Resource: Device
A Device within the Cloud Identity Devices API.
Represents a Device
known to Google Cloud, independent of the device ownership, type, and whether it is assigned or in use by a user.
JSON representation |
---|
{ "name": string, "createTime": string, "lastSyncTime": string, "ownerType": enum ( |
Fields | |
---|---|
name |
Output only. Resource name of the Device in format: |
createTime |
Output only. When the Company-Owned device was imported. This field is empty for BYOD devices. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
lastSyncTime |
Most recent time when device synced with this service. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
ownerType |
Output only. Whether the device is owned by the company or an individual |
model |
Output only. Model name of device. Example: Pixel 3. |
osVersion |
Output only. OS version of the device. Example: Android 8.1.0. |
deviceType |
Output only. Type of device. |
serialNumber |
Serial Number of device. Example: HT82V1A01076. |
assetTag |
Asset tag of the device. |
imei |
Output only. IMEI number of device if GSM device; empty otherwise. |
meid |
Output only. MEID number of device if CDMA device; empty otherwise. |
wifiMacAddresses[] |
WiFi MAC addresses of device. |
networkOperator |
Output only. Mobile or network operator of device, if available. |
manufacturer |
Output only. Device manufacturer. Example: Motorola. |
releaseVersion |
Output only. OS release version. Example: 6.0. |
brand |
Output only. Device brand. Example: Samsung. |
buildNumber |
Output only. Build number of the device. |
kernelVersion |
Output only. Kernel version of the device. |
basebandVersion |
Output only. Baseband version of the device. |
enabledDeveloperOptions |
Output only. Whether developer options is enabled on device. |
otherAccounts[] |
Output only. Domain name for Google accounts on device. Type for other accounts on device. On Android, will only be populated if |ownershipPrivilege| is |PROFILE_OWNER| or |DEVICE_OWNER|. Does not include the account signed in to the device policy app if that account's domain has only one account. Examples: "com.example", "xyz.com". |
enabledUsbDebugging |
Output only. Whether USB debugging is enabled on device. |
securityPatchTime |
Output only. OS security patch update time on device. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
bootloaderVersion |
Output only. Device bootloader version. Example: 0.6.7. |
encryptionState |
Output only. Device encryption state. |
androidSpecificAttributes |
Output only. Attributes specific to Android devices. |
managementState |
Output only. Management state of the device |
compromisedState |
Output only. Represents whether the Device is compromised. |
deviceId |
Unique identifier for the device. |
endpointVerificationSpecificAttributes |
Output only. Attributes specific to Endpoint Verification devices. |
hostname |
Host name of the device. |
DeviceOwnership
Possible owners of the device: Company or individual
Enums | |
---|---|
DEVICE_OWNERSHIP_UNSPECIFIED |
Default value. The value is unused. |
COMPANY |
Company owns the device. |
BYOD |
Bring Your Own Device (i.e. individual owns the device) |
DeviceType
Type of device
Enums | |
---|---|
DEVICE_TYPE_UNSPECIFIED |
Unknown device type |
ANDROID |
Device is an Android device |
IOS |
Device is an iOS device |
GOOGLE_SYNC |
Device is a Google Sync device. |
WINDOWS |
Device is a Windows device. |
MAC_OS |
Device is a MacOS device. |
LINUX |
Device is a Linux device. |
CHROME_OS |
Device is a ChromeOS device. |
EncryptionState
Possible values of encryption state for this device.
Enums | |
---|---|
ENCRYPTION_STATE_UNSPECIFIED |
Encryption Status is not set. |
UNSUPPORTED_BY_DEVICE |
Device doesn't support encryption. |
ENCRYPTED |
Device is encrypted. |
NOT_ENCRYPTED |
Device is not encrypted. |
AndroidAttributes
Resource representing the Android specific attributes of a Device.
JSON representation |
---|
{
"enabledUnknownSources": boolean,
"supportsWorkProfile": boolean,
"ownerProfileAccount": boolean,
"ownershipPrivilege": enum ( |
Fields | |
---|---|
enabledUnknownSources |
Whether applications from unknown sources can be installed on device. |
supportsWorkProfile |
Whether device supports Android work profiles. If false, this service will not block access to corp data even if an administrator turns on the "Enforce Work Profile" policy. |
ownerProfileAccount |
Whether this account is on an owner/primary profile. For phones, only true for owner profiles. Android 4+ devices can have secondary or restricted user profiles. |
ownershipPrivilege |
Ownership privileges on device. |
verifiedBoot |
Whether Android verified boot status is GREEN. |
ctsProfileMatch |
Whether the device passes Android CTS compliance. |
verifyAppsEnabled |
Whether Google Play Protect Verify Apps is enabled. |
hasPotentiallyHarmfulApps |
Whether any potentially harmful apps were detected on the device. |
OwnershipPrivilege
Specifies how the device ownership privilege is configured on the device.
Enums | |
---|---|
OWNERSHIP_PRIVILEGE_UNSPECIFIED |
Ownership privilege is not set. |
DEVICE_ADMINISTRATOR |
Active device administrator privileges on the device. |
PROFILE_OWNER |
Profile Owner privileges. The account is in a managed corporate profile. |
DEVICE_OWNER |
Device Owner privileges on the device. |
ManagementState
Possible management states of a device.
Enums | |
---|---|
MANAGEMENT_STATE_UNSPECIFIED |
Default value. This value is unused. |
APPROVED |
Device is approved. |
BLOCKED |
Device is blocked. |
PENDING |
Device is pending approval. |
UNPROVISIONED |
The device is not provisioned. Device will start from this state until some action is taken (i.e. a user starts using the device). |
WIPING |
Data and settings on the device are being removed. |
WIPED |
All data and settings on the device are removed. |
CompromisedState
Represents whether the device is compromised
Enums | |
---|---|
COMPROMISED_STATE_UNSPECIFIED |
Default value. |
COMPROMISED |
The device is compromised (currently, this means Android device is rooted). |
UNCOMPROMISED |
The device is safe (currently, this means Android device is unrooted). |
EndpointVerificationSpecificAttributes
Resource representing the Endpoint Verification-specific attributes of a device.
JSON representation |
---|
{ "certificateAttributes": [ { object ( |
Fields | |
---|---|
certificateAttributes[] |
Details of certificates. |
browserAttributes[] |
Details of browser profiles reported by Endpoint Verification. |
additionalSignals |
Additional signals reported by Endpoint Verification. It includes the following attributes:
|
CertificateAttributes
Stores information about a certificate.
JSON representation |
---|
{ "fingerprint": string, "thumbprint": string, "validationState": enum ( |
Fields | |
---|---|
fingerprint |
The encoded certificate fingerprint. |
thumbprint |
The certificate thumbprint. |
validationState |
Output only. Validation state of this certificate. |
serialNumber |
Serial number of the certificate, Example: "123456789". |
validityStartTime |
Certificate not valid before this timestamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
validityExpirationTime |
Certificate not valid at or after this timestamp. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
issuer |
The name of the issuer of this certificate. |
subject |
The subject name of this certificate. |
certificateTemplate |
The X.509 extension for CertificateTemplate. |
CertificateValidationState
Certificate validation status, which denotes if the certificate chain was validated for this certificate and if this certificate chains up to a trusted root for enterprise certificates.
Enums | |
---|---|
CERTIFICATE_VALIDATION_STATE_UNSPECIFIED |
Default value. |
VALIDATION_SUCCESSFUL |
Certificate validation was successful. |
VALIDATION_FAILED |
Certificate validation failed. |
CertificateTemplate
CertificateTemplate (v3 Extension in X.509).
JSON representation |
---|
{ "id": string, "majorVersion": integer, "minorVersion": integer } |
Fields | |
---|---|
id |
The template id of the template. Example: "1.3.6.1.4.1.311.21.8.15608621.11768144.5720724.16068415.6889630.81.2472537.7784047". |
majorVersion |
The Major version of the template. Example: 100. |
minorVersion |
The minor version of the template. Example: 12. |
BrowserAttributes
Contains information about browser profiles reported by the Endpoint Verification extension.
JSON representation |
---|
{
"lastProfileSyncTime": string,
"chromeBrowserInfo": {
object ( |
Fields | |
---|---|
lastProfileSyncTime |
Timestamp in milliseconds since the Unix epoch when the profile/gcm id was last synced. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
chromeBrowserInfo |
Represents the current state of the Chrome browser attributes sent by the Endpoint Verification extension. |
chromeProfileId |
Chrome profile ID that is exposed by the Chrome API. It is unique for each device. |
BrowserInfo
Browser-specific fields reported by the Endpoint Verification extension.
JSON representation |
---|
{ "browserVersion": string, "browserManagementState": enum ( |
Fields | |
---|---|
browserVersion |
Version of the request initiating browser. E.g.
|
browserManagementState |
Output only. Browser's management state. |
isFileUploadAnalysisEnabled |
Current state of file upload analysis. Set to true if provider list from Chrome is non-empty. |
isFileDownloadAnalysisEnabled |
Current state of file download analysis. Set to true if provider list from Chrome is non-empty. |
isBulkDataEntryAnalysisEnabled |
Current state of bulk data analysis. Set to true if provider list from Chrome is non-empty. |
isSecurityEventAnalysisEnabled |
Current state of security event analysis. Set to true if provider list from Chrome is non-empty. |
isRealtimeUrlCheckEnabled |
Current state of real-time URL check. Set to true if provider list from Chrome is non-empty. |
safeBrowsingProtectionLevel |
Current state of Safe Browsing protection level. |
isSiteIsolationEnabled |
Current state of site isolation. |
isBuiltInDnsClientEnabled |
Current state of built-in DNS client. |
passwordProtectionWarningTrigger |
Current state of password protection trigger. |
isChromeRemoteDesktopAppBlocked |
Current state of Chrome Remote Desktop app. |
isChromeCleanupEnabled |
Current state of Chrome Cleanup. |
isThirdPartyBlockingEnabled |
Current state of third-party blocking. |
BrowserManagementState
Information regarding management state of the profile.
Enums | |
---|---|
UNSPECIFIED |
Management state is not specified. |
UNMANAGED |
Browser/Profile is not managed by any customer. |
MANAGED_BY_OTHER_DOMAIN |
Browser/Profile is managed, but by some other customer. |
PROFILE_MANAGED |
Profile is managed by customer. |
BROWSER_MANAGED |
Browser is managed by customer. |
SafeBrowsingLevel
Information regarding the browsing protection level policy of the browser.
Enums | |
---|---|
SAFE_BROWSING_LEVEL_UNSPECIFIED |
Browser protection level is not specified. |
DISABLED |
No protection against dangerous websites, downloads, and extensions. |
STANDARD |
Standard protection against websites, downloads, and extensions that are known to be dangerous. |
ENHANCED |
Faster, proactive protection against dangerous websites, downloads, and extensions. |
PasswordProtectionTrigger
Information regarding the password protect warning trigger policy of the browser
Enums | |
---|---|
PASSWORD_PROTECTION_TRIGGER_UNSPECIFIED |
Password protection is not specified. |
PROTECTION_OFF |
Password reuse is never detected. |
PASSWORD_REUSE |
Warning is shown when the user reuses their protected password on a non-allowed site. |
PHISHING_REUSE |
Warning is shown when the user reuses their protected password on a phishing site. |
Methods |
|
---|---|
|
Cancels an unfinished device wipe. |
|
Creates a device. |
|
Deletes the specified device. |
|
Retrieves the specified device. |
|
Lists/Searches devices. |
|
Wipes all data on the specified device. |