Restrictions Payload (Android Enterprise)

An application restrictions payload sets restrictions for fully managed Android Enterprise devices. Each device can only use one restrictions payload. If there are multiple restrictions payloads applied to the folder the device is in, only the payload with the highest priority will be sent to the device. You can view the payloads that have been sent to the device by viewing device details.

When you are using a restrictions payload, ensure you are not locking down functionality that is required for other operations. For example, watch for the following scenarios:

Ensure your white listed apps are installed on the device before you apply the payload.

Do not block the Settings application if you are using a passcode payload, since the user needs to access Settings in order to set or change a passcode.

To deactivate app restrictions, edit the original payload, redeploy the payload, and sync the desired devices.

Admin password

Devices that receive a restrictions payload can be set to require an admin password to preform certain actions from the device, such as unenrolling. To set an admin password, create or edit an Android Enterprise Restrictions payload, select Enable Admin Override, then enter a password. When attempting to preform a restricted action, the device user will be prompted for the admin password.

ClosedDedicated device mode / kiosk mode

ClosedFully managed device mode