Externally hosted private apps
Private apps with externally hosted APKs are known as externally hosted apps. To distribute externally hosted apps through managed Google Play, you (or the app's developer) need to upload a JSON file containing the app's metadata to the Play Console.
Restrictions on externally hosted apps
Externally hosted apps are subject to the following restrictions:
- Externally hosted apps can only be published to production. Closed releases for externally hosted apps aren't supported.
- IT admins can't remotely install externally hosted apps on devices with work profiles. Work profile users must install them manually from managed Play.
- Android Auto second-screen projection is disabled. This is because all Auto-targeted apps must go through a specific review to ensure that they’re not distracting to drivers.
Generate JSON metadata file
To publish an externally hosted app, you need to upload a JSON file containing the app's metadata to the Play Console. This allows you to distribute your app to users in your organization through managed Google Play.
If your EMM provider doesn't offer a tool to generate this file, Google provides a Python script you can use to generate the file yourself. To use the script, the following must be installed on your machine and available on your system's PATH:
- Python 2.x
- Android Asset Packaging Tool
To generate the JSON file, execute the following command using your APK's path and URL:
Publish an externally hosted app in the Play Console
After generating your app's JSON metadata file, you can use the Play Console to publish the app:
- Sign in to the Google Play Console with your organization's administrator account.
If you haven't already, you need to associate this account with the Play Console (see Register for a Google Play Developer account for more details).
- Create a private app by publishing to your own organization.
- Create a production release:
- Select I am uploading a configuration for an APK hosted outside of Google Play.
- Upload the app's JSON metadata file.
Authenticate externally hosted APK download requests
When managed Play makes a request to download an APK from an external server, the request includes a cookie containing a JSON Web Token (JWT). We recommend decoding the JWT to authenticate the download. For more details, see Authenticating the download on the enterprise server.