About Android for Work Skip to main content
https://support.okta.com/help/oktaarticledetailpage?childcateg=&id=ka0f0000000mc0kkac&source=documentation&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fdocumentation%2fknowledge_article%2fandroid-for-work
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
About Android for Work
Published: Apr 12, 2016   -   Updated: Jun 22, 2018

This article provides a brief overview of Okta's integration with Android for Work (AfW), and a description of the key features of this integration.

Contents:

Related Documentation:

Overview

Okta and Google partnered to integrate Android for Work into Okta Mobility Management (OMM). The integration combines Android for Work's advanced security features with Okta’s provisioning and enterprise mobility management capabilities. 

Together, OMM and AFW enable customers to:

  • Create separate personal and enterprise work spaces
  • Provision email access to Android for Work compatible devices
  • Keep Active Directory passwords in sync with Microsoft Exchange ActiveSync (EAS) profiles
  • Provision private mobile apps, as well as apps from the Google Play for Work app store

OMM and Android for Work’s unique integration takes advantage of Okta’s advanced provisioning capabilities to automatically create Google accounts for Android for Work users at enrollment (if necessary), simplifying the end user experience.

For more information see Google Android for Work

Key Features

OS-based Separation of Personal and Corporate Apps Through Work Profiles

  • Administrators control work profiles, which are kept separate from personal accounts, apps, and data. By default, work profile notifications and app icons have a red briefcase so they’re easy to distinguish from personal apps. Work profiles allow an IT department to securely manage a work environment without restricting users from using their device for personal apps and data.

Encryption Enforcement

  • AfW requires and prompts for device encryption upon enrollment.

Email configuration

  • For non-Google Apps organizations, AfW remotely configures ActiveSync mail through the Divide Productivity app.
  • For Google Apps organizations, AfW allow for seamless access to Gmail and other native mobile Google apps.

Automatic App Provision/Deprovision

  • Silently install and uninstall apps to the containerized workspace.
  • On a selective wipe of the device, applications within Work Profile are automatically removed.

    Google Play for Work

    • Native apps are deployed through Google Play for Work.

    Private App Store

    • Support for private apps allows organizations that build in-house applications to distribute their apps to Android for Work devices.

      This makes it easy for developers to update and stage in-house apps directly to Google Play for Work. The developer no longer needs to hand the source file to the Okta admin or have access to the Okta console.

      For more details see Private App Store.

    Managed App Config

    • Android for Work provides the ability to set policies on a per-application basis, where supported by the app. For example, an app could allow an IT administrator to remotely control the availability of features, configure settings, or set in-app credentials, to improve the end user experience.
    For more details see Managed Application Configurations​.

    Coming soon: support for setting up AfW in multiple domains


    Known Issues

    • The Divide app may prompt users for a password an additional time even if users entered it during enrollment.
    • Commands (deprovision, remote lock, reset password, etc.) do not work for Samsung Galaxy devices.