5r4t13d0d6cd58a4567y/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 33392fb365b3ac693b405b565ddc8a3a
< HTTP/1.1 200 OK
< Cache-Control: private
< Expires: Thu, 01 Jan 1970 05:30:00 IST
< Date: Sat, 27 Feb 2016 08:04:28 GMT
< Content-Type: application/json
< Content-Length: 797
< Server: WSO2 Carbon Server
{"id":38,"priorityId":3,"profile":{"profileId":38,"profileName":"iOS Policies","tenantId":-1234,"deviceType":{"id":33,"name":"ios"},"createdDate":"Feb 27, 2016 1:33:13 PM","updatedDate":"Feb 27, 2016 1:33:13 PM","profileFeaturesList":[{"id":39,"featureCode":"PASSCODE_POLICY","profileId":38,"deviceTypeId":33,"content":"{\"forcePIN\":true,\"allowSimple\":true,\"requireAlphanumeric\":true,\"minLength\":\"10\",
\"minComplexChars\":\"3\",\"maxPINAgeInDays\":\"50\",\"pinHistory\":\"25\",\"maxInactivity\":\"3\",
\"maxGracePeriod\":\"1\",\"maxFailedAttempts\":\"6\"}"}]},"policyName":"iOS Policies","generic":false,
"roles":["ANY"],"ownershipType":"BYOD","devices":[],"users":[],"active":true,"updated":false,"description":"","compliance":"enforce","policyCriterias":[],"tenantId":-1234,"profileId":38}

Sample JSON output

{  
   "id":38,
   "priorityId":3,
   "profile":{  
      "profileId":38,
      "profileName":"iOS Policies",
      "tenantId":-1234,
      "deviceType":{  
         "id":33,
         "name":"ios"
      },
      "createdDate":"Feb 27, 2016 1:33:13 PM",
      "updatedDate":"Feb 27, 2016 1:33:13 PM",
      "profileFeaturesList":[  
         {  
            "id":39,
            "featureCode":"PASSCODE_POLICY",
            "profileId":38,
            "deviceTypeId":33,
            "content":"{\"forcePIN\":true,\"allowSimple\":true,\"requireAlphanumeric\":true,\"minLength\":\"10\",
\"minComplexChars\":\"3\",\"maxPINAgeInDays\":\"50\",\"pinHistory\":\"25\",\"maxInactivity\":\"3\",
\"maxGracePeriod\":\"1\",\"maxFailedAttempts\":\"6\"}"
         }
      ]
   },
   "policyName":"iOS Policies",
   "generic":false,
   "roles":["ANY"],
   "ownershipType":"BYOD",
   "devices":[],
   "users":[],
   "active":true,
   "updated":false,
   "description":"",
   "compliance":"enforce",
   "policyCriterias":[],
   "tenantId":-1234,
   "profileId":38
}

Property value	Description
`id`	The policy ID.
`priorityId`	The priority order of the policy. 1 is defined as the highest priority policy.
`profile`	Contains the details of the profile that is included in the policy. Example: The policy will contain a profile of disabling a camera on a device and encrypting the storage.
`profileId`	The ID of each profile that is in the selected policy.
`profileName`	The name of the profile.
`tenantId`	The ID of the tenant that added the policy.
`deviceType`	Contains the device type details the policy was created for.
`id`	The ID of the device type.
`name`	The device platform type.
`createdDate`	The date the policy was created.
`updatedDate`	The date the changes made to the policy was published to the devices registered with the EMM.
`profileFeaturesList`	Contains the features specific to each profile in the policy.
`id`	The ID of the feature list.
`featurecode`	The code specific for the feature of the profile. The code that defines the profile. Example for feature codes: `PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.`
`profileId`	The ID of the profile the features belong to.
`deviceTypeId`	The Id of the device type.
`content`	Contains the details of the features and the values assigned when adding the policy.
`policyName`	The name of the policy.
`roles`	The roles to whom the policy is applied on.
`ownershipType`	The policy ownership type. It can be any of the following values: `ANY` - The policy will be applied on the BYOD and COPE device types. `BYOD` (Bring Your Own Device) - The policy will only be applied on the BYOD device type. `COPE` (Corporate-Owned, Personally-Enabled) - The policy will only be applied on the COPE device type.
`devices`	Lists out the devices the policy is enforced on. This field will be empty if you have not defined to what devices the policy needs to be applied on. If a policy is enforced on a device when the device registers with EMM, those device details will not be shown here.
`users`	Lists out the users on whose devices the policy is enforced.
`activate`	If the value is true it indicates that the policy is active. If the value is false it indicates that the policy is inactive.
`updated`	If you have made changes to the policy but have not applied these changes to the devices that are registered with EMM, then the value is defined as true. But if you have already applied any changes made to the policy then the value is defined as false.
`description`	Gives a description on the policy.
`compliance`	Provides the non-compliance rules. WSO2 EMM provides the following non-compliance rules: Enforce - Forcefully enforce the policies on the devices. Warning - If the device does not adhere to the given policies a warning message will be sent. Monitor - If the device does not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported.
`policyCriteria`	When adding a policy if you have added a policy criteria other than the ones given via WSO2 EMM those additional details will be given here.
`tenantId`	The ID of the tenant that created the policy.
`profileId`	The ID of the profile.