You can manage software apps for your JumpCloud’s Android Enterprise Mobility Management (EMM)-enrolled devices with JumpCloud’s Software Management. Adding and managing Android apps saves you time and ensures that your users can access all the apps they need.
As an IT Admin, you’ll create a customized version of the Google Play Store to control which public, private, and web apps your users can access. End users will access the Managed Google Play Store and be able to choose an app to install. After the app is added to JumpCloud, you control who uses it by assigning specific devices or device groups to the app.
Only Android apps are currently supported.
These types of Android apps are supported:
- Public app – Users can search and browse your curated list of Google Play Store apps, view app details, and select apps. Google Maps is an example of a public app. Some public apps are factory-installed on an Android device. Some public apps are free and others have a fee.
Your users can choose to download and install a paid public app if it appears in your custom Play Store, and expense it later if needed. Managing app licensure is not supported via JumpCloud nor through the underlying Google APIs.
- Private app – You determine which private apps you’ll publish and manage. Private apps are only available for your organization. When you publish a private app for the first time, a Play Console account is created for your organization. Private apps are automatically approved for your organization and are typically ready for distribution within 10 minutes. You can upload up to 15 private apps per day.
This references Google-hosted private app management via the EMM console instead of going through the Google Play Console. Self-hosted private app management is not supported.
- Web app – You can create and distribute web site shortcuts as web apps.
Prerequisites
- A company Android EMM account is required to configure Android EMM for your organization. See Set up Android EMM.
- Every Android device must be enrolled in EMM. See Add and Manage Android Devices and Users: Enroll Your Personal Android Device.
Adding Android Apps
You can add and configure public, private, and web apps from your curated Google Play catalog to JumpCloud’s Software Management list. The apps you can choose were added to the catalog using the procedure above.
To add an Android app:
- Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com/login.
- Go to DEVICE MANAGEMENT > Software Management, then select the Google tab.
- Click Add New to go to your Google Play Store app catalog.
If you haven’t yet enrolled your enterprise in Google EMM, click Let’s Do It on this page to enroll.
- From the managed Google Play Store, locate and select the app you want to add, then click Select. You can also search for an app title and view details about the app before you select it.
- After the app is added, verify that it appears in the Software Management list in the Google tab. If the app that you just added does not appear, click Refresh. On the device, work profile apps that are assigned to the end user are marked with a briefcase icon so they’re easy to distinguish from personal apps.
To narrow the list to one or two specific app types, click Filter and select Public, Private, or Web and click Apply.
- To determine how a public or private app is installed or updated, select the app and complete the fields if they appear:
- Under Application Install Mode, choose how the app will be installed:
- Available – The app is available to install.
- Force Install – The app is automatically installed and can’t be removed by the user.
- Block – The app is blocked and the user can’t install it. If the app was installed under a previous policy, it will be uninstalled.
- Under Application Update Mode, determine when automatic app updates can be applied:
- Default – The app is automatically updated to minimize the impact on the user. These conditions must exist:
- The device is not actively used.
- The device is connected to a WiFi network.
- The device is charging.
- The app you’re updating is not running in the foreground.
The device is notified about a new update within 24 hours after it is published by the developer, and the app is updated the next time the conditions listed above are met.
- High Priority – The app is updated as soon as possible. The device is notified immediately about a new update when it becomes available. If the device is offline at that time, the app is immediately updated the next time the device is connected to the internet.
- Postpone – The app is not automatically updated for a maximum of 90 days after the app becomes out of date. After the 90-day period, the latest available version of the app is automatically installed with low priority. After the app is updated, it is not automatically updated again until 90 days after it becomes out of date. The user can still manually update the app from the Play Store at any time.
- Default – The app is automatically updated to minimize the impact on the user. These conditions must exist:
- Under Runtime Permissions, choose a response for specific permissions for any work app:
- Allow – Automatically grant permission to a work app.
- Prompt – Let users choose whether to grant permission to a work app. This is the default.
- Deny – Automatically deny permission to a work app.
For devices running Android 12 and later, to improve user privacy you’ll no longer be able to grant device-wide permissions without explicit consent from the user. The Allow option is disabled for these Android apps:- Location
- Camera
- Microphone
- Body sensor
- Physical activity
- Some apps, such as Gmail, let you select additional individual permissions. Click Expand to customize individual permissions:
- Under Application Install Mode, choose how the app will be installed:
- Click Save.
The selection of the Application Install Mode applies to the assigned devices at that moment. However, it could take up to 24 hours for an app’s status to be accurately reflected. The app status during this time will appear as INSTALL PENDING.
- To further control some public or private apps and improve the user’s experience, select the app and click Configuration. The app is preconfigured, but you can add a name for this managed configuration and change any of the settings, then click Save. For example, the Enterprise Grid Domain URL for Slack lets you send users on approved devices directly to an app. Web apps do not require additional configuration.
Note: You can set wildcards (such as $username$ or %emailAddress%) so that a single configuration for an app, such as Gmail, can be applied to multiple users. - Click Save.
- Assign the app to a device or device group:
- Select the Device Groups tab, select the checkbox next to each device group that will deploy the app.
- Select the Devices tab, select the checkbox next to each device that will deploy the app.
- Click Save.
- Verify the app installation. Seen the section below.
Managing Android Apps
You can remove an Android app from JumpCloud’s Software Management list.
To remove an Android app:
- Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com/login.
- Go to DEVICE MANAGEMENT > Software Management, then select the Google tab.
- Select the checkbox next to the app, then click Delete. You can select more than one app.
Tip: Deleting a software app in JumpCloud does not uninstall the app. Rather, it removes the app from the software inventory list. You can add it again later if needed.
- Click Delete.