Reference documentation and code samples for the Access Context Manager V1 Client class DevicePolicy.
DevicePolicyspecifies device specific restrictions necessary to acquire a
given access level. ADevicePolicyspecifies requirements for requests from
devices to be granted access levels, it does not do any enforcement on the
device.DevicePolicyacts as an AND over all specified fields, and each
repeated field is an OR over its elements. Any unset fields are ignored. For
example, if the proto is { os_type : DESKTOP_WINDOWS, os_type :
DESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be
true for requests originating from encrypted Linux desktops and encrypted
Windows desktops.
Generated from protobuf messagegoogle.identity.accesscontextmanager.v1.DevicePolicy
Namespace
Google \ Identity \ AccessContextManager \ V1
Methods
__construct
Constructor.
Parameters
Name
Description
data
array
Optional. Data for populating the Message object.
↳ require_screenlock
bool
Whether or not screenlock is required for the DevicePolicy to be true. Defaults tofalse.
↳ allowed_encryption_statuses
array
Allowed encryptions statuses, an empty list allows all statuses.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Access Context Manager V1 Client - Class DevicePolicy (1.0.4)\n\nVersion latestkeyboard_arrow_down\n\n- [1.0.4 (latest)](/php/docs/reference/access-context-manager/latest/V1.DevicePolicy)\n- [1.0.3](/php/docs/reference/access-context-manager/1.0.3/V1.DevicePolicy)\n- [0.5.5](/php/docs/reference/access-context-manager/0.5.5/V1.DevicePolicy)\n- [0.4.5](/php/docs/reference/access-context-manager/0.4.5/V1.DevicePolicy)\n- [0.3.5](/php/docs/reference/access-context-manager/0.3.5/V1.DevicePolicy) \nReference documentation and code samples for the Access Context Manager V1 Client class DevicePolicy.\n\n`DevicePolicy` specifies device specific restrictions necessary to acquire a\ngiven access level. A `DevicePolicy` specifies requirements for requests from\ndevices to be granted access levels, it does not do any enforcement on the\ndevice. `DevicePolicy` acts as an AND over all specified fields, and each\nrepeated field is an OR over its elements. Any unset fields are ignored. For\nexample, if the proto is { os_type : DESKTOP_WINDOWS, os_type :\nDESKTOP_LINUX, encryption_status: ENCRYPTED}, then the DevicePolicy will be\ntrue for requests originating from encrypted Linux desktops and encrypted\nWindows desktops.\n\nGenerated from protobuf message `google.identity.accesscontextmanager.v1.DevicePolicy`\n\nNamespace\n---------\n\nGoogle \\\\ Identity \\\\ AccessContextManager \\\\ V1\n\nMethods\n-------\n\n### __construct\n\nConstructor.\n\n### getRequireScreenlock\n\nWhether or not screenlock is required for the DevicePolicy to be true.\n\nDefaults to `false`.\n\n### setRequireScreenlock\n\nWhether or not screenlock is required for the DevicePolicy to be true.\n\nDefaults to `false`.\n\n### getAllowedEncryptionStatuses\n\nAllowed encryptions statuses, an empty list allows all statuses.\n\n### setAllowedEncryptionStatuses\n\nAllowed encryptions statuses, an empty list allows all statuses.\n\n### getOsConstraints\n\nAllowed OS versions, an empty list allows all types and all versions.\n\n### setOsConstraints\n\nAllowed OS versions, an empty list allows all types and all versions.\n\n### getAllowedDeviceManagementLevels\n\nAllowed device management levels, an empty list allows all management\nlevels.\n\n### setAllowedDeviceManagementLevels\n\nAllowed device management levels, an empty list allows all management\nlevels.\n\n### getRequireAdminApproval\n\nWhether the device needs to be approved by the customer admin.\n\n### setRequireAdminApproval\n\nWhether the device needs to be approved by the customer admin.\n\n### getRequireCorpOwned\n\nWhether the device needs to be corp owned.\n\n### setRequireCorpOwned\n\nWhether the device needs to be corp owned."]]
