Break out screenshots from cast/screen sharing to allow management individually (use case of remote support blacking out the screen when screenshots are disabled)
Terminology updates – allowlist for whitelist, blocklist for blacklist (but in a way that doesn't break APIs, we don't need more of those) - These are showing up over time.
More dedicated default APIs (like SMS recently – launcher, phone, browser, etc, etc). Preferred intent works for tested use cases, but it could be improved.
Provisioning app caching for enrolment (DPC extras)
Allow extras to list apps to pull at time of provisioning, rather than waiting for enrolment; particularly for required_for_setup this can speed things up a fair bit. Allow DPC to "take over" if provisioning is quick and/or apps are slow to DL.
Admin acceptances of T&C's & SUW prompts (GMS core). I know this has been a point of contention for years, but ultimately whether Google wants end users to accept them or not, the reality is the hundreds of thousands staged and/or set up remotely from end users means they never check the boxes anyway.
For dedicated, multi-person devices, allow a config to accept SUW prompts for management and T&Cs on behalf of the company/admin, not the user. This is a massive time-suck for us today and doesn't suit the EDLA style deployment environments we work in. Allow ZT to be closer to actually ZT for staging and provisioning.
Allow force-skip OEM SUW panels. Often these block enrolment until something is done on the device.
Admin-configured SUW panel for support and/or enterprise information
Config of display density (zoom)
Config of time zone after provisioning
Config of locale after provisioning
A universal Android "offline solution" akin to what Apple offers for backup/restore. Swapping devices is still such a pain even on 13; cloud services are OK in what they restore, and the OEM solutions (Pixel, Samsung, etc) are a little better, but it's almost never guaranteed to be a carbon copy from one device to another, or even restoring the same device. I used to leverage TWRP, then later Helium, occasionally ADB backups, to do backup & restore as needed, but it's all too much effort or too technical for the wider market – it's such a low-hanging fruit
Passwordless Factory Reset Protection (FRP), allowing organisations to restrict setup of a device without the need to provide authentication for it (that often needs changing). Instead, set the device in a state that requires an auth/unlock code generated from an account, or lean on passkey/other auth methods instead.
EMM persistence after a factory reset, similar to FRP but allowing the DPC to write a persistence bit to disk, allowing a device to be reset in an unauthorised manner while still requiring a device goes back into management rather than permitting unmanaged setup where ZT/equivalent is not used
Enforce support for DPC migration, and improve UX for customers. See what apple are doing for comparison.
Partially added in AMAPI in Jan 2024, but as weakly implemented as you can imagine.
Logging/debugging capability during setup/enrolment
Give admins a means of allowing the existing feedback option in ADP to be shared with the system share activity.
Allow admins to generate a bug report during setup