Android Enterprise Permission Management
For all the Android Enterprise deployed apps, app run time permissions are managed through MDM.
Device Wide Permission Policy
By default in the device, We “auto-grant” all the requested permissions in all the deployed apps. The MDM administrator can change the permission enforcement logic device wide using the below select list box.
- PERMISSION_POLICY_PROMPT – Let end users control the permission
- PERMISSION_POLICY_AUTO_GRANT – automatically grant all the requested app permissions
- PERMISSION_POLICY_AUTO_DENY – automatically deny all the requested app permissions
Individual App Permission Control
The MDM Administrator can also control the individual runtime permissions in an app. See below image illustrations. For example, The MDM Administrator can deny “Device wide” permissions but then allow only permissions for a single app.