You can configure settings for your Boxer deployment using the Configuration Key and Configuration Value pairs provided by AirWatch.

To configure these settings, enter the configuration key and the corresponding value into the Application Configuration setting during the app assignment.

Important:

If Boxer is already installed on end-user device, it might take few minutes for Boxer to download the new profile settings.

Sync Period

Add this key value pair to configure the maximum number of past days of mail and calender to sync in the Boxer app. This setting allows you to hide the No Limit feature available in the Boxer app settings.

Configuration Key Value Type Configuration Value Description
PolicyEmailMaxSyncPeriod Integer

0 - sync all

1 - 1 day

2 - 3 days

3 - 1 week

4 - 2 weeks

5 - 1 month

Enter the number of days of past mail to sync.
PolicyCalendarMaxSyncPeriod Integer

0 - sync all

4 - 2 weeks

5 - 1 month

6 - 3 months

7 - 6 months

Enter the number of days of past calendar events to sync.
Note:

Set the key value pairs to block syncing of all old emails and calendar until new emails or calendar events are synced first. Removing 0 from the key values disables the No Limit option for PolicyEmailMaxSyncPeriod and PolicyCalendarMaxSyncPeriod.

Default S/MIME Signing and Encryption Algorithms

Add the following key value pairs to configure the default encryption algorithms for signing and encrypting S/MIME emails. When a default S/MIME algorithm is configured, Boxer sends the outgoing emails with the default configured algorithm. Boxer also checks the algorithms for the incoming emails. If the incoming emails are not configured with the default algorithm, a warning message is displayed in the conversation view.

Configuration Key Value Type Configuration Value Description
PolicySMIMEDefaultEncryptionAlgorithm String

Allowed Values:

3DES

AES128

AES192

AES256

For example, PolicySMIMEDefaultEncryptionAlgorithm - [“3DES”]

Specify an encryption algorithm to use for incoming and outgoing emails. If a valid algorithm is not provided, the lowest supported algorithm is used (3DES).
PolicySMIMEDefaultSigningAlgorithm String

Allowed values:

SHA1

SHA256

SHA384

SHA512

For example, PolicySMIMEDefaultSigningAlgorithm - [“SHA1”]

Specify a default S/MIME signing algorithm to use for incoming and outgoing emails. If a valid algorithm is not provided, the lowest supported algorithm is used (SHA-1).

(Android Only) S/MIME Algorithms Compliance

Add the following key value pairs to configure the list of algorithms that Boxer checks for compliance when receiving a signed or encrypted S/MIME email. When set, only the configured algorithms are recognized by Boxer. Boxer displays non-compliance warning when accessing emails that are encrypted using any other algorithm, both strong or weak, than that are listed using the key value pairs.

Configuration Key Value Type Configuration Value Description
PolicySMIMEConformingEncryptionAlgorithms String

Supported Values:

3DES

AES128

AES192

AES256

For example, PolicySMIMEConformingEncryptionAlgorithms = ["AES-128", "AES-256"]

Set the algorithms that are recognized by Boxer for encrypting S/MIME emails.
PolicySMIMEConformingSigningAlgorithms String

Supported Values:

SHA1

SHA256

SHA384

SHA512

For example, PolicySMIMEConformingSigningAlgorithms = ["SHA-256", "SHA-512"]

Set the algorithms that are recognized by Boxer for signing S/MIME emails.

ENSv2 Notification Policy

Add the following key value pair to configure the ENS Notification Policy for Boxer. When confgured, Boxer immediately re-subscribes to ENSv2 and notification policy is updated as per the set key value.

Configuration Key Value Type Configuration Value Description
PolicyLimitNotificationText key Integer

0 - sets notification to sender, subject and preview (not supported in ENSv1)

1 - sets notification to sender and subject

2 - sets notification to sender

3 - sets notification to generic message (new message)

4 - sets notification to none (only the badge is updated)

Configure the notification policy used by Boxer.

Boxer Plain Text Mode

Add the following key value pair to confgure Boxer plain text mode.

Configuration Key Value Type Configuration Value Description
AppPlainTextMode Boolean

False - disabled (default)

True - enabled

Set to True to enable Boxer plain text mode. When set, Boxer retrieves only plain text from HTML mails when syncing. Boxer sends only plain text regardless of the email message format. The formatting controls in compose view is disabled and only text can be copied and pasted from rich or HTML content.

Policy Allow Metrics

Add this key to define the policy for allowing collection of anonymous usage data to improve user's Boxer experience. When enabled, a Data Sharing notice is displayed to user when Boxer is launched. The device user can enable or disable data sharing by navigating to Settings > Privacy > Data Sharing.

Configuration Key Value Type Configuration Value Description
PolicyAllowMetrics Boolean

True - enabled

False - disabled

Set to True to enable data collection for Boxer experience improvement. The value of PolicyAllowFeatureAnalytics, when set from Custom SDK settings takes precedence over the value of PolicyAllowMetrics that is set from App Configuration Settings.

Policy Allow Crash Reporting

Add this key to define the policy for reporting Boxer crashes to VMware.

Configuration Key Value Type Configuration Value Description
PolicyAllowCrashReporting Boolean

True - enabled

False - disabled

Set to True to report Boxer crashes to VMware. The value of PolicyAllowCrashReporting, when set from Custom SDK settings takes precedence over the value that is set from App Configuration Settings.

(iOS only) Allow Print

Configuration Key Value Type Configuration Value Description
PolicyAllowPrint Boolean

True - enabled

False - disabled

Set to False to disable printing of emails and attachments from Boxer.

(iOS only) Enforce HTTPS

From Boxer v4.13 for iOS, adding this key value pair blocks email content from unsecured connections in Boxer.

Configuration Key Value Type Configuration Value Description
PolicyEnforceHTTPS Boolean

False = disabled (default)

True = enabled

When set to True, email content from unsecured HTTP connections are not loaded. Outgoing links (hrefs) are not affected since the outgoing links can be controlled using Browser policy.

(Android only) Limit Notification

Configuration Key Value Type Configuration Value Description
PolicyLimitNotificationText Integer

0 - Displays Sender, Subject, and Body Preview (Default)

1 - Displays Sender and Subject

2 - Displays Sender

3 - Generic notification (You've got a new email)

4 - No notification

Set configuration value to limit what is displayed in Boxer notification.

Mark External Addresses

Add the following keys to configure Boxer to warn the user when adding external recipients to emails.

Configuration Key Value Type Configuration Value Description
AppDomainsInternal String Provide the list of internal domains. For example, [vmware.com, air-watch.com]. Define the domains that are internal or permitted. The user can disable the warning using the 'Confirm before sending' setting in Boxer when the internal domains are defined and AppDomainsWarning key is not set.
AppDomainsWarning Boolean

True - enabled

False - disabled (default)

Set to True to enable warning when the user enters recipients from external domains. If the domains are configured and the AppDomainsWarning value is set to True, the 'Confirm before sending' setting is unavailable to the users. When the warning is displayed, the user can either Accept and return to the Compose email menu or Ignore and continue sending the email to external recipients.

If the AppDomainsInternal key is enabled and the AppDomainsWarning key is disabled, then the ‘Confirm before sending emails’ setting is disabled and the device user can toggle the setting in the Boxer app as per requirement. If the 'AppDomainsInternal' key and 'AppDomainsWarning' key is disabled, then the 'Confirm before sending emails' setting is disabled and the device user can enable the setting in the Boxer app as per requirement. If both the AppDomainsInternal and AppDomainsWarning is set to true, then the ‘Confirm before sending emails’ setting is enabled and is unavailable to the device user.

Mobile Flows

Add the following keys to configure Mobile Flows for Boxer.

Configuration Key Value Type Configuration Value Description
AppMobileFlowsEnabled Boolean

True - enabled

False - disabled

Set to True to enable Mobile Flows for Boxer.

AppMobileFlowsHost String Provide a valid URL for the Mobile Flows host. For example, http://acme.hero.acme1.com Define the URL for the Mobile Flows host.
AppMobileFlowsvIDM String Provide a valid URL for authenticating the device users. For example, http://acme.vIDM.acme2.com Defines the URL for the device user to authenticate.

Allow Local Contacts

Add this key to define the policy for local contacts in Boxer.

Configuration Key Value Type Configuration Value Description
PolicyAllowLocalContacts Boolean

True - enabled

False - disabled

Set to True to enable local contacts in Boxer. If disabled, the Local Contacts option in Boxer is unavailable to the end users.

Allow Local Calendars

Add this key to define the policy for local calendars in Boxer.

Configuration Key Value Type Configuration Value Description
PolicyAllowLocalCalendars Boolean

True - enabled

False - disabled

Set to True to enable local calendars in Boxer. If disabled, the Local Contacts option in Boxer is unavailable to the end users.

(iOS only) PolicyDerivedCredentials

Add this key to enable derived credentials authentication policy for Boxer. When enabled, the device users must install VMware PIV-D Manager app for enrolling into Boxer.

Configuration Key Value Type Configuration Value Description
PolicyDerivedCredentials Integer

1- enabled

0 - disabled

Set to 1 to enable derived credentials enrollment in Boxer.

Default Swipe Actions

Add this key to define the default swipe actions in Boxer.

Configuration Key Value Type Configuration Value Description
AppSwipesLeftShortDefault Integer

1 - actions grid

2 - archive

3 - delete

4 - move

5 - flag

6 - quick reply

7 - read or unread

8 - spam

Define the default swipe actions. User can customize swipe actions using the options provided in the Boxer app.

AppSwipesLeftLongDefault
AppSwipesRightShortDefault
AppSwipesRightLongDefault

Default Conversation View

Add this key to define the default policy for converation view in Boxer.

Configuration Key Value Type Configuration Value Description
AppConversationViewDefault Boolean

True - enabled

False - disabled

Set to True to enable conversation threading by default. When set to False, the conversation threading option is disabled for the users.

Default Avatar Policy

Add this key to define the default policy for avatars in Boxer.

Configuration Key Value Type Configuration Value Description
AppAvatarsDefault Boolean

True - enabled

False - disabled

Set to True to enable avatars by default. User can change the Avatar setting using the options provided in the Boxer app.

(iOS only) Allow Custom Keyboards

Add this key to define the policy for allowing third-party keyboards with Boxer.

Configuration Key Value Type Configuration Value Description
PolicyAllowCustomKeyboards Boolean

True - enable (default value for unmanaged device)

False - disable (default value for managed device)

Set to True to permit users to activate third-party keyboards within Boxer.

Export Contacts by Default

Add this key to enable or disable exporting of contacts by default.

Configuration Key Value Type Configuration Value Description
AppDefaultCallerID Boolean

True - enabled

False - disabled

Set to true to enable the exporting of contacts by default. This setting requires the Caller ID option in the AirWatch Console to be set as Unrestricted.

Allow Caller ID (Contact Export for iOS)

Add this key to enable or disable Export Contact option in Boxer for end users.

Configuration Key Value Type Configuration Value Description
PolicyAllowCallerID Boolean

True - enabled

False - disabled

Set to true to enable the exporting of contacts by the end users. This setting requires the AppDefaultCallerID configuration value set to 'enabled'.

If disabled, the Export Contacts option in Boxer is unavailable for the end users.

Allow Archive

Add this key to enable or disable Archive action in Boxer for end users.

Configuration Key Value Type Configuration Value Description
PolicyAllowActionArchive Boolean

True - enabled

False - disabled

Set to true to enable archive action by the end users.

If disabled, the Archive option in Boxer is unavailable for the end users.

Allow Spam

Add this key to enable or disable Spam action in Boxer for end users.

Configuration Key Value Type Configuration Value Description
PolicyAllowActionSpam Boolean

True - enabled

False - disabled

Set to true to enable spam action by the end users.

If disabled, the Spam option in Boxer is unavailable for the end users.

Restricting Third-Party Attachments

Add these keys to restrict the device user from attaching files to emails from multiple third-party sources.

Configuration Key Value Type Configuration Value Description
PolicyAllowDocProviders Boolean

True - enable

False - disable

Enables or disables attachments from external providers (iCloud, Dropbox, Google Drive, etc.) within Boxer.
PolicyAllowOpenIn Integer

0 - not allowed

1 - allowed

Enables or disables attaching of files from other apps using open-in or share into Boxer. When open-in or sharing of attachments are disabled, the message 'Your administrator has restricted attachments from external applications' is displayed.
(iOS Only) PolicyAllowPhotoAttachment Boolean

True - enable

False - disable

Enables or disables attaching of images and media files from photo gallery and camera.

S/MIME

Use these key value pairs to configure S/MIME support.

Configuration Key Value Type Configuration Value Description
PolicySMIME Integer

0 - disabled (default)

1 - allowed

2 - required

Changes the status of S/MIME support.
PolicySMIMEEnableRevocationCheck Integer

0 - disabled

1 - enabled

Enable or disable Online Certificate Status Protocol (OCSP).
PolicySMIMERevocationCheckUrl String

Supported format:

http://ocsp.acme.us/

ocsp:88

Configure the Revocation check URL.
PolicySMIMERevocationCheckType Integer

0 - check entire chain

1 - check only user certificate

Configure the revocation check type.
PolicySMIMERevocationUseAIA Integer

0 - disabled (don't use URL configured inside certificate for revocation status, use PolicySMIMERevocationCheckUrl only)

1 - enabled (use URL configured inside certificate for revocation status check, fall back to PolicySMIMERevocationCheckUrl if it is unavailable)

2 - required (only use URL configured inside certificate to check for revocation status, ignore PolicySMIMERevocationCheckUrl)

Define the revocation usage policy.
PolicySMIMERevocationEnforceNonce Integer

0 - disabled (enforce nonce)

1 - enabled (do not use nonce)

Define the nonce usage policy.
PolicySMIMERevocationTTL Integer 7 - Default value Define the amount of time to retain the revocation data.
PolicySMIMETrustStore Integer

0 - Device Trust Store (default)

1 - Boxer Trust Store

Define the Trust Store.

Refetch Empty Links

Add this key value pair to configure refetch policy for non-standard URL schemes.

Configuration Key Value Type Configuration Value Description
AppRefetchEmptyLinksUsingMime Boolean True - Use MIME to fetch email body For emails (fetched using HTML) that contain non-standard URL schemes, pointing to non-server domains, Exchange replaces the URL with two empty spaces. Enable the PolicyRefetchEmptyLinksUsingMime for the Boxer to detect this occurrence and re-download the affected body using MIME, which is not subject to the URL replacement error.

Modern Authentication

Add this key value pair to enable modern authentication for Office 365 accounts.

Configuration Key Value Type Configuration Value Description
AccountUseOauth Boolean

True - enable

False - disable

Enables or disables modern authentication for Office 365 accounts. When enabled, during enrollment, users are redirected to the login page for entering email password.

Downloading Attachments

Add this key value pair to enable or disable downloading of attachments.

Configuration Key Value Type Configuration Value Description
PolicyAllowAttachments Boolean

True - enable

False - disable

Enables or disables downloading of attachments.

Activate SSO

If SSO is enabled in the Security Policies, enable Application uses AirWatch SDK and assign the following application configuration keys and values to add SSO functionality for Boxer. For using SSO functionality in Boxer (iOS and Android) , you must have AirWatch Console version 9.0.5 or above.

Configuration Key Value Type Configuration Value Description
AppForceActivateSSO Boolean

True - enable

False - disable

Enables or disables SSO for Boxer.

Browser Exception List

You can use the AppDefaultBrowserExceptions key to create exception lists for hyperlinks when hyperlinks are Restricted or Unrestricted in the AirWatch Console.

You can configure the key value pairs to support the following functionalities:

  • If hyperlinks are restricted in the AirWatch Console, all links open in VMware Browser
  • If hyperlinks are restricted, but has an exception list, all available browsers are displayed but only links in the exception list opens in the default browser
  • If hyperlinks are unrestricted in the AirWatch Console, all available browsers are displayed and all links open in the default browser
  • If hyperlinks are unrestricted in the AirWatch Console, but has an exception list, all available browsers are displayed and the links in the exception list only opens in VMware Browser
Configuration Key Value Type Configuration Value Description
AppDefaultBrowserExceptions String

AppDefaultBrowserExceptions = ["*.acme.com", "acme*.acme1.com", "source.acme.com", "acme.com"]

Create exception list to restrict and unrestrict specific links from opening in the default browser.

Security Classifications

Enable Email Classification Marking to assign security classifications to the emails sent from Boxer. Assign the following application configuration keys and values to enable Email Classification Marking feature:

Configuration Key Value Type Configuration Value Description
PolicyClassMarkingsEnabled Integer

0 - disable

1 - enable

Enables or disables classification markings.

PolicyClassMarkingsXHeader

String x-header-name (Optional) Enables and defines x-header for classification.
PolicyClassVersion String

1.0

Version number for classification feature.
PolicyClassMarkingsRankEnabled Integer

0 - disable

1 - enable

(Optional) Enables hierarchical classification ranking.
PolicyClassMarkingsDefaultClass String Confidential, Restricted, Protected, or Secret (Optional) Set the default classification for emails. The value must match a display name from an entry in PolicyClassMarkings configuration value.
PolicyClassMarkings String PolicyClassMarkings Configuration Value Defines the hierarchical list of classifications.

 

PolicyClassMarkings Configuration Value

[{
                  			"Rank": 4,
                  			"DisplayName": "Secret",
                  			"Description": "This is secret...",
                  			"Subject": "(Secret)",
                  			"TopBody": "Classification: Secret",
                  			"BottomBody": "Classification: Secret",
                  			"XHeader": "Secret"
                  			}, {
                  			"Rank": 3,
                  			"DisplayName": "Restricted",
                  			"Description": "This is restricted...",
                  			"Subject": "(Restricted)",
                  			"TopBody": "Classification: Restricted",
                  			"BottomBody": "",
                  			"XHeader": "Restricted"
                  			}, {
                  			"Rank": 2,
                  			"DisplayName": "Protected",
                  			"Description": "This is protected...",
                  			"Subject": "[Sec=Protected]",
                  			"TopBody": "",
                  			"BottomBody": "Classification: Protected",
                  			"XHeader": "Protected"
                  			}, {
                  			"Rank": 1,
                  			"DisplayName": "Confidential",
                  			"Description": "This is confidential...",
                  			"Subject": "(Confidential)",
                  			"TopBody": "Classification: Confidential",
                  			"BottomBody": "Classification: Confidential",
                  			"XHeader": "Confidential"
                  		}]
                  
                  
                  
               

Configure Privacy Settings for Boxer

Use the configuration keys in the UEM console to perform additional privacy disclosure and data collection practices. When Boxer is launched, a privacy notice is displayed to the end users who are upgrading to or using the latest Boxer version.

The privacy dialog screen lets the user know the following information:

  • Data collected by the app – Provides a summary of data that is collected and processed by the application. Some of this data is visible to the administrators of the Workspace ONE UEM administration console.
  • Device Permissions – Provides a summary of device permissions requested for the app to enable product features and functionality, such as push notifications to the device.
  • Company's privacy policy – By default, a message is displayed to the user to contact the employer for more information. You can configure the privacy policy URL in the UEM console. Once configured, the user can access the employer’s privacy policy from Boxer.

If you are using SDK Default settings:

  1. Navigate to Group & Settings > All Settings.

  2. From All Settings, navigate to Apps > Settings & Policies > Settings.
  3. Select Enable Custom Settings and paste the configuration keys as per your requirement.

    For example, to enable Crash reporting, { "PolicyAllowCrashReporting": true}.

  4. Select Save.

If you are using a custom SDK profile for Boxer:

  1. Navigate to Group & Settings > All Settings.

  2. If you have an existing custom profile, navigate to Apps > Settings & Policies > Profiles > Custom Profile > Custom Settings.
  3. If you want to add a custom profile, navigate to Apps > Settings & Policies> Profiles > Add Profile > SDK Profile > iOS> Custom Settings.

  4. From Custom Settings, select Configure and paste the following configuration keys as per your requirement.
    Configuration Key Value Type Supported Values Description
    { "DisplayPrivacyDialog" } Integer

    0 = disabled

    1 = enabled (default)

    When set to '1' (enabled), Boxer displays a privacy notice to the users about the data that is collected and the permissions that are required on the device for the optimal functioning of the app.

    { "PolicyAllowFeatureAnalytics" } Integer

    0 = disabled

    1 = enabled (default)

    When set to '1' (enabled), Boxer displays a notice to the users about the option to opt-in to anonymous feature usage analytics that help VMware improve product functionality and invent new product capabilities. When set to '0', the data sharing notice is not displayed and no data is collected from the device to optimize the app experience.

    The device user can enable or disable data sharing by navigating to Settings > Privacy > Data Sharing.

    { "PolicyAllowCrashReporting" } Boolean

    True = enabled

    False = disabled

    When set to True, app crashes are reported to VMware.
    { "PrivacyPolicyLink" } String "https://www.acme.com" Provide the Policy URL that you want your users to visit when Your company's privacy policy is selected from the Privacy notice.
    Sample SDK configuration: {"PolicyAllowFeatureAnalytics":1, "PrivacyPolicyLink":"https://www.acme.com/privacypolicy", "PolicyAllowCrashReporting":true}
  5. Select Save.