Help Needed: Issue with Deploying Managed Google Play private App
I'm trying to deploy a Managed Google Play app on Samsung Galaxy tablets using Intune. The devices are enrolled as Corporate-owned with a work profile. The app is uploaded to the Play Console, approved by Google, and synced with Intune, but it's not deploying. Intune reports the devices as not applicable, and the app isn't visible in the work-badged Play Store. I've tried different assignment settings, switching between "required" and "available," and tested both user-based and device-based groups separately. I also experimented with BYOD enrollment types, but none of these approaches worked.
Common identifier between AMAPI & Require for setup app for validation
We are enrolling devices using AMAPI by generating a QR code with an assigned policy either for work profile or fully managed enrollment. During enrollment, the device prompts for a require for setup app, which, after configuration, returns RESULT_OK, marking the setup as complete and finalizing the device enrollment. Before returning RESULT_OK, To identify the enrolling device, the backend gets the device ID and enterprise ID from the Pub/Sub provisioning notification. The device ID (which matches the GSF ID) is then sent by the require for setup app to the backend for validation. This identifier is also used to enforce enrollment limits based on the enterprise license count. The Issue: Up to Android 14, retrieving the GSF ID was possible. However, in Android 15, it now returns null. Question: Is there an alternative identifier that can be used to identify the enrolling device—one that the backend can retrieve and that the setup app can also access during enrollment? Below is the information we receive from Pub/Sub when a device is enrolled: { "name": [*Hidden for privacy reasons] "managementMode": "PROFILE_OWNER", "state": "PROVISIONING", "enrollmentTime": "2025-04-04T06:17:02.751Z", "lastPolicySyncTime": "2025-04-04T06:17:02.817Z", "softwareInfo": { "androidVersion": "15", "androidDevicePolicyVersionCode": 10323580, "androidDevicePolicyVersionName": "128.32.3 (10323580)", "androidBuildNumber": "AP3A.240905.015.A2", "deviceKernelVersion": "5.15.149-android13-8-00010-gc2e0ba41ba85-ab12040008", "bootloaderVersion": "unknown", "androidBuildTime": "2025-03-11T13:26:50Z", "securityPatchLevel": "2025-03-01", "primaryLanguageCode": "en-IN", "deviceBuildSignature": "c9009d01ebf9f5d0302bc71b2fe9aa9a47a432bba17308a3111b75d7b2143456", "systemUpdateInfo": { "updateStatus": "UP_TO_DATE" } }, "hardwareInfo": { "brand": "Redmi", "hardware": "mt6835", "deviceBasebandVersion": "MOLY.NR17.R1.TC8.PR2.SP.V1.P51,MOLY.NR17.R1.TC8.PR2.SP.V1.P51", "manufacturer": "Xiaomi", "serialNumber": [*Hidden for privacy reasons] "model": "23124RN87I", "enterpriseSpecificId": [*Hidden for privacy reasons] }, "policyName": [*Hidden for privacy reasons] "memoryInfo": { "totalRam": "5865836544", "totalInternalStorage": "806965248" }, "userName": [*Hidden for privacy reasons] "enrollmentTokenName": [*Hidden for privacy reasons] "securityPosture": { }, "ownership": "PERSONALLY_OWNED" } *Updated by Community admin - removed due to privacy reasons 4 April
Can't add a new private app to a Collection in Managed Google Play Store (Intune)
Hello, i've recently published a new private app to our Managed play Store through the iFrame in Intune. I can assign the app now, install it and search for it on the Work Profile Play Store on my phone but i can't find the app when i want to add it to a collection. We have a few similar private apps already published and these work fine. It is only the most recent one i can't find in the collections. Is there another Sync i am missing or is it a problem with our Managed Play Store? Thanks for the help. BR Seb
ATOK installation Failed in Corporate-owned devices with work profile
Hi, I have enrolled 2 samsung devices to intune using the Corporate-owned devices with work profile and assigned many applications to the devices. However, 1 specific application has failed to install stating the "country or region doesn't support this application." This is strange because in the same tenant I have other samsung devices enrolled as BYOD which is assigned this same application can install. I tried to reach out to intune support and they cannot do anything about this and asked me to raise ticket to google and I don't really know where I can raise the ticket to google regarding. Please help as I have to figure this out and deploy the application. PS: This application is available in the play store for the region and country. So the error message doesn't make sense. Thank youCan we set beta channel of public app in policy?
We have an application published on the play store that is used as require for setup app, I have different channels in play console, production and beta/closed. In AMAPI policy, we can set "accessibleTrackIds": [ string ] so that a particular channel is used to download the application. Here is the issue, when we go to the advanced settings in the play console for the app and turn on Managed Google Play, it shows that the app will become private and this can not be undone. Is this the way or we can use the public application's testing channel by specifying its track id in the policy and it will download for eg. if beta is added then it will download the beta channel app and if there is no track id mentioned then it will default to the production application? Another thing is that, how to get the track id in case we can do this?
Managed Google Play private app not available on Corporate-owned devices with work profile
Hi community, I'm encountering a strange issue and could use some guidance. A Google developer account released an app to Managed Google Play (so it's automatically private and not available on the public store) and entered our organization ID in the appropriate field. We can find the app on the iframe in our MDM (Microsoft Intune in this case), select it, and assign it to groups. Everything looks good: BYOD deployments (Personally-owned devices with work profiles) can install the app from the Managed Google Play store. However, COPE devices (Corporate-owned devices with work profiles) cannot search for it, and it's also not visible in the app collections we've created. Could there be a setting in the Google developer account's store listing that prevents availability for COPE devices? I've exhausted all options in Intune, including multiple store syncs, with no success. Intune is telling me, that the App is available to install on the specific COPE devices, but it does simply no appear. The only thing left to check is the Google developer account that released the app for us. Has anyone else experienced this issue? Any hints or suggestions would be greatly appreciated. Thanks! Walter[Community tips] What guidance do you provide with new devices?
Hello everyone, I recently helped a family member set up their new phone (after their old one had a long and fruitful life 😃). It struck me how important it is to help, when needed, to guide someone through using a new device and highlight key features that they may be used to using (and any new ones). This made me think, this is a key area for work devices too and so I thought it might be interesting to hear how we do this across the community. For example, do you provide documentation with step-by-step instructions, guidance on device usage and key information, or assistance when switching device types or operating systems? It would be great to hear any tips you have for supporting colleagues with new devices, plus anything that would make your life easier when creating useful resources. Thanks so much, Lizzie
[Community survey] Android App Management features and security
Hello everyone, We've had a couple of surveys this month, so I hope you don't mind another. Here in the Customer Community, one of our most popular topic areas is on app management, so I'm hoping this survey is an interesting one for you all. 🤞 It would be great to hear your thoughts and ideas on ways you would like application management features and security to develop further. If you have a spare moment, please take the short survey below and if you have any additional questions, please to reply to this topic below (by clicking 'Reply'). All of the feedback will be passed over to our Product team. Feel free to share this with any colleagues or others working in this area, as it would be great to get a good amount of feedback around this. Thank you in advance for taking the time to do this. 😀 Lizzie Loading… Interested in other surveys? It would be great to hear your feedback on AE secure logs.[Product Update] Android App Bundle support in Managed Google Play
Hey everyone, For those of you using private apps, I’m pleased to let you know that the Managed Google Play iframe now supports Android App Bundle uploads - enabling larger app sizes and the full benefits of app bundles. With this update, you can now create new private apps using app bundles (with Google generated signing key) and can migrate existing apps to the app bundle by enrolling in Play App signing. For full details on how this works please visit this Help Center article with information on migration of an existing APK to an app bundle. You can also find more information about using app bundles in this FAQ. We know many of you have requested this feature before and so we hope you find it useful. It would be great to hear your feedback. Thanks so much, Lizzie
