The AirWatch Console provides the admin the ability to view a list of all the permissions that an app is using and set the default action at run time of the app.

You can set run-time permission policies for each Android for Work badged app. The latest permissions are retrieved when configuring an app at an individual app-level. Permissions apply to all Android for Work badged apps.


All permissions used by an app are listed when you select the app from the Exceptions list, however permission policies from the AirWatch Console only apply to dangerous permissions as deemed by Google. Dangerous permissions cover areas where the app requests data that includes the user's personal information, or could potentially affect the user's stored data. For more information, please reference the Android Developer website.

To create the Permissions profile:

  1. Navigate to Devices > Profiles & Resources > Profiles > Add > Add Profile > Android.

  2. Select Android for Work.
  3. Configure the General profile settings as appropriate.

    These settings determine how the profile deploys and who receives it. For more information on General settings, see Add General Profile Settings.

  4. Configure the Permissions settings, including:

    Settings Description
    Permission Policy

    Select whether to Prompt user for permission, Grant all permissions, or Deny all permissions for all work apps.

    Exceptions Search for apps that have already been added into AirWatch (should only include Android for Work approved apps), and make an exception to the permission policy for the app.
  1. Select Save & Publish to assign the profile to associated devices.