I have an application within this policy which contains permissionGrants. I have applied this policy to multiple fully managed devices; however, when going to applications to look at the permissions on the physical device, these GRANT permissions are not reflected on the device. It simply says for example, that Chrome has no permissions. Is there a precursor setting that must be in place in order for specific application permissions to be controllable via Android Management API policies?
Here is the current policy:
"applications": [
{
"packageName": "com.android.chrome",
"installType": "FORCE_INSTALLED",
"permissionGrants": [
{
"permission": "ACCESS_COARSE_LOCATION",
"policy": "GRANT"
},
{
"permission": "ACCESS_FINE_LOCATION",
"policy": "GRANT"
},
{
"permission": "WRITE_EXTERNAL_STORAGE",
"policy": "GRANT"
},
{
"permission": "READ_EXTERNAL_STORAGE",
"policy": "GRANT"
},
{
"permission": "READ_CALL_LOG",
"policy": "GRANT"
},
{
"permission": "READ_PHONE_STATE",
"policy": "GRANT"
},
{
"permission": "READ_CONTACTS",
"policy": "GRANT"
},
{
"permission": "READ_SMS",
"policy": "GRANT"
},
{
"permission": "RECEIVE_SMS",
"policy": "GRANT"
},
{
"permission": "RECEIVE_MMS",
"policy": "GRANT"
},
{
"permission": "CAMERA",
"policy": "GRANT"
},
{
"permission": "REQUEST_IGNORE_BATTERY_OPTIMIZATIONS",
"policy": "GRANT"
}
]
}
]
The permission value should be the value of the permission constant, not the name of it. E.g. instead of "ACCESS_COARSE_LOCATION" you should have "android.permission.ACCESS_COARSE_LOCATION"
"applications": [
{
"packageName": "com.android.chrome",
"installType": "FORCE_INSTALLED",
"permissionGrants": [
{
"permission": "android.permission.ACCESS_COARSE_LOCATION",
"policy": "GRANT"
},
{
"permission": "android.permission.ACCESS_FINE_LOCATION",
"policy": "GRANT"
},
{
"permission": "android.permission.WRITE_EXTERNAL_STORAGE",
"policy": "GRANT"
},
...
]
}
]