Device Assurance Policies

The Device Assurance Policies API provides operations to manage device assurance policies in your organization.

List all Device Assurance Policies
Identity Engine
OAuth 2.0: okta.deviceAssurance.read

Lists all device assurance policies

Responses
200

OK

403

Forbidden

429

Too Many Requests

get/api/v1/device-assurances
Request samples
Response samples
application/json
[
  • {
    • "createdBy": "string",
    • "createdDate": "string",
    • "diskEncryptionType": {
      },
    • "id": "string",
    • "jailbreak": true,
    • "lastUpdatedBy": "string",
    • "lastUpdatedDate": "string",
    • "name": "string",
    • "osVersion": {
      },
    • "platform": "ANDROID",
    • "screenLockType": {
      },
    • "secureHardwarePresent": true,
    • "_links": {
      }
    }
]

Create a Device Assurance Policy
Identity Engine
OAuth 2.0: okta.deviceAssurance.manage

Creates a new Device Assurance Policy

Request
Request Body schema: application/json
object
include
Array of strings (DiskEncryptionType)
Items Enum: "ALL_INTERNAL_VOLUMES" "FULL" "USER"
jailbreak
boolean
name
string

Display name of the Device Assurance Policy

object (VersionObject)
minimum
string
platform
string (Platform)
Enum: "ANDROID" "IOS" "MACOS" "WINDOWS"
object
include
Array of strings (ScreenLockType)
Items Enum: "BIOMETRIC" "PASSCODE"
secureHardwarePresent
boolean
Responses
200

OK

400

Bad Request

403

Forbidden

429

Too Many Requests

post/api/v1/device-assurances
Request samples
application/json
{
  • "name": "Device Assurance Android",
  • "osVersion": {
    • "minimum": "12.4.5"
    },
  • "diskEncryptionType": {
    • "include": [
      ]
    },
  • "jailbreak": false,
  • "platform": "ANDROID",
  • "screenLockType": {
    • "include": [
      ]
    },
  • "secureHardwarePresent": true
}
Response samples
application/json
{
  • "id": "dae3m8o4rWhwReDeM1c5",
  • "name": "Device Assurance Example",
  • "lastUpdate": "2022-01-01T00:00:00.000Z",
  • "createdUpdate": "2022-01-01T00:00:00.000Z",
  • "lastUpdatedBy": "00u217pyf72CdUrBt1c5",
  • "createdBy": "00u217pyf72CdUrBt1c5",
  • "osVersion": {
    • "minimum": "12.4.5.9"
    },
  • "diskEncryptionType": {
    • "include": [
      ]
    },
  • "platform": "WINDOWS",
  • "screenLockType": {
    • "include": [
      ]
    },
  • "secureHardwarePresent": true,
  • "_links": {}
}

Retrieve a Device Assurance Policy
Identity Engine
OAuth 2.0: okta.deviceAssurance.read

Retrieves a Device Assurance Policy by deviceAssuranceId

Request
path Parameters
deviceAssuranceId
required
string

Id of the Device Assurance Policy

Responses
200

OK

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/device-assurances/{deviceAssuranceId}
Request samples
Response samples
application/json
{
  • "id": "dae3m8o4rWhwReDeM1c5",
  • "name": "Device Assurance Example",
  • "lastUpdate": "2022-01-01T00:00:00.000Z",
  • "createdUpdate": "2022-01-01T00:00:00.000Z",
  • "lastUpdatedBy": "00u217pyf72CdUrBt1c5",
  • "createdBy": "00u217pyf72CdUrBt1c5",
  • "osVersion": {
    • "minimum": "12.4.5.9"
    },
  • "diskEncryptionType": {
    • "include": [
      ]
    },
  • "platform": "WINDOWS",
  • "screenLockType": {
    • "include": [
      ]
    },
  • "secureHardwarePresent": true,
  • "_links": {}
}

Replace a Device Assurance Policy
Identity Engine
OAuth 2.0: okta.deviceAssurance.manage

Replaces a Device Assurance Policy by deviceAssuranceId

Request
path Parameters
deviceAssuranceId
required
string

Id of the Device Assurance Policy

Request Body schema: application/json
object
include
Array of strings (DiskEncryptionType)
Items Enum: "ALL_INTERNAL_VOLUMES" "FULL" "USER"
jailbreak
boolean
name
string

Display name of the Device Assurance Policy

object (VersionObject)
minimum
string
platform
string (Platform)
Enum: "ANDROID" "IOS" "MACOS" "WINDOWS"
object
include
Array of strings (ScreenLockType)
Items Enum: "BIOMETRIC" "PASSCODE"
secureHardwarePresent
boolean
Responses
200

OK

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

put/api/v1/device-assurances/{deviceAssuranceId}
Request samples
application/json
{
  • "id": "dae3m8o4rWhwReDeM1c5",
  • "name": "Device Assurance Example",
  • "lastUpdate": "2022-01-01T00:00:00.000Z",
  • "createdUpdate": "2022-01-01T00:00:00.000Z",
  • "lastUpdatedBy": "00u217pyf72CdUrBt1c5",
  • "createdBy": "00u217pyf72CdUrBt1c5",
  • "osVersion": {
    • "minimum": "12.4.5.9"
    },
  • "diskEncryptionType": {
    • "include": [
      ]
    },
  • "platform": "WINDOWS",
  • "screenLockType": {
    • "include": [
      ]
    },
  • "secureHardwarePresent": true,
  • "_links": {}
}
Response samples
application/json
{
  • "id": "dae3m8o4rWhwReDeM1c5",
  • "name": "Device Assurance Example",
  • "lastUpdate": "2022-01-01T00:00:00.000Z",
  • "createdUpdate": "2022-01-01T00:00:00.000Z",
  • "lastUpdatedBy": "00u217pyf72CdUrBt1c5",
  • "createdBy": "00u217pyf72CdUrBt1c5",
  • "osVersion": {
    • "minimum": "12.4.5.9"
    },
  • "diskEncryptionType": {
    • "include": [
      ]
    },
  • "platform": "WINDOWS",
  • "screenLockType": {
    • "include": [
      ]
    },
  • "secureHardwarePresent": true,
  • "_links": {}
}

Delete a Device Assurance Policy
Identity Engine
OAuth 2.0: okta.deviceAssurance.manage

Deletes a Device Assurance Policy by deviceAssuranceId. If the Device Assurance Policy is currently being used in the org Authentication Policies, the delete will not be allowed.

Request
path Parameters
deviceAssuranceId
required
string

Id of the Device Assurance Policy

Responses
204

No Content

403

Forbidden

404

Not Found

409

Conflict

429

Too Many Requests

delete/api/v1/device-assurances/{deviceAssuranceId}
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}