search

Kunzisoft / KeePassDX

Lightweight vault and password manager for Android, KeePassDX allows editing encrypted data in a single file in KeePass format and fill in the forms in a secure way.
https://www.keepassdx.com/
GNU General Public License v3.0
4.57k stars 270 forks source link

Implement Intune App SDK #1565

Open jkrgr0 opened 1 year ago

jkrgr0 commented 1 year ago

Is your feature request related to a problem? Please describe. I use a KeePass database at work for my work-related accounts. My company now has enabled Intune App Protection Policies which restricts the usage of company data (e.g. files stored in OneDrive) to only be allowed for approved/managed apps.
Since KeePassDX has not implemented the Intune App SDK, the app is not recognized as a managed app by Intune and cannot be used in a scenario like this. The Intune App SDK is required for apps to be used with the Intune App Protection policies.

Describe the solution you'd like If the Intune App SDK is being implemented in KeePassDX, the app can be managed by Intune and is recognized by Intune as a managed app. Additionally Intune admins are able to customize the app behavior via Intune.

Describe alternatives you've considered -/-

Additional context Add any other context or screenshots about the feature request here.

J-Jamet commented 1 year ago

KeePassDX does not use OneDrive, so there is no reason to install this SDK.

jkrgr0 commented 1 year ago

Let me explain this further:
When using KeePassDX on a device which is managed by Intune, this device has a private and work profile where apps and data are separated from each other.
If KeePassDX is installed inside the work profile, the user can only access files present in this profile. When the user now tries to open an existing database the android file picker is launched and the user can select the database.
Since the Intune App SDK is currently not implemented in KeePassDX, this app is considered as unmanaged and cannot access files anywhere if a Intune App Protection policy is configured with specific settings to block unmanaged apps to access files in the work profile.
By implementing the Intune App SDK the support for using Intune App Protection policies with this app is added.

J-Jamet commented 1 year ago

Sorry but the point 2/ of the license is already problematic. https://github.com/msintuneappsdk/ms-intune-app-sdk-android/blob/master/Microsoft%20License%20Terms%20Intune%20App%20SDK%20for%20Android.pdf I'm not familiar with this SDK on top of the MDM, but I imagine the administrator should be able to authorize applications that don't contain the SDK from an enterprise interface, otherwise we would have to add all the SDKs of the same kind every time a new MDM tool is used on commonly used applications.