New-MgBetaDeviceAppManagementAndroidManagedAppProtection
Create new navigation property to androidManagedAppProtections for deviceAppManagement
Note
To view the v1.0 release of this cmdlet, view New-MgDeviceAppManagementAndroidManagedAppProtection
Syntax
New-MgBetaDeviceAppManagementAndroidManagedAppProtection
[-ResponseHeadersVariable <String>]
[-AdditionalProperties <Hashtable>]
[-AllowedAndroidDeviceManufacturers <String>]
[-AllowedAndroidDeviceModels <String[]>]
[-AllowedDataIngestionLocations <ManagedAppDataIngestionLocation[]>]
[-AllowedDataStorageLocations <ManagedAppDataStorageLocation[]>]
[-AllowedInboundDataTransferSources <ManagedAppDataTransferLevel>]
[-AllowedOutboundClipboardSharingExceptionLength <Int32>]
[-AllowedOutboundClipboardSharingLevel <ManagedAppClipboardSharingLevel>]
[-AllowedOutboundDataTransferDestinations <ManagedAppDataTransferLevel>]
[-AppActionIfAccountIsClockedOut <ManagedAppRemediationAction>]
[-AppActionIfAndroidDeviceManufacturerNotAllowed <ManagedAppRemediationAction>]
[-AppActionIfAndroidDeviceModelNotAllowed <ManagedAppRemediationAction>]
[-AppActionIfAndroidSafetyNetAppsVerificationFailed <ManagedAppRemediationAction>]
[-AppActionIfAndroidSafetyNetDeviceAttestationFailed <ManagedAppRemediationAction>]
[-AppActionIfDeviceComplianceRequired <ManagedAppRemediationAction>]
[-AppActionIfDeviceLockNotSet <ManagedAppRemediationAction>]
[-AppActionIfDevicePasscodeComplexityLessThanHigh <ManagedAppRemediationAction>]
[-AppActionIfDevicePasscodeComplexityLessThanLow <ManagedAppRemediationAction>]
[-AppActionIfDevicePasscodeComplexityLessThanMedium <ManagedAppRemediationAction>]
[-AppActionIfMaximumPinRetriesExceeded <ManagedAppRemediationAction>]
[-AppActionIfSamsungKnoxAttestationRequired <ManagedAppRemediationAction>]
[-AppActionIfUnableToAuthenticateUser <ManagedAppRemediationAction>]
[-AppGroupType <TargetedManagedAppGroupType>]
[-ApprovedKeyboards <IMicrosoftGraphKeyValuePair[]>]
[-Apps <IMicrosoftGraphManagedMobileApp[]>]
[-Assignments <IMicrosoftGraphTargetedManagedAppPolicyAssignment[]>]
[-BiometricAuthenticationBlocked]
[-BlockAfterCompanyPortalUpdateDeferralInDays <Int32>]
[-BlockDataIngestionIntoOrganizationDocuments]
[-ConnectToVpnOnLaunch]
[-ContactSyncBlocked]
[-CreatedDateTime <DateTime>]
[-CustomBrowserDisplayName <String>]
[-CustomBrowserPackageId <String>]
[-CustomDialerAppDisplayName <String>]
[-CustomDialerAppPackageId <String>]
[-DataBackupBlocked]
[-DeployedAppCount <Int32>]
[-DeploymentSummary <IMicrosoftGraphManagedAppPolicyDeploymentSummary>]
[-Description <String>]
[-DeviceComplianceRequired]
[-DeviceLockRequired]
[-DialerRestrictionLevel <ManagedAppPhoneNumberRedirectLevel>]
[-DisableAppEncryptionIfDeviceEncryptionIsEnabled]
[-DisableAppPinIfDevicePinIsSet]
[-DisplayName <String>]
[-EncryptAppData]
[-ExemptedAppPackages <IMicrosoftGraphKeyValuePair[]>]
[-FingerprintAndBiometricEnabled]
[-FingerprintBlocked]
[-GracePeriodToBlockAppsDuringOffClockHours <TimeSpan>]
[-Id <String>]
[-IsAssigned]
[-KeyboardsRestricted]
[-LastModifiedDateTime <DateTime>]
[-ManagedBrowser <ManagedBrowserType>]
[-ManagedBrowserToOpenLinksRequired]
[-MaximumAllowedDeviceThreatLevel <ManagedAppDeviceThreatLevel>]
[-MaximumPinRetries <Int32>]
[-MaximumRequiredOSVersion <String>]
[-MaximumWarningOSVersion <String>]
[-MaximumWipeOSVersion <String>]
[-MessagingRedirectAppDisplayName <String>]
[-MessagingRedirectAppPackageId <String>]
[-MinimumPinLength <Int32>]
[-MinimumRequiredAppVersion <String>]
[-MinimumRequiredCompanyPortalVersion <String>]
[-MinimumRequiredOSVersion <String>]
[-MinimumRequiredPatchVersion <String>]
[-MinimumWarningAppVersion <String>]
[-MinimumWarningCompanyPortalVersion <String>]
[-MinimumWarningOSVersion <String>]
[-MinimumWarningPatchVersion <String>]
[-MinimumWipeAppVersion <String>]
[-MinimumWipeCompanyPortalVersion <String>]
[-MinimumWipeOSVersion <String>]
[-MinimumWipePatchVersion <String>]
[-MobileThreatDefensePartnerPriority <MobileThreatDefensePartnerPriority>]
[-MobileThreatDefenseRemediationAction <ManagedAppRemediationAction>]
[-NotificationRestriction <ManagedAppNotificationRestriction>]
[-OrganizationalCredentialsRequired]
[-PeriodBeforePinReset <TimeSpan>]
[-PeriodOfflineBeforeAccessCheck <TimeSpan>]
[-PeriodOfflineBeforeWipeIsEnforced <TimeSpan>]
[-PeriodOnlineBeforeAccessCheck <TimeSpan>]
[-PinCharacterSet <ManagedAppPinCharacterSet>]
[-PinRequired]
[-PinRequiredInsteadOfBiometricTimeout <TimeSpan>]
[-PreviousPinBlockCount <Int32>]
[-PrintBlocked]
[-ProtectedMessagingRedirectAppType <MessagingRedirectAppType>]
[-RequireClass3Biometrics]
[-RequirePinAfterBiometricChange]
[-RequiredAndroidSafetyNetAppsVerificationType <AndroidManagedAppSafetyNetAppsVerificationType>]
[-RequiredAndroidSafetyNetDeviceAttestationType <AndroidManagedAppSafetyNetDeviceAttestationType>]
[-RequiredAndroidSafetyNetEvaluationType <AndroidManagedAppSafetyNetEvaluationType>]
[-RoleScopeTagIds <String[]>]
[-SaveAsBlocked]
[-ScreenCaptureBlocked]
[-SimplePinBlocked]
[-TargetedAppManagementLevels <AppManagementLevel>]
[-Version <String>]
[-WarnAfterCompanyPortalUpdateDeferralInDays <Int32>]
[-WipeAfterCompanyPortalUpdateDeferralInDays <Int32>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
New-MgBetaDeviceAppManagementAndroidManagedAppProtection
-BodyParameter <IMicrosoftGraphAndroidManagedAppProtection>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Create new navigation property to androidManagedAppProtections for deviceAppManagement
Parameters
-AdditionalProperties
Additional Parameters
Type: | Hashtable |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedAndroidDeviceManufacturers
Semicolon seperated list of device manufacturers allowed, as a string, for the managed app to work.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedAndroidDeviceModels
List of device models allowed, as a string, for the managed app to work.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedDataIngestionLocations
Data storage locations where a user may store managed data.
Type: | ManagedAppDataIngestionLocation[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedDataStorageLocations
Data storage locations where a user may store managed data.
Type: | ManagedAppDataStorageLocation[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedInboundDataTransferSources
Data can be transferred from/to these classes of apps
Type: | ManagedAppDataTransferLevel |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedOutboundClipboardSharingExceptionLength
Specify the number of characters that may be cut or copied from Org data and accounts to any application. This setting overrides the AllowedOutboundClipboardSharingLevel restriction. Default value of '0' means no exception is allowed.
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedOutboundClipboardSharingLevel
Represents the level to which the device's clipboard may be shared between apps
Type: | ManagedAppClipboardSharingLevel |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AllowedOutboundDataTransferDestinations
Data can be transferred from/to these classes of apps
Type: | ManagedAppDataTransferLevel |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfAccountIsClockedOut
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfAndroidDeviceManufacturerNotAllowed
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfAndroidDeviceModelNotAllowed
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfAndroidSafetyNetAppsVerificationFailed
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfAndroidSafetyNetDeviceAttestationFailed
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfDeviceComplianceRequired
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfDeviceLockNotSet
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfDevicePasscodeComplexityLessThanHigh
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfDevicePasscodeComplexityLessThanLow
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfDevicePasscodeComplexityLessThanMedium
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfMaximumPinRetriesExceeded
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfSamsungKnoxAttestationRequired
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppActionIfUnableToAuthenticateUser
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-AppGroupType
Indicates a collection of apps to target which can be one of several pre-defined lists of apps or a manually selected list of apps
Type: | TargetedManagedAppGroupType |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ApprovedKeyboards
If Keyboard Restriction is enabled, only keyboards in this approved list will be allowed. A key should be Android package id for a keyboard and value should be a friendly name To construct, see NOTES section for APPROVEDKEYBOARDS properties and create a hash table.
Type: | IMicrosoftGraphKeyValuePair[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Apps
List of apps to which the policy is deployed. To construct, see NOTES section for APPS properties and create a hash table.
Type: | IMicrosoftGraphManagedMobileApp[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Assignments
Navigation property to list of inclusion and exclusion groups to which the policy is deployed. To construct, see NOTES section for ASSIGNMENTS properties and create a hash table.
Type: | IMicrosoftGraphTargetedManagedAppPolicyAssignment[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BiometricAuthenticationBlocked
Indicates whether use of the biometric authentication is allowed in place of a pin if PinRequired is set to True.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BlockAfterCompanyPortalUpdateDeferralInDays
Maximum number of days Company Portal update can be deferred on the device or app access will be blocked.
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BlockDataIngestionIntoOrganizationDocuments
Indicates whether a user can bring data into org documents.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-BodyParameter
Policy used to configure detailed management settings targeted to specific security groups and for a specified set of apps on an Android device To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Type: | IMicrosoftGraphAndroidManagedAppProtection |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: | SwitchParameter |
Aliases: | cf |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ConnectToVpnOnLaunch
Whether the app should connect to the configured VPN on launch.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ContactSyncBlocked
Indicates whether contacts can be synced to the user's device.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CreatedDateTime
The date and time the policy was created.
Type: | DateTime |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomBrowserDisplayName
Friendly name of the preferred custom browser to open weblink on Android. When this property is configured, ManagedBrowserToOpenLinksRequired should be true.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomBrowserPackageId
Unique identifier of the preferred custom browser to open weblink on Android. When this property is configured, ManagedBrowserToOpenLinksRequired should be true.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomDialerAppDisplayName
Friendly name of a custom dialer app to click-to-open a phone number on Android.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CustomDialerAppPackageId
PackageId of a custom dialer app to click-to-open a phone number on Android.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DataBackupBlocked
Indicates whether the backup of a managed app's data is blocked.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DeployedAppCount
Count of apps to which the current policy is deployed.
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DeploymentSummary
The ManagedAppEntity is the base entity type for all other entity types under app management workflow. To construct, see NOTES section for DEPLOYMENTSUMMARY properties and create a hash table.
Type: | IMicrosoftGraphManagedAppPolicyDeploymentSummary |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Description
The policy's description.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DeviceComplianceRequired
Indicates whether device compliance is required.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DeviceLockRequired
Defines if any kind of lock must be required on android device
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DialerRestrictionLevel
The classes of apps that are allowed to click-to-open a phone number, for making phone calls or sending text messages.
Type: | ManagedAppPhoneNumberRedirectLevel |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisableAppEncryptionIfDeviceEncryptionIsEnabled
When this setting is enabled, app level encryption is disabled if device level encryption is enabled
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisableAppPinIfDevicePinIsSet
Indicates whether use of the app pin is required if the device pin is set.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-DisplayName
Policy display name.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EncryptAppData
Indicates whether application data for managed apps should be encrypted
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ExemptedAppPackages
App packages in this list will be exempt from the policy and will be able to receive data from managed apps. To construct, see NOTES section for EXEMPTEDAPPPACKAGES properties and create a hash table.
Type: | IMicrosoftGraphKeyValuePair[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FingerprintAndBiometricEnabled
If null, this setting will be ignored. If false both fingerprints and biometrics will not be enabled. If true, both fingerprints and biometrics will be enabled.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-FingerprintBlocked
Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-GracePeriodToBlockAppsDuringOffClockHours
A grace period before blocking app access during off clock hours.
Type: | TimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
Type: | IDictionary |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Id
The unique identifier for an entity. Read-only.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-IsAssigned
Indicates if the policy is deployed to any inclusion groups or not.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KeyboardsRestricted
Indicates if keyboard restriction is enabled. If enabled list of approved keyboards must be provided as well.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-LastModifiedDateTime
Last time the policy was modified.
Type: | DateTime |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ManagedBrowser
Type of managed browser
Type: | ManagedBrowserType |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ManagedBrowserToOpenLinksRequired
Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android)
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MaximumAllowedDeviceThreatLevel
The maxium threat level allowed for an app to be compliant.
Type: | ManagedAppDeviceThreatLevel |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MaximumPinRetries
Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MaximumRequiredOSVersion
Versions bigger than the specified version will block the managed app from accessing company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MaximumWarningOSVersion
Versions bigger than the specified version will block the managed app from accessing company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MaximumWipeOSVersion
Versions bigger than the specified version will block the managed app from accessing company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MessagingRedirectAppDisplayName
When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this value defines the app name which is allowed to be used.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MessagingRedirectAppPackageId
When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this value defines the app package id which is allowed to be used.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumPinLength
Minimum pin length required for an app-level pin if PinRequired is set to True
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumRequiredAppVersion
Versions less than the specified version will block the managed app from accessing company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumRequiredCompanyPortalVersion
Minimum version of the Company portal that must be installed on the device or app access will be blocked
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumRequiredOSVersion
Versions less than the specified version will block the managed app from accessing company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumRequiredPatchVersion
Define the oldest required Android security patch level a user can have to gain secure access to the app.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWarningAppVersion
Versions less than the specified version will result in warning message on the managed app.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWarningCompanyPortalVersion
Minimum version of the Company portal that must be installed on the device or the user will receive a warning
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWarningOSVersion
Versions less than the specified version will result in warning message on the managed app from accessing company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWarningPatchVersion
Define the oldest recommended Android security patch level a user can have for secure access to the app.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWipeAppVersion
Versions less than or equal to the specified version will wipe the managed app and the associated company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWipeCompanyPortalVersion
Minimum version of the Company portal that must be installed on the device or the company data on the app will be wiped
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWipeOSVersion
Versions less than or equal to the specified version will wipe the managed app and the associated company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MinimumWipePatchVersion
Android security patch level less than or equal to the specified value will wipe the managed app and the associated company data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MobileThreatDefensePartnerPriority
Determines the conflict resolution strategy, when more than one Mobile Threat Defense provider is enabled.
Type: | MobileThreatDefensePartnerPriority |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MobileThreatDefenseRemediationAction
An admin initiated action to be applied on a managed app.
Type: | ManagedAppRemediationAction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-NotificationRestriction
Restrict managed app notification
Type: | ManagedAppNotificationRestriction |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-OrganizationalCredentialsRequired
Indicates whether organizational credentials are required for app use.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PeriodBeforePinReset
TimePeriod before the all-level pin must be reset if PinRequired is set to True.
Type: | TimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PeriodOfflineBeforeAccessCheck
The period after which access is checked when the device is not connected to the internet.
Type: | TimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PeriodOfflineBeforeWipeIsEnforced
The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.
Type: | TimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PeriodOnlineBeforeAccessCheck
The period after which access is checked when the device is connected to the internet.
Type: | TimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PinCharacterSet
Character set which is to be used for a user's app PIN
Type: | ManagedAppPinCharacterSet |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PinRequired
Indicates whether an app-level pin is required.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PinRequiredInsteadOfBiometricTimeout
Timeout in minutes for an app pin instead of non biometrics passcode
Type: | TimeSpan |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PreviousPinBlockCount
Requires a pin to be unique from the number specified in this property.
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-PrintBlocked
Indicates whether printing is allowed from managed apps.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
Type: | ActionPreference |
Aliases: | proga |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ProtectedMessagingRedirectAppType
Defines how app messaging redirection is protected by an App Protection Policy. Default is anyApp.
Type: | MessagingRedirectAppType |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequireClass3Biometrics
Require user to apply Class 3 Biometrics on their Android device.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequiredAndroidSafetyNetAppsVerificationType
An admin enforced Android SafetyNet Device Attestation requirement on a managed app.
Type: | AndroidManagedAppSafetyNetAppsVerificationType |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequiredAndroidSafetyNetDeviceAttestationType
An admin enforced Android SafetyNet Device Attestation requirement on a managed app.
Type: | AndroidManagedAppSafetyNetDeviceAttestationType |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequiredAndroidSafetyNetEvaluationType
An admin enforced Android SafetyNet evaluation type requirement on a managed app.
Type: | AndroidManagedAppSafetyNetEvaluationType |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RequirePinAfterBiometricChange
A PIN prompt will override biometric prompts if class 3 biometrics are updated on the device.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
Type: | String |
Aliases: | RHV |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-RoleScopeTagIds
List of Scope Tags for this Entity instance.
Type: | String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SaveAsBlocked
Indicates whether users may use the 'Save As' menu item to save a copy of protected files.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ScreenCaptureBlocked
Indicates whether a managed user can take screen captures of managed apps
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-SimplePinBlocked
Indicates whether simplePin is blocked.
Type: | SwitchParameter |
Position: | Named |
Default value: | False |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-TargetedAppManagementLevels
Management levels for apps
Type: | AppManagementLevel |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-Version
Version of the entity.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WarnAfterCompanyPortalUpdateDeferralInDays
Maximum number of days Company Portal update can be deferred on the device or the user will receive the warning
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: | SwitchParameter |
Aliases: | wi |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-WipeAfterCompanyPortalUpdateDeferralInDays
Maximum number of days Company Portal update can be deferred on the device or the company data on the app will be wiped
Type: | Int32 |
Position: | Named |
Default value: | 0 |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Inputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphAndroidManagedAppProtection
System.Collections.IDictionary
Outputs
Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphAndroidManagedAppProtection
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
APPROVEDKEYBOARDS <IMicrosoftGraphKeyValuePair- []
>: If Keyboard Restriction is enabled, only keyboards in this approved list will be allowed.
A key should be Android package id for a keyboard and value should be a friendly name
[Name <String>]
: Name for this key-value pair[Value <String>]
: Value for this key-value pair
APPS <IMicrosoftGraphManagedMobileApp- []
>: List of apps to which the policy is deployed.
[Id <String>]
: The unique identifier for an entity. Read-only.[MobileAppIdentifier <IMicrosoftGraphMobileAppIdentifier>]
: The identifier for a mobile app.[(Any) <Object>]
: This indicates any property can be added to this object.
[Version <String>]
: Version of the entity.
ASSIGNMENTS <IMicrosoftGraphTargetedManagedAppPolicyAssignment- []
>: Navigation property to list of inclusion and exclusion groups to which the policy is deployed.
[Id <String>]
: The unique identifier for an entity. Read-only.[Source <DeviceAndAppManagementAssignmentSource?>]
: Represents source of assignment.[SourceId <String>]
: Identifier for resource used for deployment to a group[Target <IMicrosoftGraphDeviceAndAppManagementAssignmentTarget>]
: Base type for assignment targets.[(Any) <Object>]
: This indicates any property can be added to this object.[DeviceAndAppManagementAssignmentFilterId <String>]
: The Id of the filter for the target assignment.[DeviceAndAppManagementAssignmentFilterType <DeviceAndAppManagementAssignmentFilterType?>]
: Represents type of the assignment filter.
BODYPARAMETER <IMicrosoftGraphAndroidManagedAppProtection>
: Policy used to configure detailed management settings targeted to specific security groups and for a specified set of apps on an Android device
[(Any) <Object>]
: This indicates any property can be added to this object.[AppGroupType <TargetedManagedAppGroupType?>]
: Indicates a collection of apps to target which can be one of several pre-defined lists of apps or a manually selected list of apps[Assignments <IMicrosoftGraphTargetedManagedAppPolicyAssignment-
[]>]
: Navigation property to list of inclusion and exclusion groups to which the policy is deployed.[Id <String>]
: The unique identifier for an entity. Read-only.[Source <DeviceAndAppManagementAssignmentSource?>]
: Represents source of assignment.[SourceId <String>]
: Identifier for resource used for deployment to a group[Target <IMicrosoftGraphDeviceAndAppManagementAssignmentTarget>]
: Base type for assignment targets.[(Any) <Object>]
: This indicates any property can be added to this object.[DeviceAndAppManagementAssignmentFilterId <String>]
: The Id of the filter for the target assignment.[DeviceAndAppManagementAssignmentFilterType <DeviceAndAppManagementAssignmentFilterType?>]
: Represents type of the assignment filter.
[IsAssigned <Boolean?>]
: Indicates if the policy is deployed to any inclusion groups or not.[TargetedAppManagementLevels <AppManagementLevel?>]
: Management levels for apps[AllowedDataIngestionLocations <ManagedAppDataIngestionLocation-
[]>]
: Data storage locations where a user may store managed data.[AllowedDataStorageLocations <ManagedAppDataStorageLocation-
[]>]
: Data storage locations where a user may store managed data.[AllowedInboundDataTransferSources <ManagedAppDataTransferLevel?>]
: Data can be transferred from/to these classes of apps[AllowedOutboundClipboardSharingExceptionLength <Int32?>]
: Specify the number of characters that may be cut or copied from Org data and accounts to any application. This setting overrides the AllowedOutboundClipboardSharingLevel restriction. Default value of '0' means no exception is allowed.[AllowedOutboundClipboardSharingLevel <ManagedAppClipboardSharingLevel?>]
: Represents the level to which the device's clipboard may be shared between apps[AllowedOutboundDataTransferDestinations <ManagedAppDataTransferLevel?>]
: Data can be transferred from/to these classes of apps[AppActionIfDeviceComplianceRequired <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfMaximumPinRetriesExceeded <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfUnableToAuthenticateUser <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[BlockDataIngestionIntoOrganizationDocuments <Boolean?>]
: Indicates whether a user can bring data into org documents.[ContactSyncBlocked <Boolean?>]
: Indicates whether contacts can be synced to the user's device.[DataBackupBlocked <Boolean?>]
: Indicates whether the backup of a managed app's data is blocked.[DeviceComplianceRequired <Boolean?>]
: Indicates whether device compliance is required.[DialerRestrictionLevel <ManagedAppPhoneNumberRedirectLevel?>]
: The classes of apps that are allowed to click-to-open a phone number, for making phone calls or sending text messages.[DisableAppPinIfDevicePinIsSet <Boolean?>]
: Indicates whether use of the app pin is required if the device pin is set.[FingerprintBlocked <Boolean?>]
: Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.[GracePeriodToBlockAppsDuringOffClockHours <TimeSpan?>]
: A grace period before blocking app access during off clock hours.[ManagedBrowser <ManagedBrowserType?>]
: Type of managed browser[ManagedBrowserToOpenLinksRequired <Boolean?>]
: Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android)[MaximumAllowedDeviceThreatLevel <ManagedAppDeviceThreatLevel?>]
: The maxium threat level allowed for an app to be compliant.[MaximumPinRetries <Int32?>]
: Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.[MaximumRequiredOSVersion <String>]
: Versions bigger than the specified version will block the managed app from accessing company data.[MaximumWarningOSVersion <String>]
: Versions bigger than the specified version will block the managed app from accessing company data.[MaximumWipeOSVersion <String>]
: Versions bigger than the specified version will block the managed app from accessing company data.[MinimumPinLength <Int32?>]
: Minimum pin length required for an app-level pin if PinRequired is set to True[MinimumRequiredAppVersion <String>]
: Versions less than the specified version will block the managed app from accessing company data.[MinimumRequiredOSVersion <String>]
: Versions less than the specified version will block the managed app from accessing company data.[MinimumWarningAppVersion <String>]
: Versions less than the specified version will result in warning message on the managed app.[MinimumWarningOSVersion <String>]
: Versions less than the specified version will result in warning message on the managed app from accessing company data.[MinimumWipeAppVersion <String>]
: Versions less than or equal to the specified version will wipe the managed app and the associated company data.[MinimumWipeOSVersion <String>]
: Versions less than or equal to the specified version will wipe the managed app and the associated company data.[MobileThreatDefensePartnerPriority <MobileThreatDefensePartnerPriority?>]
: Determines the conflict resolution strategy, when more than one Mobile Threat Defense provider is enabled.[MobileThreatDefenseRemediationAction <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[NotificationRestriction <ManagedAppNotificationRestriction?>]
: Restrict managed app notification[OrganizationalCredentialsRequired <Boolean?>]
: Indicates whether organizational credentials are required for app use.[PeriodBeforePinReset <TimeSpan?>]
: TimePeriod before the all-level pin must be reset if PinRequired is set to True.[PeriodOfflineBeforeAccessCheck <TimeSpan?>]
: The period after which access is checked when the device is not connected to the internet.[PeriodOfflineBeforeWipeIsEnforced <TimeSpan?>]
: The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.[PeriodOnlineBeforeAccessCheck <TimeSpan?>]
: The period after which access is checked when the device is connected to the internet.[PinCharacterSet <ManagedAppPinCharacterSet?>]
: Character set which is to be used for a user's app PIN[PinRequired <Boolean?>]
: Indicates whether an app-level pin is required.[PinRequiredInsteadOfBiometricTimeout <TimeSpan?>]
: Timeout in minutes for an app pin instead of non biometrics passcode[PreviousPinBlockCount <Int32?>]
: Requires a pin to be unique from the number specified in this property.[PrintBlocked <Boolean?>]
: Indicates whether printing is allowed from managed apps.[ProtectedMessagingRedirectAppType <MessagingRedirectAppType?>]
: Defines how app messaging redirection is protected by an App Protection Policy. Default is anyApp.[SaveAsBlocked <Boolean?>]
: Indicates whether users may use the 'Save As' menu item to save a copy of protected files.[SimplePinBlocked <Boolean?>]
: Indicates whether simplePin is blocked.[CreatedDateTime <DateTime?>]
: The date and time the policy was created.[Description <String>]
: The policy's description.[DisplayName <String>]
: Policy display name.[LastModifiedDateTime <DateTime?>]
: Last time the policy was modified.[RoleScopeTagIds <String-
[]>]
: List of Scope Tags for this Entity instance.[Version <String>]
: Version of the entity.[Id <String>]
: The unique identifier for an entity. Read-only.[AllowedAndroidDeviceManufacturers <String>]
: Semicolon seperated list of device manufacturers allowed, as a string, for the managed app to work.[AllowedAndroidDeviceModels <String-
[]>]
: List of device models allowed, as a string, for the managed app to work.[AppActionIfAccountIsClockedOut <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfAndroidDeviceManufacturerNotAllowed <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfAndroidDeviceModelNotAllowed <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfAndroidSafetyNetAppsVerificationFailed <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfAndroidSafetyNetDeviceAttestationFailed <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfDeviceLockNotSet <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfDevicePasscodeComplexityLessThanHigh <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfDevicePasscodeComplexityLessThanLow <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfDevicePasscodeComplexityLessThanMedium <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[AppActionIfSamsungKnoxAttestationRequired <ManagedAppRemediationAction?>]
: An admin initiated action to be applied on a managed app.[ApprovedKeyboards <IMicrosoftGraphKeyValuePair-
[]>]
: If Keyboard Restriction is enabled, only keyboards in this approved list will be allowed. A key should be Android package id for a keyboard and value should be a friendly name[Name <String>]
: Name for this key-value pair[Value <String>]
: Value for this key-value pair
[Apps <IMicrosoftGraphManagedMobileApp-
[]>]
: List of apps to which the policy is deployed.[Id <String>]
: The unique identifier for an entity. Read-only.[MobileAppIdentifier <IMicrosoftGraphMobileAppIdentifier>]
: The identifier for a mobile app.[(Any) <Object>]
: This indicates any property can be added to this object.
[Version <String>]
: Version of the entity.
[BiometricAuthenticationBlocked <Boolean?>]
: Indicates whether use of the biometric authentication is allowed in place of a pin if PinRequired is set to True.[BlockAfterCompanyPortalUpdateDeferralInDays <Int32?>]
: Maximum number of days Company Portal update can be deferred on the device or app access will be blocked.[ConnectToVpnOnLaunch <Boolean?>]
: Whether the app should connect to the configured VPN on launch.[CustomBrowserDisplayName <String>]
: Friendly name of the preferred custom browser to open weblink on Android. When this property is configured, ManagedBrowserToOpenLinksRequired should be true.[CustomBrowserPackageId <String>]
: Unique identifier of the preferred custom browser to open weblink on Android. When this property is configured, ManagedBrowserToOpenLinksRequired should be true.[CustomDialerAppDisplayName <String>]
: Friendly name of a custom dialer app to click-to-open a phone number on Android.[CustomDialerAppPackageId <String>]
: PackageId of a custom dialer app to click-to-open a phone number on Android.[DeployedAppCount <Int32?>]
: Count of apps to which the current policy is deployed.[DeploymentSummary <IMicrosoftGraphManagedAppPolicyDeploymentSummary>]
: The ManagedAppEntity is the base entity type for all other entity types under app management workflow.[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[ConfigurationDeployedUserCount <Int32?>]
:[ConfigurationDeploymentSummaryPerApp <IMicrosoftGraphManagedAppPolicyDeploymentSummaryPerApp-
[]>]
:[ConfigurationAppliedUserCount <Int32?>]
: Number of users the policy is applied.[MobileAppIdentifier <IMicrosoftGraphMobileAppIdentifier>]
: The identifier for a mobile app.
[DisplayName <String>]
:[LastRefreshTime <DateTime?>]
:[Version <String>]
: Version of the entity.
[DeviceLockRequired <Boolean?>]
: Defines if any kind of lock must be required on android device[DisableAppEncryptionIfDeviceEncryptionIsEnabled <Boolean?>]
: When this setting is enabled, app level encryption is disabled if device level encryption is enabled[EncryptAppData <Boolean?>]
: Indicates whether application data for managed apps should be encrypted[ExemptedAppPackages <IMicrosoftGraphKeyValuePair-
[]>]
: App packages in this list will be exempt from the policy and will be able to receive data from managed apps.[FingerprintAndBiometricEnabled <Boolean?>]
: If null, this setting will be ignored. If false both fingerprints and biometrics will not be enabled. If true, both fingerprints and biometrics will be enabled.[KeyboardsRestricted <Boolean?>]
: Indicates if keyboard restriction is enabled. If enabled list of approved keyboards must be provided as well.[MessagingRedirectAppDisplayName <String>]
: When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this value defines the app name which is allowed to be used.[MessagingRedirectAppPackageId <String>]
: When a specific app redirection is enforced by protectedMessagingRedirectAppType in an App Protection Policy, this value defines the app package id which is allowed to be used.[MinimumRequiredCompanyPortalVersion <String>]
: Minimum version of the Company portal that must be installed on the device or app access will be blocked[MinimumRequiredPatchVersion <String>]
: Define the oldest required Android security patch level a user can have to gain secure access to the app.[MinimumWarningCompanyPortalVersion <String>]
: Minimum version of the Company portal that must be installed on the device or the user will receive a warning[MinimumWarningPatchVersion <String>]
: Define the oldest recommended Android security patch level a user can have for secure access to the app.[MinimumWipeCompanyPortalVersion <String>]
: Minimum version of the Company portal that must be installed on the device or the company data on the app will be wiped[MinimumWipePatchVersion <String>]
: Android security patch level less than or equal to the specified value will wipe the managed app and the associated company data.[RequireClass3Biometrics <Boolean?>]
: Require user to apply Class 3 Biometrics on their Android device.[RequirePinAfterBiometricChange <Boolean?>]
: A PIN prompt will override biometric prompts if class 3 biometrics are updated on the device.[RequiredAndroidSafetyNetAppsVerificationType <AndroidManagedAppSafetyNetAppsVerificationType?>]
: An admin enforced Android SafetyNet Device Attestation requirement on a managed app.[RequiredAndroidSafetyNetDeviceAttestationType <AndroidManagedAppSafetyNetDeviceAttestationType?>]
: An admin enforced Android SafetyNet Device Attestation requirement on a managed app.[RequiredAndroidSafetyNetEvaluationType <AndroidManagedAppSafetyNetEvaluationType?>]
: An admin enforced Android SafetyNet evaluation type requirement on a managed app.[ScreenCaptureBlocked <Boolean?>]
: Indicates whether a managed user can take screen captures of managed apps[WarnAfterCompanyPortalUpdateDeferralInDays <Int32?>]
: Maximum number of days Company Portal update can be deferred on the device or the user will receive the warning[WipeAfterCompanyPortalUpdateDeferralInDays <Int32?>]
: Maximum number of days Company Portal update can be deferred on the device or the company data on the app will be wiped
DEPLOYMENTSUMMARY <IMicrosoftGraphManagedAppPolicyDeploymentSummary>
: The ManagedAppEntity is the base entity type for all other entity types under app management workflow.
[(Any) <Object>]
: This indicates any property can be added to this object.[Id <String>]
: The unique identifier for an entity. Read-only.[ConfigurationDeployedUserCount <Int32?>]
:[ConfigurationDeploymentSummaryPerApp <IMicrosoftGraphManagedAppPolicyDeploymentSummaryPerApp-
[]>]
:[ConfigurationAppliedUserCount <Int32?>]
: Number of users the policy is applied.[MobileAppIdentifier <IMicrosoftGraphMobileAppIdentifier>]
: The identifier for a mobile app.[(Any) <Object>]
: This indicates any property can be added to this object.
[DisplayName <String>]
:[LastRefreshTime <DateTime?>]
:[Version <String>]
: Version of the entity.
EXEMPTEDAPPPACKAGES <IMicrosoftGraphKeyValuePair- []
>: App packages in this list will be exempt from the policy and will be able to receive data from managed apps.
[Name <String>]
: Name for this key-value pair[Value <String>]
: Value for this key-value pair