Read All User Devices

Read all user devices in Google Workspace.

Unless otherwise indicated, field types are text.

Required fields are indicated by a red asterisk on the Action Card.

Input

Field Definition Type Required
Ready By
Email Device owner's primary email addresses String TRUE

Output

Field Definition Type
Mobile Devices
Device ID Google Sync mobile device's serial number String
Name Device owner's user names List of Text
Etag ETag of the resource String
Kind Type of API resource; for mobile devices, the value is admin#directory#mobiledevice String
Resource ID Unique identifier that the API service uses to identify the mobile device String
Model Mobile device's model name; for example, Nexus S String
OS Mobile device's operating system; for example, iOS 4.3 or Android 2.3.5 String
Status

Mobile device's status.

  • ACCOUNT_WIPED: a remote wipe removes the account to which the device belongs.

  • ACCOUNT_WIPING: the account to which the device belongs is being remotely wiped.

  • APPROVED: device is approved

  • BLOCKED: a blocked device still shows up in the Admin console's Devices tab, but the user cannot access Google Workspace data such as mail and calendar from the device. Even though blocked on the mobile device, this user can still access the Google Workspace services from a desktop computer. A user must be suspended from all Google Workspace access to be blocked.

  • PENDING: device's approval is pending. If the device has not been approved by an account administrator and therefore is not activated, a newly added device's status is PENDING.

  • UNKNOWN: status of the device is unknown.

  • UNPROVISIONED: this is the default state. If a domain does require a device to be activated, the device starts in this status until provisioning is completed.

  • WIPED: A remote wipe removes all device-based data like mail, calendar, and contacts from the device, but it may not delete data stored on the device's SD card. A user's Google Workspace data remains available through a web browser or other authorized mobile device. Once the content has been deleted, the device's settings are reset to its defaults.

  • WIPING: The device is being remotely wiped. For Android and iOS devices, the device usually receives the remote wipe command within a few seconds. However, sometimes the command doesn't reach the device right away, so the Device Policy app checks the server every three hours for a wipe command. Therefore, the maximum time before the device is wiped is about 3 hours, or when the device reconnects to the network.

 String
Email Device owner's primary email addresses List of Text
Hardware ID IMEI/MEID unique identifier for Android hardware; not applicable to Google Sync devices String
First Sync Date and time the device was initially synchronized with the policy settings in the Admin console; the value is in ISO 8601 date and time format. Date & Time
Last Sync Date and time the device was last synchronized with the policy settings in the Admin console; the value is in ISO 8601 date and time format Date & Time
User Agent Provides information about the device such as OS version String
Serial Number Mobile device's serial number String
IMEI Mobile device's IMEI number String
MEID Mobile device's MEID number String
WiFI MAC Address Mobile device's MAC address on Wi-Fi networks String
Network Operator Mobile device's mobile or network operator String
Default Language Default language used on the device String
Compromised Status

Compromised device status:

  • Compromise detected: there are indications the mobile device has been compromised, such as, the presence of an unlocked bootloader, use of a custom ROM, or the presence of a 'SU (Superuser) binary' on the device.

  • No compromise detected: no compromise has been detected on the device.

  • Undetected: status of the device is unknown.

 String
OS Build Number Build number for the mobile device's operating system String
Kernel Version Mobile device's kernel version String
Baseband Version Mobile device's kernel version String
Is Owner Profile? Indicates whether this account is on owner/primary profile or not Boolean
Is Unknown Sources Enabled? Indicates whether unknown sources are enabled or disabled on device Boolean
Is Adb Enabled? Indicates whether Adb (USB debugging) is enabled or disabled on device Boolean
Is Developer Options Enabled? Indicates whether developer options are enabled or disabled on device Boolean
Is Work Profile Supported? Indicates whether work profile is supported on device Boolean
Manufacturer Mobile device's manufacturer String
Release Version Mobile device's release version String
Security Patch Level Mobile device's security patch level Number
Brand Mobile device's brand String
Bootloader Version Mobile device's bootloader version String
Hardware Mobile device's hardware String
Encryption Status Mobile device's encryption status String
Password Status

Mobile device's password status:

  • Off

  • On

  • Unknown

String
DM Agent Permission

Role to which permissions are granted for device management:

  • Device administrator

  • Device owner

  • Profile owner

  • Undetected

String

Related topics

Google Workspace Admin connector

About the elements of Okta Workflows

Google Workspace API documentation