Technical Guide
Last updated
Last updated
The EPM Plugin requires configuration of its overall settings and individual actions, as well as the triggering of intents to start, stop, and reconfigure the plugin, clearing of app data on logout, and a custom script to enable the credential capture to happen.
The configuration for EPM resides within the JSON.
object Stores key-value pairs that determine behavior common to all actions on the device - including what the actions' overlays will look like and whether they will use shared keys or not.
array List of action objects that define the specific credentials and automated button taps that will occur for each application.
overlayHeightPct
int Percentage of the screen that the overlay card will cover, as a whole number.
cardColor
string Hex code for the color of the overlay card.
disableContextMenu
boolean If set to true, will automatically dismiss the context menu that is displayed on long-press in Microsoft Authenticator and Edge apps. Introduced in Launcher version 3.23.0. Default is false.
actionId
string Descriptive name to identify the action that will be triggered.
credentialId
string Defines whether or not the action should apply credentials captured by the custom script. Based on the custom_script JS, your BlueFletch rep can tell you what string to set (e.g. "bf_creds" or "azure_creds"). An invalid descriptive string such as "#nocreds-teams#" can indicate that the action will not use captured credentials for that action.
packages
string Package name of the application for which the action applies. Starting with version 1.0.30, you can specify a comma-separated list of packages where this action will run. Example: To use the same action on either com.android.chrome or com.mozilla.firefox: "package" : "com.android.chrome,com.mozilla.firefox"
pageText
array List of strings that identify application page on which to apply the action. Pages are identified by the presence of the selected strings. Suggestion: Pick a string or partial string that is unique to each page.
usernameHints
array List of strings that identify an application's username text fields by the placeholder hint texts present in them.
usernameUseImeSubmit
boolean if set to true, EPM will trigger the "Enter" key after auto-filling the username. Default is false, available starting in 1.0.30.
passwordHints
array List of strings that identify an application's password text fields by the placeholder hint texts present in them.
passwordUseImeSubmit
boolean if set to true, EPM will trigger the "Enter" key after auto-filling the password. Default is false, available starting in 1.0.30.
submitButtonHints
array List of strings that identify submit buttons that will be tapped by the button's text. Usually submit buttons follow username or password entry.
submitButtonUseIme
boolean if set to true, EPM will perform a FOCUS then ENTER on the specified button, otherwise it will perform a CLICK. Default is false, available starting in 1.0.30.
textButtonHints
array List of strings that identify non-submit buttons that will be tapped by the button's text. Usually text buttons are for proceeding through welcome screens that do not require credentials.
haltOnErrorHints
array List of strings that if encountered on the screen will trigger the action to pause and allow the user to resume control. Including strings or partial strings of errors in this array prevents an action from getting stuck in a loop of failed attempts.
Three intent actions are required to enable, disable, and reconfigure the EPM plugin.
com.bluefletch.ems.epm.ACTION_RDR_ENABLE should be triggered to run on every login to enable EPM.
com.bluefletch.ems.epm.ACTION_RDR_DISABLE should be triggered to run on every logout to disable EPM when it is not needed.
com.bluefletch.ems.epm.ACTION_CONFIG_RELOAD should be triggered to run regularly outside of the session to periodically reload the configuration to the EPM plugin. Some custom intent timings to consider using: preLogin, postLogout, cradle, or uncradle.
For example:
To remove the credentials used to login to native apps on logout, Launcher must be allowed to clear app data on the the authentication module and all applications that have used EPM to login during a session. The EPM package itself should not have its data cleared, however, to retain its Accessibility permission.
A custom Javascript file provided by BlueFletch is required to capture credentials when logging in through the (for example, using an 4 OIDC application). BlueFletch recommends defining the custom script path using .