The solution is to use: Device Administration API
The device administration API is specifically designed for enterprise applications. And this API provides administration functions at the system level.
so how does it work?
You use the device administration API to write device manager applications that users install on their devices. The device administrator application applies the required policies. Here's how it works:
If users do not activate the deviceโs administrator application, it remains on the device, but in an inactive state. Users will not obey their policies, and on the contrary, they will not receive any advantages of the application, for example, they may not synchronize data.
If the user does not comply with the policy (for example, if the user sets a password that violates the recommendations), then the application can decide how to deal with it. However, usually this will result in the user being unable to synchronize data.
If the device tries to connect to a server that requires policies that are not supported in the device administration API, the connection will not be allowed. Currently, the device administration API does not provide for partial preparation. In other words, if a device (for example, an outdated device) does not support all of these policies, it is not possible to connect the device.
If the device contains several authorized administrator applications, the strictest policy is applied. Cannot target a specific admin application.
To remove an existing device administrator application, users must first unregister the application as an administrator.
Here is an example code that implements the same:
import java.util.List; import android.os.Bundle; import android.app.Activity; import android.app.admin.DevicePolicyManager; import android.content.ComponentName; import android.content.Context; import android.util.Log; import android.view.Menu; public class ActiveDevicePolicy extends Activity { private DevicePolicyManager activeDevicePolicyManager; private final String LOG_TAG = "ActiveDevicePolicy"; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_active_device_policy); activeDevicePolicyManager = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE); List<ComponentName> activeAdmins = activeDevicePolicyManager.getActiveAdmins(); if(activeAdmins != null && !activeAdmins.isEmpty()){ for(int index = 0; index < activeAdmins.size(); index++ ){ Log.i(LOG_TAG, "flattenToShortString: "+ activeAdmins.get(index).flattenToShortString()); Log.i(LOG_TAG, "flattenToString: "+ activeAdmins.get(index).flattenToString()); Log.i(LOG_TAG, "getClassName: "+ activeAdmins.get(index).getClassName()); Log.i(LOG_TAG, "getPackageName: "+ activeAdmins.get(index).getPackageName()); Log.i(LOG_TAG, "getShortClassName: "+ activeAdmins.get(index).getShortClassName()); Log.i(LOG_TAG, "toShortString: "+ activeAdmins.get(index).toShortString()); } } else { Log.i(LOG_TAG, "No Active Device Policy Manager"); } } }
In the above code, I called the DevicePolicyManager.getActiveAdmins() method to get a list of all currently active administrators. Now the interesting part here is that since it returns a list; this list can have more than one device administrator . Therefore, the most stringent policies remain active!
Hope this helps!