DelegatedAdminReceiver

public class DelegatedAdminReceiver
extends BroadcastReceiver

java.lang.Object
   ↳ android.content.BroadcastReceiver
     ↳ android.app.admin.DelegatedAdminReceiver


Base class for delegated apps to handle callbacks related to their delegated capabilities.

Delegated apps are apps that receive additional capabilities from the profile owner or device owner apps. Some of these capabilities involve the framework calling into the apps. To receive these callbacks, delegated apps should subclass this class and override the appropriate methods here. The subclassed receiver needs to be published in the app's manifest, with appropriate intent filters to mark which callbacks the receiver is interested in. An app can have multiple receivers as long as they listen for disjoint set of callbacks. For the manifest definitions, it must be protected by the Manifest.permission.BIND_DEVICE_ADMIN permission to ensure only the system can trigger these callbacks.

The callback methods happen on the main thread of the process. Thus long running operations must be done on another thread. Note that because a receiver is done once returning from its onReceive function, such long-running operations should probably be done in a Service.

Summary

Public constructors

DelegatedAdminReceiver()

Public methods

String onChoosePrivateKeyAlias(Context context, Intent intent, int uid, Uri uri, String alias)

Allows this receiver to select the alias for a private key and certificate pair for authentication.

void onNetworkLogsAvailable(Context context, Intent intent, long batchToken, int networkLogsCount)

Called each time a new batch of network logs can be retrieved.

final void onReceive(Context context, Intent intent)

Intercept delegated device administrator broadcasts.

void onSecurityLogsAvailable(Context context, Intent intent)

Called each time a new batch of security logs can be retrieved.

Inherited methods

Public constructors

DelegatedAdminReceiver

public DelegatedAdminReceiver ()

Public methods

onChoosePrivateKeyAlias

Added in API level 29
public String onChoosePrivateKeyAlias (Context context, 
                Intent intent, 
                int uid, 
                Uri uri, 
                String alias)

Allows this receiver to select the alias for a private key and certificate pair for authentication. If this method returns null, the default Activity will be shown that lets the user pick a private key and certificate pair. If this method returns KeyChain#KEY_ALIAS_SELECTION_DENIED, the default Activity will not be shown and the user will not be allowed to pick anything. And the app, that called KeyChain#choosePrivateKeyAlias, will receive null back.

This callback is only applicable if the delegated app has DevicePolicyManager#DELEGATION_CERT_SELECTION capability. Additionally, it must declare an intent filter for DeviceAdminReceiver#ACTION_CHOOSE_PRIVATE_KEY_ALIAS in the receiver's manifest in order to receive this callback. The default implementation simply throws UnsupportedOperationException.

Parameters
context Context: The running context as per onReceive(Context, Intent). This value cannot be null.

intent Intent: The received intent as per onReceive(Context, Intent). This value cannot be null.

uid int: The uid of the app asking for the private key and certificate pair.

uri Uri: The URI to authenticate, may be null.

alias String: The alias preselected by the client, or null.

Returns
String The private key alias to return and grant access to.

onNetworkLogsAvailable

Added in API level 29
public void onNetworkLogsAvailable (Context context, 
                Intent intent, 
                long batchToken, 
                int networkLogsCount)

Called each time a new batch of network logs can be retrieved. This callback method will only ever be called when network logging is enabled. The logs can only be retrieved while network logging is enabled.

If a secondary user or profile is created, this callback won't be received until all users become affiliated again (even if network logging is enabled). It will also no longer be possible to retrieve the network logs batch with the most recent batchToken provided by this callback. See DevicePolicyManager#setAffiliationIds.

This callback is only applicable if the delegated app has DevicePolicyManager#DELEGATION_NETWORK_LOGGING capability. Additionally, it must declare an intent filter for DeviceAdminReceiver#ACTION_NETWORK_LOGS_AVAILABLE in the receiver's manifest in order to receive this callback. The default implementation simply throws UnsupportedOperationException.

This callback is triggered by a foreground broadcast and the app should ensure that any long-running work is not executed synchronously inside the callback.

Parameters
context Context: The running context as per onReceive(Context, Intent). This value cannot be null.

intent Intent: The received intent as per onReceive(Context, Intent). This value cannot be null.

batchToken long: The token representing the current batch of network logs.

networkLogsCount int: The total count of events in the current batch of network logs. Value is 1 or greater

onReceive

Added in API level 29
public final void onReceive (Context context, 
                Intent intent)

Intercept delegated device administrator broadcasts. Implementations should not override this method; implement the convenience callbacks for each action instead.

Parameters
context Context: This value cannot be null.

intent Intent: This value cannot be null.

onSecurityLogsAvailable

Added in API level 31
public void onSecurityLogsAvailable (Context context, 
                Intent intent)

Called each time a new batch of security logs can be retrieved. This callback method will only ever be called when security logging is enabled. The logs can only be retrieved while security logging is enabled.

If a secondary user or profile is created, this callback won't be received until all users become affiliated again (even if security logging is enabled). It will also no longer be possible to retrieve the security logs. See DevicePolicyManager#setAffiliationIds.

This callback is only applicable if the delegated app has DevicePolicyManager#DELEGATION_SECURITY_LOGGING capability. Additionally, it must declare an intent filter for DeviceAdminReceiver#ACTION_SECURITY_LOGS_AVAILABLE in the receiver's manifest in order to receive this callback. The default implementation simply throws UnsupportedOperationException.

This callback is triggered by a foreground broadcast and the app should ensure that any long-running work is not executed synchronously inside the callback.

Parameters
context Context: The running context as per onReceive(Context, Intent). This value cannot be null.

intent Intent: The received intent as per onReceive(Context, Intent). This value cannot be null.