# Filtering

## Overview <a href="#overview-0" id="overview-0"></a>

Managing the access and use of sensitive data is a key pillar of enterprise security. Role-based access control (RBAC) enables complex network environments to meet privacy and confidentiality regulations while securing business processes. Launcher's session application [layouts](https://docs.bluefletch.com/bluefletch-enterprise/product-guides/bluefletch-launcher/configurable-layouts/layouts) are based on RBAC to simplify granting data only to relevant users. Intent filtering applies this same principle to the intents that can be triggered to automatically run on devices at various [device event](https://docs.bluefletch.com/bluefletch-enterprise/product-guides/bluefletch-launcher/technical-guide#device-events) triggers.&#x20;

## User Guide <a href="#user-guide-1" id="user-guide-1"></a>

Filtered intents allows IT administrators to determine what intents will run on specific Android enterprise devices based on the logged-in user's session, device, or extended attribute information.

## Feature Configuration <a href="#feature-configuration-2" id="feature-configuration-2"></a>

Intents can be filtered to match any session, device, or extended attribute [replacement variable](https://docs.bluefletch.com/bluefletch-enterprise/product-guides/bluefletch-launcher/configurable-layouts/replacement-values) (for example: session.groups, session.location, session.userId, device.MODEL, device.BRAND, config.ex.deviceId, config.ex.siteId).&#x20;

* Use the documented [key-value pairs](https://docs.bluefletch.com/bluefletch-enterprise/product-guides/bluefletch-launcher/technical-guide#key-value-pairs) to build an intent
* Include a `"filter"` object where:&#x20;
  * The replacement variable key is paired with a string
  * The string lists one or more values to include in the filter
    * Use a pipe ( | ) symbol when listing multiple values

```json
"intents" : {
    "login" : [
        // Start an app on login for users with at least one of two IdP groups:
        {
            "package": "com.application.inventory",
            "flags": 1,
            "typeIntent": "a",
            "filter": {
                "session.groups": "SalesAssociate|Receiving"
            }
        },
        // Disable an app on login at three sites:
        {
            "action": "DISABLE",
            "typeIntent": "p",
            "package" : "com.some.package"
            "filter": {
                "session.location": "1001|9309|4146"
            }
        }
    ],
    "logout": [
        // Clear browser app caches on logout for one particular device:
        {
            "action": "CLEARCACHE",
            "package": "com.bluefletch.ems.browser",
            "typeIntent": "p",
            "filter": {
                "config.ex.deviceId": "24000XXX39526"
            }
        }
    ]
}
```

Alternatively, filtering can be accomplished with and/or [criteria](https://docs.bluefletch.com/bluefletch-enterprise/product-guides/bluefletch-launcher/configurable-layouts/criteria) and regular expressions (regex).

{% hint style="info" %}
Intent filtering was introduced in Launcher 3.16.15.
{% endhint %}