Recent discussions
Device financing at scale (10,000+ devices): compliant “restricted mode” on delinquency using Android Enterprise (Device Owner)
Hi everyone, I’m building an Android Enterprise device management solution and I want to keep everything fully compliant (Android Enterprise + Google Play policies). Use case: a company provides company-owned devices to customers under a leasing / device financing contract. We need to manage this at scale (10,000+ devices) across multiple customers/tenants. If a customer becomes delinquent, the company needs a temporary restricted mode (e.g., kiosk/limited access) until the account is back in good standing — with clear user notice, grace period, and contractual consent. What we want to control at scale: enrollment, policy assignment, app allow/deny lists, kiosk/lock task mode, updates, compliance reporting, and remote actions aligned with Android Enterprise best practices. Questions: Is this type of “restricted mode for delinquency” considered acceptable in the Android Enterprise ecosystem when devices are Company-Owned (Device Owner) and the policy is transparent/contractual? For 10,000+ devices, what is the recommended architecture: Android Management API (AMAPI) policies only, or a custom DPC (and why)? For distribution, is the safest path a managed Google Play private app per enterprise/tenant, or another approved approach for large-scale deployments? Any best practices to avoid being flagged by Play Protect / Play policy reviews for legitimate enterprise enforcement features (kiosk, app restrictions, device restrictions), especially at this scale? I’m not looking to bypass security or do anything hidden; the goal is a compliant enterprise solution. Thanks for any guidance or official documentation links.Solvedgustavomartinez4 days agoLevel 1.5: Cupcake30Views0likes5Comments
Android Enterprise Expert Certification
Hey, Not sure if this is at all correct place to address this, but once again when I started to do the renewal for Android Enterprise Expert certification, I though that I would want to ensure the Android Academy is still the correct place to do these, as the material is seriously outdated, even it still factually largely applies, it still seems frankly dumb to read upon features that came out with Android 5.1 - 8.1, and obtain a certification by that way. Also the session that can be enrolled via the portal, are still titled that what is new on Android in 2025, though the session is for this year. If someone has some knowledge of the above would appreciate any info as had to dig abit via various contacts to get info of this community site.Solvednesseijah4 days agoLevel 1.5: Cupcake47Views0likes3CommentsPlaystore private app search
Hello AE community, Happy new year, Our users encounter a problem when looking for private apps on the playstore, Apps doesn't appear until you type their full name, For exemple: we have an application called "Conformite" When typing "Confo", the app doesn't show up When typing "Conformite", it works When looking for a public app like teams Typing "Tea" Teams shows up Typing "Teams" Teams shows up We created a playstore category to make this search easier, Is there something to do on the playstore console ? I can add screnshots if needed Regards, BatlacSolvedBatlac7 days agoLevel 1.6: Donut110Views2likes9Comments
Clarification on DPC Policy
After numerous support tickets saying Google Play Protect has blocked our DPC app from being installed with the QR code I found this site and from what I understand there was a change at the start of this month that was only advertised to Google Enterprise Partners regarding who can use QR code enrollment and other Android APIs in their app. Applied for EMM/DPC account twice and each time less than 12 hours later denied with "On reviewing the information that you have submitted in your application, your organization does not meet the requirements to enter the community." I have explained that we have contracts with companies (which we are now in breach of) and are in talks with the Military for a custom DPC solution. RRiVEN LLC has been a company since 2011 and our DUNS profile reflects that. I have read https://developers.google.com/android/management/permissible-usage https://developers.google.com/android/play-protect/warning-dev-guidance#android_enterprise_dpc_enrollment and https://support.google.com/work/android/answer/16694822 We are not a financing solution, we are not for monitoring or eavesdropping, and we don't install apps/services on devices. Unsure why our application keeps getting denied. Like most major changes the Android Enterprise team has handled this poorly and as you can see from all the posts this is impacting a large number of people. If there is an aspect we need to change about our app we are open to making that change but we don't know why we are getting denied. We need any help we can get before we are sued for breach of contract. Who can help us?Solvedrriven21 days agoLevel 1.6: Donut128Views0likes2Comments
URGENT: Registration Blocked - "Oops Something went wrong" at DUNS Step (Ghost Application)
Hi Android Enterprise Community Team, We are currently blocked from the partner onboarding process due to a system error that seems to have locked our DUNS number in a "ghost" application state. Here is the chronological sequence of the issue: First Attempt: I initially applied using a generic Gmail address and was correctly declined. Second Attempt (Corporate): I followed the instructions and re-applied using my corporate email. The Error: This second application was marked as "Declined - Further information was requested but not received". However, I never received any email requesting further information (I have checked all Spam/Junk folders multiple times). The process seemingly timed out on the server side without notifying me. Current Blocker: Now, when I try to "Resume Onboarding" or start a fresh application via androidenterprise.dev with my corporate email, the system allows me to log in but throws a generic "Oops Something went wrong" error immediately after I click "Next" on the DUNS Number verification step. It appears my DUNS number is locked inside the previous "declined/closed" application, and the system throws an exception when I try to reuse it. I urgently need the onboarding team to RESET my application status or release my DUNS number so I can submit a fresh, correct form. ( By the way, there is no information why our application was declined. What must we do, we dont know at this point ) Thank you for your assistance. (This post was edited to remove personal information, in compliance with our guidelines)Solvedhmtcr27 days agoLevel 1.6: Donut98Views0likes5Comments
Play Protect is blocking our DPC app — appeal already submitted, looking for guidance
Hello everyone, We are currently facing an issue where Google Play Protect is blocking our Android application during device provisioning. Context: - It is not distributed via Google Play (but is already published); it is hosted externally and installed during provisioning via QR code. - The app is properly signed, and provisioning works at the system level, but Play Protect blocks the app with the message “App blocked to protect your device.” - This started happening recently on new devices / factory reset devices. We have already submitted the official Play Protect appeal form as recommended in the documentation: The form was completed with all required information (APK, package name, signing certificate, use case, etc.). At this point, we are looking for guidance from the community: - How long does it usually take for the Play Protect appeal form to receive a response or decision? - Is there any additional step or channel recommended for Android Enterprise DPC apps in this situation? Any insights or shared experiences would be greatly appreciated. Thank you in advance for your time and support. Best regardsSolvedrPoyo29 days agoLevel 1.5: Cupcake607Views1like16Comments
DUNS number not working to verify develops account
we are asked to verify our google developer accounts on the console. however, when trying to do so, our DUNS number was not working. we know it's the correct number as it's used in a different portal.SolvedHARSAFE2 months agoLevel 1.5: Cupcake79Views0likes5Comments
Device Owner Enrollment Error: “Organization Has Reached Its Usage Limits” Even With Zero Devices
Hi everyone, I’m trying to enroll a fully managed Android device using the Android Management API. I generate an enrollment token, create the QR code, factory reset the device, and start the QR-based provisioning process. Everything works until the Android Device Policy step, where I get the following error: “Since your organization has reached its usage limits, this device can’t be set up.” I am unable to get past this point. Here is what I have already checked: Listing devices through the API returns an empty list. There are no enrolled devices at all. Billing is active on the cloud project and the Android Management API is enabled. Enterprise creation works, policies return correctly, and I can generate enrollment tokens without any issues. The device is correctly factory reset and the QR scan is working as expected. I tested with both a Workspace-based enterprise and a Gmail-based enterprise. The same limit error appears on both, even though both enterprises have zero devices. I moved the cloud project under my organization in Google Cloud to avoid any project-level quota problems. Based on everything I have checked, it appears that the enterprise (or account) has been automatically restricted to a device quota of zero, and the restriction has not lifted even after several days. I would like to understand the following: Is this quota lock normal for new enterprises, and how long does it usually take to lift? Is this quota tied to AMAPI commercial approval? Is it expected that zero devices can be enrolled before approval? Is there any way to request a quota review so that at least one test device can be enrolled? I am building a commercial EMM solution and simply need to test device-owner provisioning on a physical device, but I am currently blocked by this limit. Any guidance from the community or anyone who has dealt with the same situation would be greatly appreciated. Thank you.Solvedrpnexa2 months agoLevel 1.5: Cupcake243Views0likes7Comments
Google Play Protect's new policy for custom DPC
Apparently, Google has a new policy that only approved DPCs can be installed through QR Provisioning; otherwise, their installation will be blocked. Link: https://developers.google.com/android/play-protect/warning-dev-guidance#android_enterprise_dpc_enrollment The problem is that I am not able to understand how to apply for DPC approval. I found this page, but still not able to find out where to apply. Your help is appreciated. ThanksSolvedBharat2 months agoLevel 1.6: Donut138Views0likes2CommentsIs there any way to disable Google Play Protect (GPP) during QR code enrollment to avoid blocking an MDM app?
I am the developer of Headwind MDM, the open source MDM for Android. In December 2025, many of our users reported the same issue. While installing an MDM app by the QR code method, it is blocked by Play Protect: "This app can request access to sensitive data". A detailed description of the issue is here. As per Play Protect guidelines, this may happen if an app uses sensitive permissions—RECEIVE_SMS, READ_SMS, NOTIFICATION_LISTENER, and ACCESSIBILITY. We removed these permissions in May 2025, and at that time the issue was resolved. Unfortunately the issue re-appeared again in December, and we were unable to determine why Headwind MDM agent is blocked at the enrollment stage. Even removing all permissions from the manifest didn't resolve the issue! Looks like there is an AI which automatically blocks software in an opaque way (by signature or code similarity). Interesting - sideloading and installing the same MDM agent APK on a non-managed device doesn't trigger Google Play block! I'm not talking about the ethics as it was already discussed in another related topic. All I know is that this behavior of Play Protect is a critical threat to our MDM project. Technically, is there a way to bypass Play Protect, for example by adding a parameter in the enrollment QR code? P.S. I already submitted the appeal form. If you have a similar issue, please fill and submit this form, this may speed up the issue resolution.SolvedHeadwindMDM2 months agoLevel 1.6: Donut765Views2likes15Comments
Explore other customer resources
Help Center
Explore step-by-step how-to guides.
Solutions Directory
Find solutions and partners.
Website
Discover more about Android's features.