Manage Chrome devices with EMM console

For administrators who manage Chrome devices for a business or school.

As a Chrome administrator, if you have an approved EMM partner, you can use your enterprise mobility management (EMM) console to manage your Chrome devices and policies.

Approved EMM partners

Approved EMM partners can provide tools to help you manage Chrome devices and policies within your organization. There are 5 approved partners:

  • Cisco© Meraki©
  • Citrix© XenMobile©
  • IBM© MaaS360©
  • ManageEngine© Mobile Device Manager Plus©
  • VMWare© Airwatch©

Note: To manage Chrome devices through an EMM partner, you need Chrome Enterprise license(s) in addition to any licenses that may be required by an EMM provider.

Considerations when using the EMM console

One console usually suits most admins—you can integrate all the devices together and manage them in one place. However, you can use the EMM console and the Google Admin console together. If you do:

  • EMM console settings take precedence over settings in the Admin console.
  • Devices and users might belong to different organizational units in each console. In turn, the same device might have a different policy in each console.

Turn on access to the EMM console

Step 1: Set up OAuth 2.0

You need to set up OAuth 2.0 to authenticate and authorize APIs. For details, see Using OAuth 2.0 to Access Google APIs.

Step 2: Turn on access to the EMM console for devices

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Device managementand thenChrome management.

    If you don't see Device management on the Home page, click More controls at the bottom.

  3. Click Device settings.
  4. (Optional) To customize the management level across organizational units, on the left, select an organization.
  5. In the Chrome Management - Partner Access section, check the Enable Chrome Management - Partner Access box.
  6. Agree to enable partner access and click Enable Chrome Management - Partner Access.
  7. Click Save.

Step 3: Turn on access to the EMM console for users

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Device managementand thenChrome management.

    If you don't see Device management on the Home page, click More controls at the bottom.

  3. Click User settings.
  4. In the Chrome Management - Partner Access section, check the Enable Chrome Management - Partner access box.
  5. Agree to enable partner access and click Enable Chrome Management - Partner Access.
  6. Click Save.

Step 4: Set up Android for your organization

To use the EMM console to manage Android apps on Chrome devices, you need to set up Android for your organization. For details, see Set up a third-party EMM provider.

Stop using the EMM console to manage devices

When you stop using the EMM console to manage devices, the policies that you set (or have already set) in the Admin console are immediately applied to users and devices.

To quit using the EMM console, follow the steps below or you can revoke OAuth 2.0 authorization. For details, see Revoking a token

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Device managementand thenChrome management.

    If you don't see Device management on the Home page, click More controls at the bottom.

  3. Click Device Settings.
  4. In the Chrome Management - Partner Access section, uncheck the Enable Chrome Management - Partner Access box.
  5. Click Save.
  6. Go back to Device management and click Chrome management.
  7. Uncheck the Enable Chrome Management - Partner access box and click Save.
Was this article helpful?
How can we improve it?