Resource Definition to Add Restriction Operations on iOS Devices
- Former user (Deleted)
A sample resource definition, together with details on the information that is added in the JSON are as follows:
Sample definition JSON to add restriction operations and single app mode applications on iOS devices
The following is the sample JSON:
{
"operation": {
"allowAddingGameCenterFriends": true,
"allowAppInstallation": true,
"allowAppRemoval": true,
"allowAssistant": true,
"allowAssistantUserGeneratedContent": true,
"allowAssistantWhileLocked": true,
"allowCamera": true,
"allowCloudBackup": true,
"allowCloudDocumentSync": true,
"allowCloudKeychainSync": true,
"allowDiagnosticSubmission": true,
"allowExplicitContent": true,
"allowFingerprintForUnlock": true,
"allowGlobalBackgroundFetchWhenRoaming": true,
"allowInAppPurchases": true,
"allowLockScreenControlCenter": true,
"allowHostPairing": true,
"allowLockScreenTodayView": true,
"allowMultiplayerGaming": true,
"allowOpenFromManagedToUnmanaged": true,
"allowOpenFromUnmanagedToManaged": true,
"allowOTAPKIUpdates": true,
"allowPassbookWhileLocked": true,
"allowPhotoStream": true,
"allowSafari": true,
"safariAllowAutoFill": true,
"safariForceFraudWarning": true,
"safariAllowJavaScript": true,
"safariAllowPopups": true,
"allowScreenShot": true,
"allowSharedStream": true,
"allowUntrustedTLSPrompt": true,
"allowVideoConferencing": true,
"allowVoiceDialing": true,
"allowYouTube": true,
"allowiTunes": true,
"forceAssistantProfanityFilter": true,
"forceEncryptedBackup": true,
"forceITunesStorePasswordEntry": true,
"forceLimitAdTracking": true,
"forceAirPlayOutgoingRequestsPairingPassword": true,
"forceAirPlayIncomingRequestsPairingPassword": true,
"allowManagedAppsCloudSync": true,
"allowActivityContinuation": true,
"allowEnterpriseBookBackup": true,
"allowEnterpriseBookMetadataSync": true,
"allowFingerprintModification": true,
"safariAcceptCookies": 0,
"forceWatchWristDetection": true,
"ratingApps": 1000,
"ratingMovies": 1000,
"ratingRegion": "us",
"ratingTVShows": 1000,
"autonomousSingleAppModePermittedAppIDs": [
"org.wso2.wso2con",
"org.wso2.mdm.agent"
]
},
"deviceIDs": [
"2be702beaaf4ad34fc9e7f8da2b6b808c453fa72b",
"2ec33430ad456713c633de75b2219376bac45de56"
]
}
Property definitions
All the properties that correspond to adding restriction operations are explained as follows:
Property | Description |
|
| Data | Example |
|---|---|---|---|---|---|
operation
| This specifies the operation that is to be applied on the Android device. | Yes | N/A | operation | - |
| ID of the iOS device. Multiple device IDs can be added by using comma separated values. | Yes | N/A | String | 2be702beaaf4ad34fc9e7f8da2b6b808c453fa72b |
operation
Property | Description |
|
| Data | Example |
|---|---|---|---|---|---|
allowAddingGameCenterFriends | Prohibits adding friends to Game Center, if the value is set to false. | No | false | Boolean | true |
allowAppInstallation | The App Store is disabled and its icon is removed from the Home screen when the value is set to false. Users are unable to install or update their applications. | No | false | Boolean | true |
allowAppRemoval | Disables removal of apps from iOS devices when the value is set to false. | No | false | Boolean | true |
allowAssistant | Disables Siri when the value is set to false. | No | true | Boolean | false |
allowAssistantUserGeneratedContent | Prevents Siri from querying user-generated content from the web if the value is set to false. | No | true | Boolean | false |
allowAssistantWhileLocked | The user is unable to use Siri when the device is locked, when the value is set to false. This restriction is ignored if the device does not have a passcode set. Availability: iOS 5.1 and later. | No | true | Boolean | false |
allowCamera | The camera is completely disabled and its icon is removed from the Home screen when the value is set to false. Further if false, users are unable to take photographs. | No | false | Boolean | true |
allowCloudBackup | Disables backing up the device to iCloud if the value is set to false. Availability: iOS 5.0 and later. | No | false | Boolean | true |
allowCloudDocumentSync | Disables document and key-value syncing to iCloud when set to false. Availability: iOS 5.0 and later. | No | false | Boolean | true |
allowCloudKeychainSync | Disables Cloud keychain synchronization, if the value is set to false. Availability: Only in iOS 7.0 and later. | No | true | Boolean | false |
allowDiagnosticSubmission | Prevents the device from automatically submitting diagnostic reports to Apple, when the value is set to false. Availability: O nly in iOS 6.0 and later. | No | true | Boolean | false |
allowExplicitContent | Explicit music or video content purchased from the iTunes Store is hidden when the value is set to false. Explicit content is marked by content providers, such as record labels, when sold through the iTunes Store. | No | false | Boolean | true |
allowFingerprintForUnlock | Prevents the Touch ID from unlocking a device, if the value is set to false. Availability: iOS 7 and later. | No | false | Boolean | true |
allowGlobalBackgroundFetchWhenRoaming | Disables global background fetch activity when an iOS phone is on roaming when the value is set to false. | No | false | Boolean | true |
allowInAppPurchases | Prohibits in-app purchasing when the value is set to false. | No | false | Boolean | true |
allowLockScreenControlCenter | Prevents the Control Center from appearing on the Lock screen if the value is set to false. Availability: i OS 7 and later. | No | false | Boolean | true |
allowHostPairing | Host pairing is disabled with the exception of the supervision host when the value is set to false. If no supervision host certificate has been configured, all pairing is disabled. Host pairing lets the administrator control which devices an iOS 7 device can pair with. Availability: Only in iOS 7.0 and later. | Yes | false | Boolean | true |
allowLockScreenTodayView | The Today view in the Notification Center on the lock screen is disabled when the value is set to false. Availability: Only in iOS 7.0 and later. | No | false | Boolean | true |
allowMultiplayerGaming | Prohibits multiplayer gaming when the value to set to false. | No | false | Boolean | true |
allowOpenFromManagedToUnmanaged | Documents managed apps and the accounts only open in other managed apps and accounts if the value is se to false. Availability: Only in iOS 7.0 and later. | No | true | Boolean | false |
allowOpenFromUnmanagedToManaged | Documents unmanaged apps and the accounts will only open in other unmanaged apps and accounts if the value is set to false. Availability: Only in iOS 7.0 and later. | No | true | Boolean | false |
allowOTAPKIUpdates | The over-the-air PKI updates are disabled when the value is set to false. Setting this restriction to false does not disable CRL and OCSP checks. Availability: Only in iOS 7.0 and later. | No | true | Boolean | false |
allowPassbookWhileLocked | Passbook notifications will not be shown on the lock screen when the value is set to false. Availability: iOS 6.0 and later. | No | true | Boolean | false |
allowPhotoStream | Disables Photo Stream if the value is false. Availability: iOS 5.0 and later. | No | False | Boolean | True |
allowSafari | The Safari web browser application is disabled and its icon removed from the Home screen when the value is set to false. This also prevents users from opening web clips. | No | false | Boolean | true |
safariAllowAutoFill | The Safari auto-fill is disabled when the value is set to false. | No | true | Boolean | false |
safariForceFraudWarning | The Safari fraud warning is enabled if the value is set to false. | No | false | Boolean | true |
safariAllowJavaScript | Safari will not execute JavaScript when the value is set to false. | No | true | Boolean | false |
safariAllowPopups | Safari will not allow pop-up tabs when the value is set to false. | No | true | Boolean | false |
allowScreenShot | Users are unable to save a screenshot of the display if the value is set to false. | No | true | Boolean | false |
allowSharedStream | Shared Photo Stream will be disabled if the value is set to false. Availability: iOS 6.0 and later. | No | true | Boolean | false |
allowUntrustedTLSPrompt | Automatically rejects untrusted HTTPS certificates without prompting the user when the value is set to false. Availability: Available in iOS 5.0 and later. | No | true | Boolean | false |
allowVideoConferencing | Disables video conferencing when the value is set to false. | No | false | Boolean | true |
allowVoiceDialing | Disables voice dialing when the value is set to false. | No | false | Boolean | true |
allowYouTube | The YouTube application is disabled and the icon removed from the Home screen when the value is set to false. This key is ignored in iOS 6 and later because the native YouTube app is not provided. | No | false | Boolean | true |
allowiTunes | The iTunes Music Store is disabled and its icon is removed from the Home screen if the value is set to false. Further users cannot preview, purchase, or download content. Availability: iOS 7.0 and later. | No | false | Boolean | true |
forceAssistantProfanityFilter | Forces the use of the profanity filter assistant when the value is set to true. | No | true | Boolean | false |
forceEncryptedBackup | Encrypts all backups when the value is set to true. | No | true | Boolean | false |
forceITunesStorePasswordEntry | Forces user to enter their iTunes password for each transaction when the value is set to true. Availability: iOS 5.0 and later. | No | true | Boolean | false |
forceLimitAdTracking | Limits ad tracking when the value is set to true. Availability: iOS 7.0 and later. | No | false | Boolean | true |
forceAirPlayOutgoingRequestsPairingPassword | Forces all devices receiving AirPlay requests from this device to use a pairing password when the value is set to true. Availability: iOS 7.1 and later. | No | false | Boolean | true |
forceAirPlayIncomingRequestsPairingPassword | Forces all devices sending AirPlay requests to this device to use a pairing password if the value is set to true. Availability: Apple[ ]TV[ ]6.1 and later. | No | false | Boolean | true |
allowManagedAppsCloudSync | Prevents managed applications from using cloud sync if the value is set to false. | No | false | Boolean | true |
allowActivityContinuation | Activity Continuation will be disabled if the value is set to false. | No | true | Boolean | false |
allowEnterpriseBookBackup | Enterprise books will not be backed up if the value is set to false. | No | true | Boolean | false |
allowEnterpriseBookMetadataSync | Enterprise books notes and highlights will not be synced if the value is set to false. | No | true | Boolean | false |
allowFingerprintModification | Allows the user to modify the touch ID. | No | true | Boolean | false |
safariAcceptCookies | Determines the conditions under which the device will accept cookies. Following are the allowed values:
| No | 2 | Integer | 0 |
forceWatchWristDetection | Force users to unlock their Apple Watch with a passcode once the Watch has been removed from their wrist, if the value is set to true Availability: iOS 8.3 and later. | No | False | Boolean | True |
ratingApps | Restrict access to apps based on the rating given for age. The following values define the JSON values that corresponds to the rating selected.
| No | N/A | Integer | 1000 |
ratingMovies
| Restrict access to movies based on movie ratings. The following values define the JSON values that corresponds to the rating selected.
| No | N/A | Integer | 1000 |
ratingRegion | Restring operations based on the region | No | N/A | String | us |
ratingTVShows
| Restrict access to TV shows based on rating given. The following values define the JSON values that corresponds to the rating selected.
| No | N/A | Integer | 1000 |
autonomousSingleAppModePermittedAppIDs | Allows the apps to be identified by the bundle IDs listed in the array to autonomously enter Single App Mode. Availability: iOS 7.0 and later. | No | N/A | Array of strings | - |