googleapis

/// <reference types="node" /> import { OAuth2Client, JWT, Compute, UserRefreshClient, BaseExternalAccountClient, GaxiosPromise, GoogleConfigurable, MethodOptions, StreamMethodOptions, GlobalOptions, GoogleAuth, BodyResponseCallback, APIRequestContext } from 'googleapis-common'; import { Readable } from 'stream'; export declare namespace androidmanagement_v1 { export interface Options extends GlobalOptions { version: 'v1'; } interface StandardParameters { /** * Auth client or API Key for the request */ auth?: string | OAuth2Client | JWT | Compute | UserRefreshClient | BaseExternalAccountClient | GoogleAuth; /** * V1 error format. */ '$.xgafv'?: string; /** * OAuth access token. */ access_token?: string; /** * Data format for response. */ alt?: string; /** * JSONP */ callback?: string; /** * Selector specifying which fields to include in a partial response. */ fields?: string; /** * API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */ key?: string; /** * OAuth 2.0 token for the current user. */ oauth_token?: string; /** * Returns response with indentations and line breaks. */ prettyPrint?: boolean; /** * Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */ quotaUser?: string; /** * Legacy upload protocol for media (e.g. "media", "multipart"). */ uploadType?: string; /** * Upload protocol for media (e.g. "raw", "multipart"). */ upload_protocol?: string; } /** * Android Management API * * The Android Management API provides remote enterprise management of Android devices and apps. * * @example * ```js * const {google} = require('googleapis'); * const androidmanagement = google.androidmanagement('v1'); * ``` */ export class Androidmanagement { context: APIRequestContext; enterprises: Resource$Enterprises; provisioningInfo: Resource$Provisioninginfo; signupUrls: Resource$Signupurls; constructor(options: GlobalOptions, google?: GoogleConfigurable); } /** * A shell command was issued over ADB via “adb shell command”. */ export interface Schema$AdbShellCommandEvent { /** * Shell command that was issued over ADB via "adb shell command". Redacted to empty string on organization-owned managed profile devices. */ shellCmd?: string | null; } /** * An ADB interactive shell was opened via “adb shell”. Intentionally empty. */ export interface Schema$AdbShellInteractiveEvent { } /** * Security policies set to secure values by default. To maintain the security posture of a device, we don't recommend overriding any of the default values. */ export interface Schema$AdvancedSecurityOverrides { /** * Controls Common Criteria Mode—security standards defined in the Common Criteria for Information Technology Security Evaluation (https://www.commoncriteriaportal.org/) (CC). Enabling Common Criteria Mode increases certain security components on a device, including AES-GCM encryption of Bluetooth Long Term Keys, and Wi-Fi configuration stores.Warning: Common Criteria Mode enforces a strict security model typically only required for IT products used in national security systems and other highly sensitive organizations. Standard device use may be affected. Only enabled if required. */ commonCriteriaMode?: string | null; /** * Controls access to developer settings: developer options and safe boot. Replaces safeBootDisabled (deprecated) and debuggingFeaturesAllowed (deprecated). */ developerSettings?: string | null; /** * Whether Google Play Protect verification (https://support.google.com/accounts/answer/2812853) is enforced. Replaces ensureVerifyAppsEnabled (deprecated). */ googlePlayProtectVerifyApps?: string | null; /** * Personal apps that can read work profile notifications using a NotificationListenerService (https://developer.android.com/reference/android/service/notification/NotificationListenerService). By default, no personal apps (aside from system apps) can read work notifications. Each value in the list must be a package name. */ personalAppsThatCanReadWorkNotifications?: string[] | null; /** * The policy for untrusted apps (apps from unknown sources) enforced on the device. Replaces install_unknown_sources_allowed (deprecated). */ untrustedAppsPolicy?: string | null; } /** * Configuration for an always-on VPN connection. */ export interface Schema$AlwaysOnVpnPackage { /** * Disallows networking when the VPN is not connected. */ lockdownEnabled?: boolean | null; /** * The package name of the VPN app. */ packageName?: string | null; } /** * A compliance rule condition which is satisfied if the Android Framework API level on the device doesn't meet a minimum requirement. There can only be one rule with this type of condition per policy. */ export interface Schema$ApiLevelCondition { /** * The minimum desired Android Framework API level. If the device doesn't meet the minimum requirement, this condition is satisfied. Must be greater than zero. */ minApiLevel?: number | null; } /** * Information about an app. */ export interface Schema$Application { /** * Whether this app is free, free with in-app purchases, or paid. If the pricing is unspecified, this means the app is not generally available anymore (even though it might still be available to people who own it). */ appPricing?: string | null; /** * Application tracks visible to the enterprise. */ appTracks?: Schema$AppTrackInfo[]; /** * Versions currently available for this app. */ appVersions?: Schema$AppVersion[]; /** * The name of the author of the apps (for example, the app developer). */ author?: string | null; /** * The countries which this app is available in as per ISO 3166-1 alpha-2. */ availableCountries?: string[] | null; /** * The app category (e.g. RACING, SOCIAL, etc.) */ category?: string | null; /** * The content rating for this app. */ contentRating?: string | null; /** * The localized promotional description, if available. */ description?: string | null; /** * How and to whom the package is made available. */ distributionChannel?: string | null; /** * Noteworthy features (if any) of this app. */ features?: string[] | null; /** * Full app description, if available. */ fullDescription?: string | null; /** * A link to an image that can be used as an icon for the app. This image is suitable for use up to a pixel size of 512 x 512. */ iconUrl?: string | null; /** * The set of managed properties available to be pre-configured for the app. */ managedProperties?: Schema$ManagedProperty[]; /** * The minimum Android SDK necessary to run the app. */ minAndroidSdkVersion?: number | null; /** * The name of the app in the form enterprises/{enterprise\}/applications/{package_name\}. */ name?: string | null; /** * The permissions required by the app. */ permissions?: Schema$ApplicationPermission[]; /** * A link to the (consumer) Google Play details page for the app. */ playStoreUrl?: string | null; /** * A localised description of the recent changes made to the app. */ recentChanges?: string | null; /** * A list of screenshot links representing the app. */ screenshotUrls?: string[] | null; /** * A link to a smaller image that can be used as an icon for the app. This image is suitable for use up to a pixel size of 128 x 128. */ smallIconUrl?: string | null; /** * The title of the app. Localized. */ title?: string | null; /** * Output only. The approximate time (within 7 days) the app was last published. */ updateTime?: string | null; } /** * An app-related event. */ export interface Schema$ApplicationEvent { /** * The creation time of the event. */ createTime?: string | null; /** * App event type. */ eventType?: string | null; } /** * A permission required by the app. */ export interface Schema$ApplicationPermission { /** * A longer description of the permission, providing more detail on what it affects. Localized. */ description?: string | null; /** * The name of the permission. Localized. */ name?: string | null; /** * An opaque string uniquely identifying the permission. Not localized. */ permissionId?: string | null; } /** * Policy for an individual app. Note: Application availability on a given device cannot be changed using this policy if installAppsDisabled is enabled. */ export interface Schema$ApplicationPolicy { /** * List of the app’s track IDs that a device belonging to the enterprise can access. If the list contains multiple track IDs, devices receive the latest version among all accessible tracks. If the list contains no track IDs, devices only have access to the app’s production track. More details about each track are available in AppTrackInfo. */ accessibleTrackIds?: string[] | null; /** * Specifies whether the app is allowed networking when the VPN is not connected and alwaysOnVpnPackage.lockdownEnabled is enabled. If set to VPN_LOCKDOWN_ENFORCED, the app is not allowed networking, and if set to VPN_LOCKDOWN_EXEMPTION, the app is allowed networking. Only supported on devices running Android 10 and above. If this is not supported by the device, the device will contain a NonComplianceDetail with non_compliance_reason set to API_LEVEL and a fieldPath. If this is not applicable to the app, the device will contain a NonComplianceDetail with non_compliance_reason set to UNSUPPORTED and a fieldPath. The fieldPath is set to applications[i].alwaysOnVpnLockdownExemption, where i is the index of the package in the applications policy. */ alwaysOnVpnLockdownExemption?: string | null; /** * Controls the auto-update mode for the app. */ autoUpdateMode?: string | null; /** * Controls whether the app can communicate with itself across a device’s work and personal profiles, subject to user consent. */ connectedWorkAndPersonalApp?: string | null; /** * The default policy for all permissions requested by the app. If specified, this overrides the policy-level default_permission_policy which applies to all apps. It does not override the permission_grants which applies to all apps. */ defaultPermissionPolicy?: string | null; /** * The scopes delegated to the app from Android Device Policy. */ delegatedScopes?: string[] | null; /** * Whether the app is disabled. When disabled, the app data is still preserved. */ disabled?: boolean | null; /** * Configuration to enable this app as an extension app, with the capability of interacting with Android Device Policy offline.This field can be set for at most one app. */ extensionConfig?: Schema$ExtensionConfig; /** * The type of installation to perform. */ installType?: string | null; /** * Whether the app is allowed to lock itself in full-screen mode. DEPRECATED. Use InstallType KIOSK or kioskCustomLauncherEnabled to configure a dedicated device. */ lockTaskAllowed?: boolean | null; /** * Managed configuration applied to the app. The format for the configuration is dictated by the ManagedProperty values supported by the app. Each field name in the managed configuration must match the key field of the ManagedProperty. The field value must be compatible with the type of the ManagedProperty: *type* *JSON value* BOOL true or false STRING string INTEGER number CHOICE string MULTISELECT array of strings HIDDEN string BUNDLE_ARRAY array of objects */ managedConfiguration?: { [key: string]: any; } | null; /** * The managed configurations template for the app, saved from the managed configurations iframe. This field is ignored if managed_configuration is set. */ managedConfigurationTemplate?: Schema$ManagedConfigurationTemplate; /** * The minimum version of the app that runs on the device. If set, the device attempts to update the app to at least this version code. If the app is not up-to-date, the device will contain a NonComplianceDetail with non_compliance_reason set to APP_NOT_UPDATED. The app must already be published to Google Play with a version code greater than or equal to this value. At most 20 apps may specify a minimum version code per policy. */ minimumVersionCode?: number | null; /** * The package name of the app. For example, com.google.android.youtube for the YouTube app. */ packageName?: string | null; /** * Explicit permission grants or denials for the app. These values override the default_permission_policy and permission_grants which apply to all apps. */ permissionGrants?: Schema$PermissionGrant[]; /** * Specifies whether the app installed in the work profile is allowed to add widgets to the home screen. */ workProfileWidgets?: string | null; } /** * Information reported about an installed app. */ export interface Schema$ApplicationReport { /** * The source of the package. */ applicationSource?: string | null; /** * The display name of the app. */ displayName?: string | null; /** * The list of app events which have occurred in the last 30 hours. */ events?: Schema$ApplicationEvent[]; /** * The package name of the app that installed this app. */ installerPackageName?: string | null; /** * List of keyed app states reported by the app. */ keyedAppStates?: Schema$KeyedAppState[]; /** * Package name of the app. */ packageName?: string | null; /** * The SHA-256 hash of the app's APK file, which can be used to verify the app hasn't been modified. Each byte of the hash value is represented as a two-digit hexadecimal number. */ packageSha256Hash?: string | null; /** * The SHA-1 hash of each android.content.pm.Signature (https://developer.android.com/reference/android/content/pm/Signature.html) associated with the app package. Each byte of each hash value is represented as a two-digit hexadecimal number. */ signingKeyCertFingerprints?: string[] | null; /** * Application state. */ state?: string | null; /** * Whether the app is user facing. */ userFacingType?: string | null; /** * The app version code, which can be used to determine whether one version is more recent than another. */ versionCode?: number | null; /** * The app version as displayed to the user. */ versionName?: string | null; } /** * Settings controlling the behavior of application reports. */ export interface Schema$ApplicationReportingSettings { /** * Whether removed apps are included in application reports. */ includeRemovedApps?: boolean | null; } /** * Information about a process. It contains process name, start time, app Uid, app Pid, seinfo tag, hash of the base APK. */ export interface Schema$AppProcessInfo { /** * SHA-256 hash of the base APK, in hexadecimal format. */ apkSha256Hash?: string | null; /** * Package names of all packages that are associated with the particular user ID. In most cases, this will be a single package name, the package that has been assigned that user ID. If multiple application share a UID then all packages sharing UID will be included. */ packageNames?: string[] | null; /** * Process ID. */ pid?: number | null; /** * Process name. */ processName?: string | null; /** * SELinux policy info. */ seinfo?: string | null; /** * Process start time. */ startTime?: string | null; /** * UID of the package. */ uid?: number | null; } /** * An app process was started. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile. */ export interface Schema$AppProcessStartEvent { /** * Information about a process. */ processInfo?: Schema$AppProcessInfo; } /** * Id to name association of a app track. */ export interface Schema$AppTrackInfo { /** * The track name associated with the trackId, set in the Play Console. The name is modifiable from Play Console. */ trackAlias?: string | null; /** * The unmodifiable unique track identifier, taken from the releaseTrackId in the URL of the Play Console page that displays the app’s track information. */ trackId?: string | null; } /** * This represents a single version of the app. */ export interface Schema$AppVersion { /** * If the value is True, it indicates that this version is a production track. */ production?: boolean | null; /** * Track identifiers that the app version is published in. This does not include the production track (see production instead). */ trackIds?: string[] | null; /** * Unique increasing identifier for the app version. */ versionCode?: number | null; /** * The string used in the Play store by the app developer to identify the version. The string is not necessarily unique or localized (for example, the string could be "1.4"). */ versionString?: string | null; } /** * Batched event logs of events from the device. */ export interface Schema$BatchUsageLogEvents { /** * The name of the device in the form ‘enterprises/{enterpriseId\}/devices/{deviceId\}’ */ device?: string | null; /** * The device timestamp when the batch of events were collected from the device. */ retrievalTime?: string | null; /** * The list of UsageLogEvent that were reported by the device, sorted chronologically by the event time. */ usageLogEvents?: Schema$UsageLogEvent[]; /** * The resource name of the user that owns this device in the form ‘enterprises/{enterpriseId\}/users/{userId\}’. */ user?: string | null; } /** * An action to block access to apps and data on a fully managed device or in a work profile. This action also triggers a device or work profile to displays a user-facing notification with information (where possible) on how to correct the compliance issue. Note: wipeAction must also be specified. */ export interface Schema$BlockAction { /** * Number of days the policy is non-compliant before the device or work profile is blocked. To block access immediately, set to 0. blockAfterDays must be less than wipeAfterDays. */ blockAfterDays?: number | null; /** * Specifies the scope of this BlockAction. Only applicable to devices that are company-owned. */ blockScope?: string | null; } /** * A new root certificate was installed into the system's trusted credential storage. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile. */ export interface Schema$CertAuthorityInstalledEvent { /** * Subject of the certificate. */ certificate?: string | null; /** * Whether the installation event succeeded. */ success?: boolean | null; /** * The user in which the certificate install event happened. Only available for devices running Android 11 and above. */ userId?: number | null; } /** * A root certificate was removed from the system's trusted credential storage. This is available device-wide on fully managed devices and within the work profile on organization-owned devices with a work profile. */ export interface Schema$CertAuthorityRemovedEvent { /** * Subject of the certificate. */ certificate?: string | null; /** * Whether the removal succeeded. */ success?: boolean | null; /** * The user in which the certificate removal event occurred. Only available for devices running Android 11 and above. */ userId?: number | null; } /** * An X.509v3 certificate failed to validate, currently this validation is performed on the Wi-FI access point and failure may be due to a mismatch upon server certificate validation. However it may in the future include other validation events of an X.509v3 certificate. */ export interface Schema$CertValidationFailureEvent { /** * The reason why certification validation failed. */ failureReason?: string | null; } /** * Controls apps' access to private keys. The rule determines which private key, if any, Android Device Policy grants to the specified app. Access is granted either when the app calls KeyChain.choosePrivateKeyAlias (https://developer.android.com/reference/android/security/KeyChain#choosePrivateKeyAlias%28android.app.Activity,%20android.security.KeyChainAliasCallback,%20java.lang.String[],%20java.security.Principal[],%20java.lang.String,%20int,%20java.lang.String%29) (or any overloads) to request a private key alias for a given URL, or for rules that are not URL-specific (that is, if urlPattern is not set, or set to the empty string or .*) on Android 11 and above, directly so that the app can call KeyChain.getPrivateKey (https://developer.android.com/reference/android/security/KeyChain#getPrivateKey%28android.content.Context,%20java.lang.String%29), without first having to call KeyChain.choosePrivateKeyAlias.When an app calls KeyChain.choosePrivateKeyAlias if more than one choosePrivateKeyRules matches, the last matching rule defines which key alias to return. */ export interface Schema$ChoosePrivateKeyRule { /** * The package names to which this rule applies. The hash of the signing certificate for each app is verified against the hash provided by Play. If no package names are specified, then the alias is provided to all apps that call KeyChain.choosePrivateKeyAlias (https://developer.android.com/reference/android/security/KeyChain#choosePrivateKeyAlias%28android.app.Activity,%20android.security.KeyChainAliasCallback,%20java.lang.String[],%20java.security.Principal[],%20java.lang.String,%20int,%20java.lang.String%29) or any overloads (but not without calling KeyChain.choosePrivateKeyAlias, even on Android 11 and above). Any app with the same Android UID as a package specified here will have access when they call KeyChain.choosePrivateKeyAlias. */ packageNames?: string[] | null; /** * The alias of the private key to be used. */ privateKeyAlias?: string | null; /** * The URL pattern to match against the URL of the request. If not set or empty, it matches all URLs. This uses the regular expression syntax of java.util.regex.Pattern. */ urlPattern?: string | null; } /** * Parameters associated with the CLEAR_APP_DATA command to clear the data of specified apps from the device. */ export interface Schema$ClearAppsDataParams { /** * The package names of the apps whose data will be cleared when the command is executed. */ packageNames?: string[] | null; } /** * Status of the CLEAR_APP_DATA command to clear the data of specified apps from the device. */ export interface Schema$ClearAppsDataStatus { /** * The per-app results, a mapping from package names to the respective clearing result. */ results?: { [key: string]: Schema$PerAppResult; } | null; } /** * A command. */ export interface Schema$Command { /** * Parameters for the CLEAR_APP_DATA command to clear the data of specified apps from the device. See ClearAppsDataParams. If this is set, then it is suggested that type should not be set. In this case, the server automatically sets it to CLEAR_APP_DATA. It is also acceptable to explicitly set type to CLEAR_APP_DATA. */ clearAppsDataParams?: Schema$ClearAppsDataParams; /** * Output only. Status of the CLEAR_APP_DATA command to clear the data of specified apps from the device. See ClearAppsDataStatus. */ clearAppsDataStatus?: Schema$ClearAppsDataStatus; /** * The timestamp at which the command was created. The timestamp is automatically generated by the server. */ createTime?: string | null; /** * The duration for which the command is valid. The command will expire if not executed by the device during this time. The default duration if unspecified is ten minutes. There is no maximum duration. */ duration?: string | null; /** * If the command failed, an error code explaining the failure. This is not set when the command is cancelled by the caller. */ errorCode?: string | null; /** * For commands of type RESET_PASSWORD, optionally specifies the new password. */ newPassword?: string | null; /** * For commands of type RESET_PASSWORD, optionally specifies flags. */ resetPasswordFlags?: string[] | null; /** * Parameters for the START_LOST_MODE command to put the device into lost mode. See StartLostModeParams. If this is set, then it is suggested that type should not be set. In this case, the server automatically sets it to START_LOST_MODE. It is also acceptable to explicitly set type to START_LOST_MODE. */ startLostModeParams?: Schema$StartLostModeParams; /** * Output only. Status of the START_LOST_MODE command to put the device into lost mode. See StartLostModeStatus. */ startLostModeStatus?: Schema$StartLostModeStatus; /** * Parameters for the STOP_LOST_MODE command to take the device out of lost mode. See StopLostModeParams. If this is set, then it is suggested that type should not be set. In this case, the server automatically sets it to STOP_LOST_MODE. It is also acceptable to explicitly set type to STOP_LOST_MODE. */ stopLostModeParams?: Schema$StopLostModeParams; /** * Output only. Status of the STOP_LOST_MODE command to take the device out of lost mode. See StopLostModeStatus. */ stopLostModeStatus?: Schema$StopLostModeStatus; /** * The type of the command. */ type?: string | null; /** * The resource name of the user that owns the device in the form enterprises/{enterpriseId\}/users/{userId\}. This is automatically generated by the server based on the device the command is sent to. */ userName?: string | null; } /** * Information about Common Criteria Mode—security standards defined in the Common Criteria for Information Technology Security Evaluation (https://www.commoncriteriaportal.org/) (CC).This information is only available if statusReportingSettings.commonCriteriaModeEnabled is true in the device's policy. */ export interface Schema$CommonCriteriaModeInfo { /** * Whether Common Criteria Mode is enabled. */ commonCriteriaModeStatus?: string | null; } /** * A rule declaring which mitigating actions to take when a device is not compliant with its policy. For every rule, there is always an implicit mitigating action to set policy_compliant to false for the Device resource, and display a message on the device indicating that the device is not compliant with its policy. Other mitigating actions may optionally be taken as well, depending on the field values in the rule. */ export interface Schema$ComplianceRule { /** * A condition which is satisfied if the Android Framework API level on the device doesn't meet a minimum requirement. */ apiLevelCondition?: Schema$ApiLevelCondition; /** * If set to true, the rule includes a mitigating action to disable apps so that the device is effectively disabled, but app data is preserved. If the device is running an app in locked task mode, the app will be closed and a UI showing the reason for non-compliance will be displayed. */ disableApps?: boolean | null; /** * A condition which is satisfied if there exists any matching NonComplianceDetail for the device. */ nonComplianceDetailCondition?: Schema$NonComplianceDetailCondition; /** * If set, the rule includes a mitigating action to disable apps specified in the list, but app data is preserved. */ packageNamesToDisable?: string[] | null; } /** * A TCP connect event was initiated through the standard network stack. */ export interface Schema$ConnectEvent { /** * The destination IP address of the connect call. */ destinationIpAddress?: string | null; /** * The destination port of the connect call. */ destinationPort?: number | null; /** * The package name of the UID that performed the connect call. */ packageName?: string | null; } /** * Contact details for managed Google Play enterprises. */ export interface Schema$ContactInfo { /** * Email address for a point of contact, which will be used to send important announcements related to managed Google Play. */ contactEmail?: string | null; /** * The email of the data protection officer. The email is validated but not verified. */ dataProtectionOfficerEmail?: string | null; /** * The name of the data protection officer. */ dataProtectionOfficerName?: string | null; /** * The phone number of the data protection officer The phone number is validated but not verified. */ dataProtectionOfficerPhone?: string | null; /** * The email of the EU representative. The email is validated but not verified. */ euRepresentativeEmail?: string | null; /** * The name of the EU representative. */ euRepresentativeName?: string | null; /** * The phone number of the EU representative. The phone number is validated but not verified. */ euRepresentativePhone?: string | null; } /** * This feature is not generally available. */ export interface Schema$ContentProviderEndpoint { /** * This feature is not generally available. */ packageName?: string | null; /** * Required. This feature is not generally available. */ signingCertsSha256?: string[] | null; /** * This feature is not generally available. */ uri?: string | null; } /** * Cross-profile policies applied on the device. */ export interface Schema$CrossProfilePolicies { /** * Whether text copied from one profile (personal or work) can be pasted in the other profile. */ crossProfileCopyPaste?: string | null; /** * Whether data from one profile (personal or work) can be shared with apps in the other profile. Specifically controls simple data sharing via intents. Management of other cross-profile communication channels, such as contact search, copy/paste, or connected work & personal apps, are configured separately. */ crossProfileDataSharing?: string | null; /** * Whether contacts stored in the work profile can be shown in personal profile contact searches and incoming calls. */ showWorkContactsInPersonalProfile?: string | null; /** * Specifies the default behaviour for work profile widgets. If the policy does not specify work_profile_widgets for a specific application, it will behave according to the value specified here. */ workProfileWidgetsDefault?: string | null; } /** * Validates whether Android’s built-in cryptographic library (BoringSSL) is valid. Should always succeed on device boot, if it fails, the device should be considered untrusted. */ export interface Schema$CryptoSelfTestCompletedEvent { /** * Whether the test succeeded. */ success?: boolean | null; } /** * Represents a whole or partial calendar date, such as a birthday. The time of day and time zone are either specified elsewhere or are insignificant. The date is relative to the Gregorian Calendar. This can represent one of the following: A full date, with non-zero year, month, and day values. A month and day, with a zero year (for example, an anniversary). A year on its own, with a zero month and a zero day. A year and month, with a zero day (for example, a credit card expiration date).Related types: google.type.TimeOfDay google.type.DateTime google.protobuf.Timestamp */ export interface Schema$Date { /** * Day of a month. Must be from 1 to 31 and valid for the year and month, or 0 to specify a year by itself or a year and month where the day isn't significant. */ day?: number | null; /** * Month of a year. Must be from 1 to 12, or 0 to specify a year without a month and day. */ month?: number | null; /** * Year of the date. Must be from 1 to 9999, or 0 to specify a date without a year. */ year?: number | null; } /** * A device owned by an enterprise. Unless otherwise noted, all fields are read-only and can't be modified by enterprises.devices.patch. */ export interface Schema$Device { /** * The API level of the Android platform version running on the device. */ apiLevel?: number | null; /** * Reports for apps installed on the device. This information is only available when application_reports_enabled is true in the device's policy. */ applicationReports?: Schema$ApplicationReport[]; /** * The password requirements currently applied to the device. The applied requirements may be slightly different from those specified in passwordPolicies in some cases. fieldPath is set based on passwordPolicies. */ appliedPasswordPolicies?: Schema$PasswordRequirements[]; /** * The name of the policy currently applied to the device. */ appliedPolicyName?: string | null; /** * The version of the policy currently applied to the device. */ appliedPolicyVersion?: string | null; /** * The state currently applied to the device. */ appliedState?: string | null; /** * Information about Common Criteria Mode—security standards defined in the Common Criteria for Information Technology Security Evaluation (https://www.commoncriteriaportal.org/) (CC).This information is only available if statusReportingSettings.commonCriteriaModeEnabled is true in the device's policy. */ commonCriteriaModeInfo?: Schema$CommonCriteriaModeInfo; /** * Device settings information. This information is only available if deviceSettingsEnabled is true in the device's policy. */ deviceSettings?: Schema$DeviceSettings; /** * If the device state is DISABLED, an optional message that is displayed on the device indicating the reason the device is disabled. This field can be modified by a patch request. */ disabledReason?: Schema$UserFacingMessage; /** * Detailed information about displays on the device. This information is only available if displayInfoEnabled is true in the device's policy. */ displays?: Schema$Display[]; /** * The time of device enrollment. */ enrollmentTime?: string | null; /** * If the device was enrolled with an enrollment token with additional data provided, this field contains that data. */ enrollmentTokenData?: string | null; /** * If the device was enrolled with an enrollment token, this field contains the name of the token. */ enrollmentTokenName?: string | null; /** * Detailed information about the device hardware. */ hardwareInfo?: Schema$HardwareInfo; /** * Hardware status samples in chronological order. This information is only available if hardwareStatusEnabled is true in the device's policy. */ hardwareStatusSamples?: Schema$HardwareStatus[]; /** * Deprecated. */ lastPolicyComplianceReportTime?: string | null; /** * The last time the device fetched its policy. */ lastPolicySyncTime?: string | null; /** * The last time the device sent a status report. */ lastStatusReportTime?: string | null; /** * The type of management mode Android Device Policy takes on the device. This influences which policy settings are supported. */ managementMode?: string | null; /** * Events related to memory and storage measurements in chronological order. This information is only available if memoryInfoEnabled is true in the device's policy. */ memoryEvents?: Schema$MemoryEvent[]; /** * Memory information: contains information about device memory and storage. */ memoryInfo?: Schema$MemoryInfo; /** * The name of the device in the form enterprises/{enterpriseId\}/devices/{deviceId\}. */ name?: string | null; /** * Device network information. This information is only available if networkInfoEnabled is true in the device's policy. */ networkInfo?: Schema$NetworkInfo; /** * Details about policy settings that the device is not compliant with. */ nonComplianceDetails?: Schema$NonComplianceDetail[]; /** * Ownership of the managed device. */ ownership?: string | null; /** * Whether the device is compliant with its policy. */ policyCompliant?: boolean | null; /** * The name of the policy applied to the device, in the form enterprises/{enterpriseId\}/policies/{policyId\}. If not specified, the policy_name for the device's user is applied. This field can be modified by a patch request. You can specify only the policyId when calling enterprises.devices.patch, as long as the policyId doesn’t contain any slashes. The rest of the policy name is inferred. */ policyName?: string | null; /** * Power management events on the device in chronological order. This information is only available if powerManagementEventsEnabled is true in the device's policy. */ powerManagementEvents?: Schema$PowerManagementEvent[]; /** * If the same physical device has been enrolled multiple times, this field contains its previous device names. The serial number is used as the unique identifier to determine if the same physical device has enrolled previously. The names are in chronological order. */ previousDeviceNames?: string[] | null; /** * Device's security posture value that reflects how secure the device is. */ securityPosture?: Schema$SecurityPosture; /** * Detailed information about the device software. This information is only available if softwareInfoEnabled is true in the device's policy. */ softwareInfo?: Schema$SoftwareInfo; /** * The state to be applied to the device. This field can be modified by a patch request. Note that when calling enterprises.devices.patch, ACTIVE and DISABLED are the only allowable values. To enter the device into a DELETED state, call enterprises.devices.delete. */ state?: string | null; /** * Map of selected system properties name and value related to the device. This information is only available if systemPropertiesEnabled is true in the device's policy. */ systemProperties?: { [key: string]: string; } | null; /** * The user who owns the device. */ user?: Schema$User; /** * The resource name of the user that owns this device in the form enterprises/{enterpriseId\}/users/{userId\}. */ userName?: string | null; } /** * Covers controls for device connectivity such as Wi-Fi, USB data access, keyboard/mouse connections, and more. */ export interface Schema$DeviceConnectivityManagement { /** * Controls Wi-Fi configuring privileges. Based on the option set, user will have either full or limited or no control in configuring Wi-Fi networks. */ configureWifi?: string | null; /** * Controls tethering settings. Based on the value set, the user is partially or fully disallowed from using different forms of tethering. */ tetheringSettings?: string | null; /** * Controls what files and/or data can be transferred via USB. Supported only on company-owned devices. */ usbDataAccess?: string | null; /** * Controls configuring and using Wi-Fi direct settings. Supported on company-owned devices running Android 13 and above. */ wifiDirectSettings?: string | null; } /** * Controls for device radio settings. */ export interface Schema$DeviceRadioState { /** * Controls whether airplane mode can be toggled by the user or not */ airplaneModeState?: string | null; /** * Controls current state of Wi-Fi and if user can change its state. */ wifiState?: string | null; } /** * Information about security related device settings on device. */ export interface Schema$DeviceSettings { /** * Whether ADB (https://developer.android.com/studio/command-line/adb.html) is enabled on the device. */ adbEnabled?: boolean | null; /** * Whether developer mode is enabled on the device. */ developmentSettingsEnabled?: boolean | null; /** * Encryption status from DevicePolicyManager. */ encryptionStatus?: string | null; /** * Whether the device is secured with PIN/password. */ isDeviceSecure?: boolean | null; /** * Whether the storage encryption is enabled. */ isEncrypted?: boolean | null; /** * Whether installing apps from unknown sources is enabled. */ unknownSourcesEnabled?: boolean | null; /** * Whether Google Play Protect verification (https://support.google.com/accounts/answer/2812853) is enforced on the device. */ verifyAppsEnabled?: boolean | null; } /** * Device display information. */ export interface Schema$Display { /** * Display density expressed as dots-per-inch. */ density?: number | null; /** * Unique display id. */ displayId?: number | null; /** * Display height in pixels. */ height?: number | null; /** * Name of the display. */ name?: string | null; /** * Refresh rate of the display in frames per second. */ refreshRate?: number | null; /** * State of the display. */ state?: string | null; /** * Display width in pixels. */ width?: number | null; } /** * A DNS lookup event was initiated through the standard network stack. */ export interface Schema$DnsEvent { /** * The hostname that was looked up. */ hostname?: string | null; /** * The (possibly truncated) list of the IP addresses returned for DNS lookup (max 10 IPv4 or IPv6 addresses). */ ipAddresses?: string[] | null; /** * The package name of the UID that performed the DNS lookup. */ packageName?: string | null; /** * The number of IP addresses returned from the DNS lookup event. May be higher than the amount of ip_addresses if there were too many addresses to log. */ totalIpAddressesReturned?: string | null; } /** * A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); \} */ export interface Schema$Empty { } /** * Represents that the device has completed enrollment. User should be in the launcher at this point, device at this point will be compliant and all setup steps have been completed. Intentionally empty. */ export interface Schema$EnrollmentCompleteEvent { } /** * An enrollment token. */ export interface Schema$EnrollmentToken { /** * Optional, arbitrary data associated with the enrollment token. This could contain, for example, the ID of an org unit the device is assigned to after enrollment. After a device enrolls with the token, this data will be exposed in the enrollment_token_data field of the Device resource. The data must be 1024 characters or less; otherwise, the creation request will fail. */ additionalData?: string | null; /** * Controls whether personal usage is allowed on a device provisioned with this enrollment token.For company-owned devices: Enabling personal usage allows the user to set up a work profile on the device. Disabling personal usage requires the user provision the device as a fully managed device.For personally-owned devices: Enabling personal usage allows the user to set up a work profile on the device. Disabling personal usage will prevent the device from provisioning. Personal usage cannot be disabled on personally-owned device. */ allowPersonalUsage?: string | null; /** * The length of time the enrollment token is valid, ranging from 1 minute to Durations.MAX_VALUE (https://developers.google.com/protocol-buffers/docs/reference/java/com/google/protobuf/util/Durations.html#MAX_VALUE), approximately 10,000 years. If not specified, the default duration is 1 hour. Please note that if requested duration causes the resulting expiration_timestamp to exceed Timestamps.MAX_VALUE (https://deve