You can monitor and enforce compliance on devices that do not have MDM profiles but do have SDK-built applications with the SDK App Compliance page. Use the page to configure Compromised Protection, Offline Access, OS Version , and Security Patch Date.

See Supported Settings and Policies Options for the SDK to find out which default settings the SDK supports. Find the matrix in the Workspace ONE UEM Mobile Application Management Guide. To know what default settings Workspace ONE UEM applications support, see the topics for that specific application.

The SDK App Compliance setting controls all the items underneath it. If you disable the SDK App Compliance setting, you disable the other app compliance features on the page.


There is no custom profile for the SDK App Compliance feature.

Block and Wipe Functions for SDK App Compliance Settings

SDK app compliance settings identify non-compliant devices with SDK-built applications installed and act with the block or wipe function.


The Wipe function, also called an enterprise wipe, clears privileged corporate data off devices that are not compliant with the applicable parameter. The system does not perform wipe actions on data unrelated to the enterprise.

The Compromised Protection setting uses only the wipe function.


The Block function prevents user access to SDK-built applications that meet a configured parameter.

The Offline Access, OS Version, and Security Patch Date settings use only the block function.