DevicePolicyManager.SetAlwaysOnVpnPackage Method
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Overloads
| SetAlwaysOnVpnPackage(ComponentName, String, Boolean) |
Called by a device or profile owner to configure an always-on VPN connection through a specific application for the current user. |
| SetAlwaysOnVpnPackage(ComponentName, String, Boolean, ICollection<String>) |
A version of |
SetAlwaysOnVpnPackage(ComponentName, String, Boolean)
Called by a device or profile owner to configure an always-on VPN connection through a specific application for the current user.
[Android.Runtime.Register("setAlwaysOnVpnPackage", "(Landroid/content/ComponentName;Ljava/lang/String;Z)V", "GetSetAlwaysOnVpnPackage_Landroid_content_ComponentName_Ljava_lang_String_ZHandler", ApiSince=24)]
public virtual void SetAlwaysOnVpnPackage (Android.Content.ComponentName admin, string? vpnPackage, bool lockdownEnabled);[<Android.Runtime.Register("setAlwaysOnVpnPackage", "(Landroid/content/ComponentName;Ljava/lang/String;Z)V", "GetSetAlwaysOnVpnPackage_Landroid_content_ComponentName_Ljava_lang_String_ZHandler", ApiSince=24)>]
abstract member SetAlwaysOnVpnPackage : Android.Content.ComponentName * string * bool -> unit
override this.SetAlwaysOnVpnPackage : Android.Content.ComponentName * string * bool -> unitParameters
- admin
- ComponentName
- vpnPackage
- String
The package name for an installed VPN app on the device, or null to
remove an existing always-on VPN configuration.
- lockdownEnabled
- Boolean
true to disallow networking when the VPN is not connected or
false otherwise. This has no effect when clearing.
- Attributes
Remarks
Called by a device or profile owner to configure an always-on VPN connection through a specific application for the current user. This connection is automatically granted and persisted after a reboot.
To support the always-on feature, an app must <ul> <li>declare a android.net.VpnService in its manifest, guarded by android.Manifest.permission#BIND_VPN_SERVICE;</li> <li>target android.os.Build.VERSION_CODES#N API 24 or above; and</li> <li>not explicitly opt out of the feature through android.net.VpnService#SERVICE_META_DATA_SUPPORTS_ALWAYS_ON.</li> </ul> The call will fail if called with the package name of an unsupported VPN app.
Enabling lockdown via lockdownEnabled argument carries the risk that any failure of the VPN provider could break networking for all apps. This method clears any lockdown allowlist set by #setAlwaysOnVpnPackage(ComponentName, String, boolean, Set).
Starting from android.os.Build.VERSION_CODES#S API 31 calling this method with vpnPackage set to null only removes the existing configuration if it was previously created by this admin. To remove VPN configuration created by the user use UserManager#DISALLOW_CONFIG_VPN.
Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.
Applies to
SetAlwaysOnVpnPackage(ComponentName, String, Boolean, ICollection<String>)
A version of #setAlwaysOnVpnPackage(ComponentName, String, boolean) that allows the
admin to specify a set of apps that should be able to access the network directly when VPN
is not connected.
[Android.Runtime.Register("setAlwaysOnVpnPackage", "(Landroid/content/ComponentName;Ljava/lang/String;ZLjava/util/Set;)V", "GetSetAlwaysOnVpnPackage_Landroid_content_ComponentName_Ljava_lang_String_ZLjava_util_Set_Handler", ApiSince=29)]
public virtual void SetAlwaysOnVpnPackage (Android.Content.ComponentName admin, string? vpnPackage, bool lockdownEnabled, System.Collections.Generic.ICollection<string>? lockdownAllowlist);[<Android.Runtime.Register("setAlwaysOnVpnPackage", "(Landroid/content/ComponentName;Ljava/lang/String;ZLjava/util/Set;)V", "GetSetAlwaysOnVpnPackage_Landroid_content_ComponentName_Ljava_lang_String_ZLjava_util_Set_Handler", ApiSince=29)>]
abstract member SetAlwaysOnVpnPackage : Android.Content.ComponentName * string * bool * System.Collections.Generic.ICollection<string> -> unit
override this.SetAlwaysOnVpnPackage : Android.Content.ComponentName * string * bool * System.Collections.Generic.ICollection<string> -> unitParameters
- admin
- ComponentName
- vpnPackage
- String
package name for an installed VPN app on the device, or null
to remove an existing always-on VPN configuration
- lockdownEnabled
- Boolean
true to disallow networking when the VPN is not connected or
false otherwise. This has no effect when clearing.
- lockdownAllowlist
- ICollection<String>
Packages that will be able to access the network directly when VPN is in lockdown mode but not connected. Has no effect when clearing.
- Attributes
Remarks
A version of #setAlwaysOnVpnPackage(ComponentName, String, boolean) that allows the admin to specify a set of apps that should be able to access the network directly when VPN is not connected. When VPN connects these apps switch over to VPN if allowed to use that VPN. System apps can always bypass VPN.
Note that the system doesn't update the allowlist when packages are installed or uninstalled, the admin app must call this method to keep the list up to date.
When lockdownEnabled is false lockdownAllowlist is ignored . When lockdownEnabled is true and lockdownAllowlist is null or empty, only system apps can bypass VPN.
Setting always-on VPN package to null or using #setAlwaysOnVpnPackage(ComponentName, String, boolean) clears lockdown allowlist.
Portions of this page are modifications based on work created and shared by the Android Open Source Project and used according to terms described in the Creative Commons 2.5 Attribution License.