Overview

Product Overview

The Bluefletch Enterprise Launcher is a home screen for rugged devices, specifically for use in a shared device model. Launcher automatically creates a default home screen which presents applications to users based on their role and restricts access to other applications using a configurable whitelist. Launcher also prevents the user from accessing the device settings and disables other UI elements that may allow the user to access the settings.

Using the optional Authentication module, the Launcher provides single sign-on on the device by authenticating the user through the customer’s identity provider and allowing other applications to verify authentication via the Launcher. The Launcher also provides a notification drawer where the administrator can configure applications that are permitted to show notifications.

The Bluefletch Enterprise Launcher is deployed and managed using the customer’s MDM just like any other application, and the configuration is a file that is sent to the device via the MDM. The application can work offline and does not require network access to function (unless required for authentication).

Architecture

Launcher Components

Core Launcher: component that provides the general Home Screen functionality on the Android device and acts as the controller for theming, retrieving configuration, managing sessions, app whitelisting and locking down the device as a shared-user device.

Launcher Login: component responsible for authenticating with the customer’s identity provider. Currently supports LDAP, OAuth2 and OpenID Connect, using Chrome Custom Tabs, providing SSO based on Chrome Custom tab support. Prebuilt libraries include support for Office365, GSuite, and Okta. See Authentication for additional information.

Launcher Provider: helper component for custom applications used as an SDK to access the internal managed session and configuration. Customers can include this SDK in their internal applications to determine session state and perform actions based on sign-on/sign-off events to easily enable SSO on the device.

Configuration

The Launcher supports a configuration file that allows for device administrators to control the look and feel, device actions, authentication providers, and much more.

Your organizations launcher.json file should be saved under the data location of launcher: /sdcard/Android/data/com.bluefletch.launcher/files/blueLauncher/launcher.json

This configuration file can be updated via an Organizations MDM.

The Launcher will pickup any changes to this file and reapply to the application.

For a full list of configuration values, see the configuration page.

Application Details

Package: com.bluefletch.launcher

To start use com.bluefletch.launcher.Launcher

Example ADB Command

adb shell am start -n com.bluefletch.launcher/com.bluefletch.launcher.Launcher

Example AirWatch Command

mode=explicit,action=android.action.intent.MAIN,package=com.bluefletch.launcher,class=com.bluefletch.launcher.Launcher,broadcast=false

Permissions via ADB

adb shell pm grant com.bluefletch.launcher android.permission.READ_PHONE_STATE
adb shell pm grant com.bluefletch.launcher android.permission.RECEIVE_BOOT_COMPLETED
adb shell pm grant com.bluefletch.launcher android.permission.READ_EXTERNAL_STORAGE
adb shell pm grant com.bluefletch.launcher android.permission.WRITE_EXTERNAL_STORAGE
adb shell pm grant com.bluefletch.launcher android.permission.ACCESS_NETWORK_STATE
adb shell pm grant com.bluefletch.launcher android.permission.ACCESS_FINE_LOCATION
adb shell pm grant com.bluefletch.launcher android.permission.INTERNET
adb shell pm grant com.bluefletch.launcher android.permission.NFC

Permission via SOTI

afw_set_permission_grant_state com.bluefletch.launcher android.permission.READ_PHONE_STATE allow
afw_set_permission_grant_state com.bluefletch.launcher android.permission.RECEIVE_BOOT_COMPLETED allow
afw_set_permission_grant_state com.bluefletch.launcher android.permission.READ_EXTERNAL_STORAGE allow
afw_set_permission_grant_state com.bluefletch.launcher android.permission.WRITE_EXTERNAL_STORAGE allow
afw_set_permission_grant_state com.bluefletch.launcher android.permission.ACCESS_NETWORK_STATE allow
afw_set_permission_grant_state com.bluefletch.launcher android.permission.ACCESS_FINE_LOCATION allow
afw_set_permission_grant_state com.bluefletch.launcher android.permission.INTERNET allow
afw_set_permission_grant_state com.bluefletch.launcher android.permission.NFC allow

Launcher Setup

See the Quick Start Guide on setting up the Launcher.

Launcher Provider

The Launcher provides access to the Session content as well as the settings via the Launcher provider.

See Launcher Provider for additonal information.