Application Block/Allowlisting for Android Samsung devices

This article describes Miradore's application blocklist and allowlist configuration profiles for Android Samsung devices.

Requirements

• Available for Premium Plan customers.
• Application blocklisting and allowlisting require Miradore's Android client version 2.2.9 or newer.
• Application black/whitelisting also requires a Samsung SAFE enabled device with Android version 4.2 or newer.

What does application blocklisting or allowlisting mean?

Application blocklisting means that the defined applications cannot be installed on a target device. If a blocklisted application is already installed, it is blocked and cannot be started.

Application allowlisting means that all applications, except the ones explicitly defined, are blocked. The end user can only install or use those applications that have explicitly been defined.

Please note that you cannot blocklist or allowlist system applications, or applications that have been pre-installed on the device by the manufacturer.

How to deploy an application blocklist or allowlist configuration to a device?

First, you need to create a new configuration profile and define the affected applications. The process of creating application blocklist and allowlist configurations is identical, so we will only use the blocklist configuration as an example.

Start by navigating to Mobile management > Configuration profiles and creating an application blocklist configuration for Android. See Creating a configuration profile for more details. When creating the profile you have to define the affected applications. Applications are identified by application specific package names. To find the package name of an application, open a browser and find that application from Google Play. The package name can then be copied from the page URL. For example, the URL for Angry Birds is https://play.google.com/store/apps/details?id=com.rovio.angrybirds. To add Angry Birds to your new profile, copy com.rovio.angrybirds from the URL and paste it to the input box and then press add. You can add as many applications as you want. When you've added all the applications you want, press Next.

Once the blocklist configuration profile has been created, administrators can deploy it to all supported Android devices in your Miradore site. See more in Deploying a configuration profile for further information. After the profile has been successfully deployed, the defined applications can no longer be used or installed.

This is what happens when the user tries to install a blocklisted application or an application that is not allowlisted and an allowlist policy is active. A notification is shown informing the user that there is a policy in place that restricts the installation of the application. A somewhat cryptic -110 error dialog might also be shown.

Limitations

You cannot have blocklists and allowlists active at the same time. If you deploy an allowlist policy to a device that already has active blocklist policies in place, the blocklist policies will be removed and only the new allowlist policy remains active. The same thing happens when you deploy a blocklist policy to a device that has active allowlist policies in place. You can however, have multiple restriction policies active as long as they are of the same type.

Viewing active restrictions

Blocklisted and allowlisted applications are collected as part of the device inventory. To view which restrictions are currently active on a device, open the device form and go to the Inventory tab. Active restrictions can be seen in the Application restrictions table.

How to disable application blocklist/allowlist configurations

Application blocklists and allowlists can be disabled by simply deleting the deployed configuration profile from the device. This can be done by opening the device page and clicking the trashcan icon in the Configuration profiles table. See Removing deployed configuration profiles for further information.