Configure Workspace ONE Boxer with application configuration values.

You can configure settings for your Workspace ONE Boxer deployment using the Configuration Key and Configuration Value pairs provided by Workspace ONE UEM.

To configure these settings, enter the configuration key and the corresponding value into the Application Configuration setting during the app assignment.

Important: If Workspace ONE Boxer is already installed on end-user device, it might take few minutes for Workspace ONE Boxer to download the new profile settings.

Sync Period

Add this key value pair to configure the maximum number of past days of mail and calender to sync in the Workspace ONE Boxer app. This setting allows you to hide the No Limit feature available in the Workspace ONE Boxer app settings.

Configuration Key Value Type Configuration Value Description
PolicyEmailMaxSyncPeriod Integer

0 - sync all

1 - 1 day

2 - 3 days

3 - 1 week

4 - 2 weeks

5 - 1 month

Enter the number of days of past mail to sync.
PolicyCalendarMaxSyncPeriod Integer

0 - sync all

4 - 2 weeks

5 - 1 month

6 - 3 months

7 - 6 months

Enter the number of days of past calendar events to sync.
Note: Set the key value pairs to block syncing of all old emails and calendar until new emails or calendar events are synced first. Removing 0 from the key values disables the No Limit option for PolicyEmailMaxSyncPeriod and PolicyCalendarMaxSyncPeriod.

(iOS only) FastSync - Key Sync Escrow

Add the following key value pairs to improve the background syncing and speed of subsequent syncs.

Configuration Key Value Type Configuration Value Description
ENSEnableKeyEscrow Integer

0 - disabled (default)

1 - enabled

Set to enable FastSync.
ENSKeyEscrowExpiry Integer 48 hours (default) Set the expiration time in hours when Workspace ONE Boxer no longer receives this key.

Default S/MIME Signing and Encryption Algorithms

Add the following key value pairs to configure the default encryption algorithms for signing and encrypting S/MIME emails. When a default S/MIME algorithm is configured, Workspace ONE Boxer sends the outgoing emails with the default configured algorithm. Workspace ONE Boxer also checks the algorithms for the incoming emails. If the incoming emails are not configured with the default algorithm, a warning message is displayed in the conversation view.

Configuration Key Value Type Configuration Value Description
PolicySMIMEDefaultEncryptionAlgorithm String

Allowed Values:

3DES

AES128

AES192

AES256

For example, PolicySMIMEDefaultEncryptionAlgorithm - [“3DES”]

Specify an encryption algorithm to use for incoming and outgoing emails. If a valid algorithm is not provided, the lowest supported algorithm is used (3DES).
PolicySMIMEDefaultSigningAlgorithm String

Allowed values:

SHA1

SHA256

SHA384

SHA512

For example, PolicySMIMEDefaultSigningAlgorithm - [“SHA1”]

Specify a default S/MIME signing algorithm to use for incoming and outgoing emails. If a valid algorithm is not provided, the lowest supported algorithm is used (SHA-1).

(Android Only) S/MIME Algorithms Compliance

Add the following key value pairs to configure the list of algorithms that Workspace ONE Boxer checks for compliance when receiving a signed or encrypted S/MIME email. When set, only the configured algorithms are recognized by Workspace ONE Boxer. Workspace ONE Boxer displays non-compliance warning when accessing emails that are encrypted using any other algorithm, both strong or weak, than that are listed using the key value pairs.

Configuration Key Value Type Configuration Value Description
PolicySMIMEConformingEncryptionAlgorithms String

Supported Values:

3DES

AES128

AES192

AES256

For example, PolicySMIMEConformingEncryptionAlgorithms = ["AES-128", "AES-256"]

Set the algorithms that are recognized by Workspace ONE Boxer for encrypting S/MIME emails.
PolicySMIMEConformingSigningAlgorithms String

Supported Values:

SHA1

SHA256

SHA384

SHA512

For example, PolicySMIMEConformingSigningAlgorithms = ["SHA-256", "SHA-512"]

Set the algorithms that are recognized by Workspace ONE Boxer for signing S/MIME emails.

ENSv2 Notification Policy

Add the following key value pair to configure the ENS Notification Policy for Workspace ONE Boxer. When configured, Workspace ONE Boxer immediately re-subscribes to ENSv2 and notification policy is updated as per the set key value. For more information about configuring ENS2 for Workspace ONE Boxer, see VMware Email Notification Service v2.0 Installation and Configuration Guide available at docs.vmware.com.

Configuration Key Value Type Configuration Value Description
PolicyLimitNotificationText Integer

0 - sets notification to sender, subject and preview.

1 - sets notification to sender and subject (default).

2 - sets notification to sender.

3 - sets notification to generic message (new message).

4 - sets notification to none (only the badge is updated).

Configure the notification policy used by Workspace ONE Boxer.

Plain Text Mode

Add the following key value pair to configure Workspace ONE Boxer plain text mode.

Configuration Key Value Type Configuration Value Description
AppPlainTextMode Boolean

False - disabled (default)

True - enabled

Set to True to enable Workspace ONE Boxer plain text mode. When set, Workspace ONE Boxer retrieves only plain text from HTML mails when syncing. Workspace ONE Boxer sends only plain text regardless of the email message format. The formatting controls in compose view is disabled and only text can be copied and pasted from rich or HTML content.

Policy Allow Metrics

Add this key to define the policy for allowing collection of anonymous usage data to improve user's Workspace ONE Boxer experience. When enabled, a Data Sharing notice is displayed to user when Workspace ONE Boxer is launched. The device user can enable or disable data sharing by navigating to Settings > Privacy > Data Sharing.

Configuration Key Value Type Configuration Value Description
PolicyAllowMetrics Boolean

False - disabled (default)

True - enabled

Set to True to enable data collection for Workspace ONE Boxer experience improvement. The value of PolicyAllowFeatureAnalytics, when set from Custom SDK settings takes precedence over the value of PolicyAllowMetrics that is set from App Configuration Settings.

Policy Allow Crash Reporting

Add this key to define the policy for reporting Workspace ONE Boxer crashes to VMware.

Configuration Key Value Type Configuration Value Description
PolicyAllowCrashReporting Boolean

True - enabled (default)

False - disabled

Set to True to report Workspace ONE Boxer crashes to VMware. The value of PolicyAllowCrashReporting, when set from Custom SDK settings takes precedence over the value that is set from App Configuration Settings.

(iOS only) Allow Print

Configuration Key Value Type Configuration Value Description
PolicyAllowPrint Boolean

True - enabled (default)

False - disabled

Set to False to disable printing of emails from Workspace ONE Boxer.

Note: You can only print the email from a Boxer preview and not the attachments. To print attachments, open it to some third-party apps, and then print it from there.

(iOS only) Enforce HTTPS

From Workspace ONE Boxer v4.13 for iOS, adding this key value pair blocks email content from unsecured connections in Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
PolicyEnforceHTTPS Boolean

False = disabled (default)

True = enabled

When set to True, email content from unsecured HTTP connections are not loaded. Outgoing links (hrefs) are not affected since the outgoing links can be controlled using Browser policy.

Limit Notification

Configuration Key Value Type Configuration Value Description
PolicyLimitNotificationText Integer

0 - Displays Sender, Subject, and Body Preview

1 - Displays Sender and Subject (Default)

2 - Displays Sender

3 - Generic notification (You've got a new email)

4 - No notification

Set configuration value to limit what is displayed in Workspace ONE Boxer notification.

Mark External Addresses

Add the following keys to configure Workspace ONE Boxer to warn the user when adding external recipients to emails.

Configuration Key Value Type Configuration Value Description
AppDomainsInternal String Provide the list of internal domains. For example, [vmware.com, air-watch.com]. Define the domains that are internal or permitted. The user can disable the warning using the 'Confirm before sending' setting in Workspace ONE Boxer when the internal domains are defined and AppDomainsWarning key is not set.
AppDomainsWarning Boolean

False - disabled (default)

True - enabled

Set to True to enable warning when the user enters recipients from external domains. If the domains are configured and the AppDomainsWarning value is set to True, the 'Confirm before sending' setting is unavailable to the users. When the warning is displayed, the user can either Accept and return to the Compose email menu or Ignore and continue sending the email to external recipients.

If the AppDomainsInternal key is enabled and the AppDomainsWarning key is disabled, then the ‘Confirm before sending emails’ setting is disabled and the device user can toggle the setting in the Workspace ONE Boxer app as per requirement. If the 'AppDomainsInternal' key and 'AppDomainsWarning' key is disabled, then the 'Confirm before sending emails' setting is disabled and the device user can enable the setting in the Workspace ONE Boxer app as per requirement. If both the AppDomainsInternal and AppDomainsWarning is set to true, then the ‘Confirm before sending emails’ setting is enabled and is unavailable to the device user.

Mobile Flows

Add the following keys to configure Mobile Flows for Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
AppMobileFlowsEnabled Boolean

False - disabled (default)

True - enabled

Set to True to enable Mobile Flows for Workspace ONE Boxer.

AppMobileFlowsHost String Provide a valid URL for the Mobile Flows host. For example, http://acme.hero.acme1.com Define the URL for the Mobile Flows host.
AppMobileFlowsvIDM String Provide a valid URL for authenticating the device users. For example, http://acme.vIDM.acme2.com Defines the URL for the device user to authenticate.

Allow Local Calendars

Add this key to define the policy for local calendars in Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
PolicyAllowLocalCalendars Boolean

True - enabled (default)

False - disabled

Set to True to enable local calendars in Workspace ONE Boxer. If disabled, the Local Contacts option in Workspace ONE Boxer is unavailable to the end users.

PolicyDerivedCredentials

Add this key to enable derived credentials authentication policy for Workspace ONE Boxer. When enabled, the device users must install VMware PIV-D Manager app for enrolling into Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
PolicyDerivedCredentials Integer

1- enabled

0 - disabled

Set to 1 to enable derived credentials enrollment in Workspace ONE Boxer.

Default Swipe Actions

Add this key to define the default swipe actions in Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
AppSwipesLeftShortDefault Integer

1 - actions grid

2 - archive

3 - delete

4 - move

5 - flag

6 - quick reply

7 - read or unread

8 - spam

Define the default swipe actions. User can customize swipe actions using the options provided in the Workspace ONE Boxer app.

AppSwipesLeftLongDefault
AppSwipesRightShortDefault
AppSwipesRightLongDefault

Default Conversation View

Add this key to define the default policy for conversation view in Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
AppConversationViewDefault Boolean

True - enabled (default)

False - disabled

Set to True to enable conversation threading by default. When set to False, the conversation threading option is disabled for the users.

Default Avatar Policy

Add this key to define the default policy for avatars in Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
AppAvatarsDefault Boolean

True - enabled (default)

False - disabled

Set to True to enable avatars by default. User can change the Avatar setting using the options provided in the Workspace ONE Boxer app.

(iOS only) Allow Custom Keyboards

Add this key to define the policy for allowing third-party keyboards with Workspace ONE Boxer.

Configuration Key Value Type Configuration Value Description
PolicyAllowCustomKeyboards Boolean

True - enable (default value for unmanaged device)

False - disable (default value for managed device)

Set to True to permit users to activate third-party keyboards within Workspace ONE Boxer.

Export Contacts by Default

Add this key to enable or disable exporting of contacts by default.

Configuration Key Value Type Configuration Value Description
AppDefaultCallerID Boolean

True - enabled (default)

False - disabled

Set to true to enable the exporting of contacts by default. This setting requires the Caller ID option in the Workspace ONE UEM console to be set as Unrestricted.

Allow Caller ID (Contact Export for iOS)

Add this key to enable or disable Export Contact option in Workspace ONE Boxer for end users.

Configuration Key Value Type Configuration Value Description
PolicyAllowCallerID Boolean

True - enabled (default)

False - disabled

Set to true to enable the exporting of contacts by the end users. This setting requires the AppDefaultCallerID configuration value set to 'enabled'.

If disabled, the Export Contacts option in Workspace ONE Boxer is unavailable for the end users.

Allow Archive

Add this key to enable or disable Archive action in Workspace ONE Boxer for end users.

Configuration Key Value Type Configuration Value Description
PolicyAllowActionArchive Boolean

True - enabled (default)

False - disabled

Set to true to enable archive action by the end users.

If disabled, the Archive option in Workspace ONE Boxer is unavailable for the end users.

Phishing Reporting

Add this key to enable phishing reporting action in Workspace ONE Boxer for end users.
Configuration Key Value Type Configuration Value Description
AppPhishEmailAddress string Any email address that is in valid format. The reported email is sent to the email address specified by the configuration value.

Restricting Third-Party Attachments

Add these keys to restrict the device user from attaching files to emails from multiple third-party sources.

Configuration Key Value Type Configuration Value Description
PolicyAllowDocProviders Boolean

True - enable (default)

False - disable

Enables or disables attachments from external providers (iCloud, Dropbox, Google Drive, etc.) within Workspace ONE Boxer.
PolicyAllowOpenIn Integer

1 - allowed (default)

0 - not allowed

Enables or disables attaching of files from other apps using open-in or share into Workspace ONE Boxer. When open-in or sharing of attachments are disabled, the message 'Your administrator has restricted attachments from external applications' is displayed.
(iOS Only) PolicyAllowPhotoAttachment Boolean

True - enable (default)

False - disable

Enables or disables attaching of images and media files from photo gallery and camera.

Restricting sharing of UNC/HTTP links

Add this key to restrict the sharing of UNC/HTTP links in an email with long tap menu.

Configuration Key Value Type Configuration Value Description
PolicyAllowSharingLinks Boolean

True - enable (default)

False - disable

Enables or disables the sharing of UNC/HTTP links in an email.

If set to False UNC/HTTP links cannot be shared.

S/MIME

Use these key value pairs to configure S/MIME support.

Configuration Key Value Type Configuration Value Description
PolicySMIME Integer

0 - disabled (default)

1 - allowed

2 - required

Changes the status of S/MIME support.
PolicySMIMEEnableRevocationCheck Integer

0 - disabled (default)

1 - enabled

Enable or disable Online Certificate Status Protocol (OCSP).
PolicySMIMERevocationCheckUrl String

Supported format:

http://ocsp.acme.us/

ocsp:88

Configure the Revocation check URL.
PolicySMIMERevocationCheckType Integer

0 - check entire chain (default)

1 - check only user certificate

Configure the revocation check type.
PolicySMIMERevocationUseAIA Integer

0 - disabled (don't use URL configured inside certificate for revocation status, use PolicySMIMERevocationCheckUrl only) (default)

1 - enabled (use URL configured inside certificate for revocation status check, fall back to PolicySMIMERevocationCheckUrl if it is unavailable)

2 - required (only use URL configured inside certificate to check for revocation status, ignore PolicySMIMERevocationCheckUrl)

Define the revocation usage policy.
PolicySMIMERevocationEnforceNonce Integer

0 - disabled (enforce nonce) (default)

1 - enabled (do not use nonce)

Define the nonce usage policy.
PolicySMIMERevocationTTL Integer 7 - Default value Define the amount of time to retain the revocation data.
PolicySMIMETrustStore Integer

0 - Device Trust Store (default)

1 - Workspace ONE Boxer Trust Store

Define the Trust Store.

Refetch Empty Links

To configure the refetch policy for non-standard URL schemes, add the following key value pair:

Configuration Key Value Type Configuration Value Description
AppRefetchEmptyLinksUsingMime Boolean

True - enabled

False - disabled

Note: The default value on iOS is True, whereas the default value on Android is False.

For emails (fetched using HTML) that contain non-standard URL schemes, pointing to non-server domains, Exchange replaces the URL with two empty spaces. You can enable the PolicyRefetchEmptyLinksUsingMime key to detect this occurrence and redownload the affected body using MIME, which is not subject to the URL replacement error.

Modern Authentication

To enable modern authentication for Office 365 accounts, add the following key value pair:

Configuration Key Value Type Configuration Value Description
AccountUseOauth Boolean

False - disable (default)

True - enable

Enables or disables modern authentication for Office 365 accounts. When enabled, during enrollment, users are redirected to the login page for entering email password.
Workspace ONE Boxer also supports Certificate-Based Authentication with Modern Authentication (CBA with Modern Authentication).
Note:
  • Modern authentication is enabled by default for personal (non-managed) Exchange accounts.
  • iOS does not support Certificate-based authentication using Modern Authentication. Only Android supports this authentication mode.
You must set the following authentication types in addition to the AccountUseOauth key to support the modern authentication:
  • Set the authentication type to Basic and add the key for Modern Authentication with password.
  • Set the authentication type to Certificate and add the modern authentication key with only authentication certificates or set the authentication type to Both and add the modern authentication key with both authentication certificate and password.
    Note: These types of authentication only work when MDM is deployed on iOS Boxer. Boxer for Android supports both MDM and MAM.

Enable Umlaut Characters in Login Password on Android Devices

By default, Workspace ONE Boxer uses UTF-8 decoding while authenticating users. Boxer's authentication fails if your Exchange password contains umlaut characters (ä, Ë, ë, Ï, ï) as UTF-8 does not support these characters.

To support umlaut characters, add the following key to change Boxer's encoding from UTF-8 to ISO-8859-1.

Configuration Key Value Type Configuration Value Description
EnableNewAuthEncoding Boolean

False - disabled (default)

True - enabled

Set the value to true to change the Boxer encoding to ISO-8859-1 that supports umlaut characters.

Downloading Attachments

Add this key value pair to enable or disable downloading of attachments.

Configuration Key Value Type Configuration Value Description
PolicyAllowAttachmentsDownload Boolean

True - enable (default)

False - disable

Enables or disables downloading of attachments.

Managing Attachments

Add this key value pair to enable or disable attachments for sending mails..

Configuration Key Value Type Configuration Value Description
PolicyAllowAttachments Boolean

True - enable (default)

False - disable

Enables or disables attachments for sending mails.

Spam Reporting

Add the following configuration keys to forward a spam marked email to the configured address and then delete the email from the user’s account once it has been forwarded to the configured address.
Configuration Key Value Type Configuration Value Description
AppSpamForwardAddress String Valid email address (spam@email.com). Set the email address where spam emails are sent.
PolicyDeleteOnSpamForward Boolean

False - disable (default)

True - enable

Set to delete the spam email from the user’s device after forwarding.
PolicyAllowActionSpam Boolean

True - enabled (default)

False - disabled

Set to true to enable spam action by the end users.

If disabled, the Spam option in Workspace ONE Boxer is unavailable for the end users.

Activate SSO

If SSO is enabled in Security Policies, enable Application uses AirWatch SDK and assign the following application configuration key to add SSO functionality for Workspace ONE Boxer. For using SSO functionality in Workspace ONE Boxer (iOS and Android), you must have Workspace ONE console version 9.0.5 or above.

Configuration Key Value Type Configuration Value Description
AppForceActivateSSO Boolean

True - enable

False - disable

Enables or disables SSO for Workspace ONE Boxer.

Enterprise Content requires this value to be set to true.

Note:
  • To run the mobile SSO authentication smoothly on your Android device, make sure you use the latest version of Chrome.
  • If you want to make the Forgot Passcode option available to your users, you must enable the AppForceActivateSSO key and configure SSO in theWorkspace ONE UEM console. For more information about SSO, see Security Policies for the Default SDK Profile
.

Health Check - Boxer Version update for iOS devices

Add the following console key to alter the app opened when the user taps to update Boxer.

Configuration Key Value Type Configuration Value Description
AppUpdateSource Integer

0 (default) - App Store

1 - Intelligent Hub

Set the value to 1 to change the default app opened when the user taps to update Boxer from the Health Check screen.

QuickJoin - Vanity URL Support

To configure Boxer to detect meeting links with vanity URLs, add the following key in the Boxer's application configuration.

Configuration Key Value Type Configuration Value Description
PolicyCustomOnlineMeetingUrls String A JSON formatted string containing a map of the meeting types and corresponding set of wildcard URLs.

Example:

{ 

   "skype":[ 

      "https://lync.company.com/*",

      "https://sample.us/j/*"

   ],

   "zoom":[ 

      "https://meetings.company.com/*",

      "https://sample.us/j/*",

      "https://mtg.company.com/*"

   ],

   "webex":[ 

      "https://webex.company.com/*"

   ]

 

}

Set these URLs in the console corresponding to the meeting types to permit Boxer to detect meeting links with vanity URLs.

Validate the format externally before entering into the UEM Console.

Browser Exception List

You can use the AppDefaultBrowserExceptions key to create exception lists for hyperlinks when hyperlinks are Restricted or Unrestricted in the Workspace ONE UEM console.

You can configure the key value pairs to support the following functionalities:

  • If hyperlinks are restricted in the Workspace ONE UEM console, all links open in Workspace ONE Web.
  • If hyperlinks are restricted, but has an exception list, all available browsers are displayed but only links in the exception list opens in the default browser.
  • If hyperlinks are unrestricted in the Workspace ONE UEM console, all available browsers are displayed and all links open in the default browser.
  • If hyperlinks are unrestricted in the Workspace ONE UEM console, but has an exception list, all available browsers are displayed and the links in the exception list only opens in Workspace ONE Web.
Configuration Key Value Type Configuration Value Description
AppDefaultBrowserExceptions String

AppDefaultBrowserExceptions = ["*.acme.com", "acme*.acme1.com", "source.acme.com", "acme.com"]

Creates an exception list to restrict and unrestrict specific links from opening in the default browser.
Note: If the browser exception regex value is set to *google.com and the user receives a link in Boxer such as https://www.gooogle.com, then this link opens in Workspace ONE Web application as it matches the wildcard for browser exception. However, if the link is like https://www.abc.com/?url=https://www.google.com/, then the regex fails to match and the link can be open in any of the browser.

Enterprise Content

To configure Enterprise Content in Boxer, add the following key to Boxer's application configuration.

Configuration Key Value Type Configuration Value Description
PolicyAllowEnterpriseContent Boolean

True - enable

False - disable

Set the value to true to configure Enterprise Content in Boxer.
Note: Enterprise Content requires setting the key AppForceActivateSSO to true.

Watermark Support

You can add a customized watermark text that covers sensitive areas in Boxer.

To configure the watermark, add the following keys to Boxer’s application configuration.

Configuration Key Value Type Example Configuration Value Description
PolicyWatermarkText String CustomWatermarkText Defines the watermark text.
PolicyWatermarkOpacity Integer

20 (default)

(Optional) Defines the opacity of the text.

You can set any number from 0 through 100.

PolicyWatermarkColor String

#0079B8 (default)

(Optional) Defines the color of the text in the hexadecimal format.

Blue is the default color.

Note: Ensure that the watermark text has appropriate visibility in Dark Mode or Dark Theme when you set the color and opacity value different from the default value.

Security Classifications

Enable Email Classification Marking to assign security classifications to the emails sent from Workspace ONE Boxer. Assign the following application configuration keys and values to enable Email Classification Marking feature:

Configuration Key Value Type Configuration Value Description
PolicyClassMarkingsEnabled Integer

0 - disable (default)

1 - enable

Enables or disables classification markings.

PolicyClassMarkingsXHeader

String x-header-name (Optional) Enables and defines x-header for classification.
PolicyClassVersion String

1.0

Version number for classification feature.
PolicyClassMarkingsRankEnabled Integer

0 - disable (default)

1 - enable

(Optional) Enables hierarchical classification ranking.
PolicyClassMarkingsDefaultClass String Confidential, Restricted, Protected, or Secret (Optional) Set the default classification for emails. The value must match a display name from an entry in the PolicyClassMarkings configuration value.
PolicyClassMarkings String PolicyClassMarkings Configuration Value Defines the hierarchical list of classifications.
PolicyClassMarkings Configuration Value
[{
			"Rank": 4,
			"DisplayName": "Secret",
			"Description": "This is secret...",
			"Subject": "(Secret)",
			"TopBody": "Classification: Secret",
			"BottomBody": "Classification: Secret",
			"XHeader": "Secret"
			}, {
			"Rank": 3,
			"DisplayName": "Restricted",
			"Description": "This is restricted...",
			"Subject": "(Restricted)",
			"TopBody": "Classification: Restricted",
			"BottomBody": "",
			"XHeader": "Restricted"
			}, {
			"Rank": 2,
			"DisplayName": "Protected",
			"Description": "This is protected...",
			"Subject": "[Sec=Protected]",
			"TopBody": "",
			"BottomBody": "Classification: Protected",
			"XHeader": "Protected"
			}, {
			"Rank": 1,
			"DisplayName": "Confidential",
			"Description": "This is confidential...",
			"Subject": "(Confidential)",
			"TopBody": "Classification: Confidential",
			"BottomBody": "Classification: Confidential",
			"XHeader": "Confidential"
		}]
 

Restrict Screenshots in Boxer on Android Devices

Add the following key to restrict Android device users from taking screenshots in Boxer:

Configuration Key Value Type Configuration Value Description
PolicyRestrictScreenshots Boolean

False - screenshots allowed (default)

True - screenshots restricted

Set the value to true to restrict taking of screenshots in Boxer.

Skipping the In-App Tutorial in Android Boxer

Add the following key to Boxer's application configuration:

Configuration Key Value Type Configuration Value Description
AppShowFirstTimeTutorials Boolean

True - enabled (default)

False - disabled

Set the value to false to disable the in-app tutorials.

Skipping the Battery Optimization Screen in Android Boxer

Add the following key to Boxer's application configuration:

Configuration Key Value Type Configuration Value Description
AppShowOptOutBatteryOptimizationScreen Boolean

True - enabled (default)

False - disabled

Set the value to false to skip the Battery Optimization screen.

Enable S/MIME Signing by default for iOS Boxer

Add the following key to enable the S/MIME digital signing for all outgoing email messages by default. To enable this option, you must also ensure that the S/MIME is enabled and configured on the Exchange account.

Configuration Key Value Type Configuration Value Description
AccountSMIMESignByDefault Boolean

True - enabled (default)

False - disabled

Use this key to digitally sign all outgoing emails by default.

When the key value is set to true, the S/SMIME signing is always enabled in the Boxer Settings and the users are not allowed to change this setting.

If the admin has not configured the AccountSMIMESignByDefault key, users can also set the S/MIME signing as a default option when S/MIME is enabled for that Exchange account. To do so, user must navigate to Boxer Settings > Account > S/MIME > On > Sign > On and enable the Sign email by default option.

Note:

Even if the SMIME signing is enabled by default, users can always opt to disable signing when composing any specific email.

Enable AIP Sensitivity Labels in Workspace ONE Boxer

Add the following key to the Boxer's application configuration.

Configuration Key Value Type Configuration Value Description
PolicySensitivityLabelsEmailClassification Boolean

False - disabled (default)

True - enabled

Set the key value to true to enable the AIP Sensitivity labels in Workspace ONE Boxer.

Configure Purebred as a Certificate Source for Android Boxer

Add the following keys to the Boxer's application configuration.

Configuration Key Value Type Configuration Value Description
PolicyDerivedCredentials Integer 2

Set the value to 2, to configure Purebred as a certificate source for Certificate-based authentication (CBA). The default value of this key is 0.

PolicyDerivedCredentialsSMIME Integer 2

Set the value to 2, to configure Purebred as a certificate source for S/MIME certificates. By default, the value of this key is 0 and the certificate source is the Workspace ONE UEM Console.

Note: To enable S/MIME, you must configure the PolicySMIME key.

Configure Android Boxer to Verify Purebred

Add the following key to the Boxer's application configuration:

Configuration Key Value Type Configuration Value Description
AppPurebredPublicKey String A new Purebred public signing key.

Use this key to override the Purebred public signing key to verify the Purebred Registration application.

Excluding Sender's Email Signature from the Conference Dialer

Add the following key to exclude the phone numbers displayed in the sender's email signature when viewing the OneTap dialing section of a calendar invite.

Configuration Key Value Type Configuration Value Description
AppExcludeSignatureFromEventParsing Boolean

False - disabled (default)

True - enabled

When the key value is set to True, the phone numbers in the sender's email signature is removed from the OneTap dialing section of a calendar invite.

Important Notes

If a user has changed any settings on the Boxer application, as an administrator you cannot modify the following console keys:
  • AccountDefaultSignature
  • AccountName
  • AccountUserDisplayName
  • AccountSyncEmail
  • AccountSyncCalendar
  • AccountSyncContacts
  • AccountNotifyEmail
  • AccountNotifyCalendar
  • AccountNotifyPush
Boxer maintains a flag indicating whether the setting has been changed. Even if the user changes the local setting identical to default, Boxer still treats it as a user change. If a local change is not made by the user, the updated console configuration is used.
Note: Any configuration changes for Boxer made on the console takes around 15 minutes to reflect the change on the device.
For the following console keys, we honor the user's change and their preferred Sync period is kept same as described above with an exception. If their sync period is lower than the PolicyEmailMaxSyncPeriod and PolicyCalendarMaxSyncPeriod keys, the change remains. For example, if the Max is initially 2 weeks and the user selects to reduce it to 1 week and then the Max is increased to 1 month, the synchronization period fulfills the user's 1 week setting. If the Max is reduced to three days, the sync period of the user is changed to three days.
Configuration Key Value Type Configuration Value Description
PolicyEmailMaxSyncPeriod Integer

1 - 1 day

2 - 3 days

3 - 1 week

4 - 2 weeks

5 - 1 month

The default period of email to sync.
PolicyCalendarMaxSyncPeriod Integer

4 - 2 weeks

5 - 1 month

6 - 3 months

7 - 6 months

The default period of calendar to sync.