diff --git a/packages/@okta/vuepress-site/docs/reference/api/devices/index.md b/packages/@okta/vuepress-site/docs/reference/api/devices/index.md index d278c03678b..1375fd1fe63 100644 --- a/packages/@okta/vuepress-site/docs/reference/api/devices/index.md +++ b/packages/@okta/vuepress-site/docs/reference/api/devices/index.md @@ -217,7 +217,7 @@ None | Parameter | Type | Description | | -------------- | ------ | ------------------------------------------------------------------------------------------------------------------------- | | `search` | String | Searches for devices with a supported [filtering](/docs/reference/core-okta-api/#filter) expression for most properties | -| `limit` | Number | Specifies the number of results returned (maximum `200`) | +| `limit` | Number | Specifies the number of results returned (recommended `20`) | | `after` | String | Specifies the pagination cursor for the next page of devices | | `expand=user` | String | Lists associated users for the device in `_embedded` element | @@ -526,6 +526,7 @@ curl -v -X GET \ "users":[ { "managementStatus": "MANAGED", + "screenLockType": "BIOMETRIC", "created":"2021-10-01T16:52:41.000Z", "user":{ "id":"${userId}", @@ -622,6 +623,16 @@ Lists all [Users](/docs/reference/api/users/#user-object) for a Device by `devic Array of [Users](/docs/reference/api/users/#user-object) +##### Device - User attributes + +The following device attributes will be added to each user object in array of users. + +| Property | Type | Description | +| :----------------------- | :--------- | :-----------------------------------------------------------------------------------------------------------------| +| `managementStatus` | ENUM | Management status of the device for the user. Possible values are `NOT_MANAGED` and `MANAGED` | +| `screenLockType` | ENUM | Screen lock type of the device for the user. Possible values are `NONE`, `PASSCODE` and `BIOMETRICS` | + + #### Request example ```bash @@ -639,6 +650,7 @@ curl -v -X GET \ { "created":"2021-08-20T17:13:35.000Z", "managementStatus":"NOT_MANAGED", + "screenLockType":"BIOMETRIC", "user":{ "id":"00u17vh0q8ov8IU881d7", "status":"ACTIVE", @@ -1151,23 +1163,37 @@ The following diagram shows the state object for a Device: #### Device profile properties -| Property | Type | Description | -| :----------------- | :--------- | :---------------------------------------------------------------------------------------------| -| `displayName` | String | The display name of the device (from 1 through 255 characters) | -| `platform` | String | OS platform of the device. Possible values: `MACOS`, `WINDOWS`, `ANDROID`, `IOS`. | -| `registered` | Boolean | Indicates if the device is registered at Okta | -| `imei` | String | (Optional) International Mobile Equipment Identity of the device (from 15 through 17 numeric characters) | -| `manufacturer` | String | (Optional) Name of the manufacturer of the device (from 0 through 127 characters) | -| `meid` | String | (Optional) Mobile equipment identifier of the device (14 characters) | -| `model` | String | (Optional) Model of the device (127 characters) | -| `osVersion` | String | (Optional) Version of the device OS (127 characters) | -| `serialNumber` | String | (Optional) Serial number of the device (127 characters) | -| `sid` | String | (Optional) Windows Security identifier of the device (256 characters) | -| `udid` | String | (Optional) macOS Unique Device identifier (47 characters) | -| `tpmPublicKeyHash` | String | (Optional) Windows Trusted Platform Module hash value | -| `secureHardwarePresent` | Boolean | (Optional) Indicates if the device contains a secure hardware functionality | - -#### Device profile example +| Property | Type | Description | Applicable Platforms | +| :----------------------- | :--------- | :-----------------------------------------------------------------------------------------------------------------| :---------------------------| +| `displayName` | String | The display name of the device (max 255 chars) | All | +| `platform` | Enum | OS platform of the device. Possible values: `MACOS`, `WINDOWS`, `ANDROID`, `IOS`. | All | +| `registered` | Boolean | Indicates if the device is registered at Okta | All | +| `diskEncryptionType` | Enum | (Optional) The type of disk encryption on the device. See [Possible values for `diskEncryptionType`](#possible-values-for-diskencryptiontype) | All | +| `imei` | String | (Optional) International Mobile Equipment Identity of the device (15-17 numeric chars) | All | +| `integrityJailbreak` | Boolean | (Optional) Indicates if the device is jailbroken or rooted | `IOS` and `ANDROID` | +| `manufacturer` | String | (Optional) Name of the manufacturer of the device (0-127 chars) | All | +| `meid` | String | (Optional) Mobile equipment identifier of the device (14 characters) | All | +| `model` | String | (Optional) Model of the device (127 characters) | All | +| `osVersion` | String | (Optional) Version of the device OS (127 characters) | All | +| `serialNumber` | String | (Optional) Serial number of the device (127 characters) | All | +| `sid` | String | (Optional) Windows Security identifier of the device (256 characters) | All | +| `udid` | String | (Optional) macOS Unique Device identifier (47 characters) | All | +| `tpmPublicKeyHash` | String | (Optional) Windows Trusted Platform Module hash value | All | +| `secureHardwarePresent` | Boolean | (Optional) Indicates if the device contains a secure hardware functionality | All | + +##### Possible values for `diskEncryptionType` + +| Value | Description | Applicable Platforms | +| :-------------------------- | :--------------------------------------------------------| :---------------------------| +| `NONE` | No encryption has been set | All | +| `FULL` | Disk is fully encrypted | `IOS` and `ANDROID` | +| `USER` | Encryption key is tied to the user or profile | `ANDROID` | +| `ALL_INTERNAL_VOLUMES` | All internal disks are encrypted | `WINDOWS` and `MACOS` | +| `SYSTEM_VOLUME` | Only the system volume is encrypted | `WINDOWS` and `MACOS` | + +**Note:** The following values map to Disk Encryption ON (otherwise OFF): `FULL`, `USER`, `ALL_INTERNAL_VOLUMES` + +#### Device profile examples ```json { @@ -1182,9 +1208,32 @@ The following diagram shows the state object for a Device: "meid": null, "udid": "36A56558-1793-5B3A-8362-ECBAA14EDD2D", "sid": null, - "tpmPublicKeyHash":null, - "registered":true, - "secureHardwarePresent":false + "tpmPublicKeyHash": null, + "registered": true, + "secureHardwarePresent": false, + "diskEncryptionType": "ALL_INTERNAL_VOLUMES" + } +} +``` + +```json +{ + "profile": { + "displayName": "Bob - New Device", + "platform": "IOS", + "manufacturer": "Apple Inc.", + "model": "iPhone 13 Pro Max", + "osVersion": "15.1.1", + "serialNumber": "C02VW333HTDF", + "imei": null, + "meid": null, + "udid": "36A56558-1793-5B3A-8362-ECBAA14EDD2D", + "sid": null, + "tpmPublicKeyHash": null, + "registered": true, + "secureHardwarePresent": false, + "diskEncryptionType": "FULL", + "integrityJailbreak": false } } ```