Identity Access Context Manager v1 API - Class DevicePolicy (2.2.0)

public sealed class DevicePolicy : IMessage<DevicePolicy>, IEquatable<DevicePolicy>, IDeepCloneable<DevicePolicy>, IBufferMessage, IMessage

Reference documentation and code samples for the Identity Access Context Manager v1 API class DevicePolicy.

DevicePolicy specifies device specific restrictions necessary to acquire a given access level. A DevicePolicy specifies requirements for requests from devices to be granted access levels, it does not do any enforcement on the device. DevicePolicy acts as an AND over all specified fields, and each repeated field is an OR over its elements. Any unset fields are ignored. For example, if the proto is { os_type : DESKTOP_WINDOWS, os_type : DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be true for requests originating from encrypted Linux desktops and encrypted Windows desktops.

Inheritance

Object > DevicePolicy

Namespace

Google.Identity.AccessContextManager.V1

Assembly

Google.Identity.AccessContextManager.V1.dll

Constructors

DevicePolicy()

public DevicePolicy()

DevicePolicy(DevicePolicy)

public DevicePolicy(DevicePolicy other)
Parameter
NameDescription
otherDevicePolicy

Properties

AllowedDeviceManagementLevels

public RepeatedField<DeviceManagementLevel> AllowedDeviceManagementLevels { get; }

Allowed device management levels, an empty list allows all management levels.

Property Value
TypeDescription
RepeatedField<DeviceManagementLevel>

AllowedEncryptionStatuses

public RepeatedField<DeviceEncryptionStatus> AllowedEncryptionStatuses { get; }

Allowed encryptions statuses, an empty list allows all statuses.

Property Value
TypeDescription
RepeatedField<DeviceEncryptionStatus>

OsConstraints

public RepeatedField<OsConstraint> OsConstraints { get; }

Allowed OS versions, an empty list allows all types and all versions.

Property Value
TypeDescription
RepeatedField<OsConstraint>

RequireAdminApproval

public bool RequireAdminApproval { get; set; }

Whether the device needs to be approved by the customer admin.

Property Value
TypeDescription
Boolean

RequireCorpOwned

public bool RequireCorpOwned { get; set; }

Whether the device needs to be corp owned.

Property Value
TypeDescription
Boolean

RequireScreenlock

public bool RequireScreenlock { get; set; }

Whether or not screenlock is required for the DevicePolicy to be true. Defaults to false.

Property Value
TypeDescription
Boolean