Key-value pairs to configure app behavior

Table 1. key-value pairs to configure app behavior

Key	Value	Description
Specify the level of detail for logs
log_level	DEBUG INFO WARNING ERROR	Select one of the following: DEBUG: Includes debug level information for application flow and request, response messages for target repositories. This is the highest level and verbose, so choose this level only when needed. INFO: Includes only information related to specific flows and requests. WARNING: Includes only warnings about runtime errors and target repositories. ERROR: Includes only runtime errors, and error and status codes from requests to target repositories.
Email logs
support_email_id	Enter a valid email address.	Automatically populates the email address when the device user emails the device logs.
Block adding content
blocked_storage_domains	Box WebDav CIFS SharePoint	Blocks device users from adding the content site to [email protected]: Enter the values as a semicolon (;) separated list. Example: Box;Dropbox;CIFS Microsoft SharePoint includes Office 365 SharePoint sites. If SharePoint, Box, or Dropbox is blocked, the option will not be available when the device user tries to add a site. If WebDAV is blocked, both Network Drive and Ivanti Neurons for MDM storage options will not be available. All WebDAV and CIFS sites will be removed from [email protected] If CIFS is blocked, the device user is presented with an error message when trying to add a CIFS site. Existing CIFS sites will be removed. WebDAV sites will not be removed. Network Drive and Ivanti Neurons for MDM storage options will continue to be available when the device user tries to add a site. Documents from the blocked sites marked as Starred, Offline, or in Recents will be removed. Documents in My Files are not removed.
Block adding user sites
disable_user_sites	true false	Blocks device users from adding sites to [email protected] User added sites will be removed. Documents from user sites marked as Starred, Offline, or in Recents will be removed.
Restrict number of allowed user sites
restrict_number_of_user_sites	Connector type: Number of sites that are allowed. For example: SharePoint:2, Box:1	Restricts the number of User sites that a device user can add. If a site type is not configured, there are no restrictions on the number of User sites for that site type. Restricting number of User sites has no impact on blocked sites. This key-value pair only applies to allowed sites. The configuration is ignored if DISABLE_USER_SITES is true. Enter the following value: site type and number in the following format: Site type1:number; Site type2:number. Valid entries for site type are: SharePoint, Box, Dropbox, WebDAV, CIFS. Number is a positive integer greater than 0. In this example, the device user will be able to add up to two SharePoint sites, and only one Box site. There are no restrictions on any other type site.
Disable editing
disable_editing	true false	Disables the following in My Files and all content sites in [email protected]: Editing. Creating new files and folders. Importing images from photo gallery. Uploading to and deleting files in the backend resource.
Add group sites using key-value pairs
SITE_DETAILS_N	Where n is a number 1-100 Example: SITE_DETAILS_1 Enter parameters for the content site in the following JSON format: {"name":"name for the site","url":"valid url for the content repository including port","domain":"SharePoint", "subDomain":"Federated","priority":“true \| false”, "webView":“true \| false”} Example to add a SharePoint : {"name":"SharePoint Group","domain":"SharePoint","url":"https://SharePoint.com"} Example to add a Box Site: {"name":"Box1","domain":"BoxEnterprise","url":"https://www.box.com"} Ensure that there are no spaces Values are case sensitive Required parameters: “name”, “url”, “domain”, “subDomain”	Adding a SharePoint Group site with Federated authentication name for the site: The name is displayed in the [email protected] app. valid url for the content repository including port: The URL must start with http:// or https://. Both domain name and IP address are supported. If priority is not defined, the default setting is false. "priority":"false" identifies the content site as a Group site. Configuring “priority”:“true” identifies the site as a Published site. You can configure a site as a Published site only if “subDomain” is also configured. If "webView":"true", the SharePoint documents can be opened in Microsoft’s online web viewer and editor. The site is automatically a Group site. It cannot be configured as a Published site. Pushing Enterprise Box Site from Ivanti EPMM. Example: {"name":"SharePoint","url":"https:// sharepoint.acme.com","domain":"SharePoint","subDomain":"Federated","priority":"false"}
Autofill Credentials
autofill_credentials	Automatically populates the user name for the content site. Enter parameters for the content site in the following JSON format: {"URL":{"domainType":"DomainType","userName":"$USERID$","password":"$PASSWORD$"},"default":"Domain/$USERID$"} For JSON format: Ensure that there are no spaces. Values are case sensitive. Ensure that the JSON format is valid. The variable for user name can be preceded by either a single forward slash or two back slashes: Domain/$USERID$ or Domain\\$USERID$	URL: Enter the URL for the content site. Include the protocol. Example: http, https. Domain Type: Enter one of the following: SharePoint, WebDAV, Box, BoxEnterprise, CIFS. Domain: Enter the domain name to which the username defaults if the username for the URL cannot be resolved. Variables are not supported. password: The user is logged in automatically when the user navigates to the site from the Sites screen. This feature is applicable for CIFS and WebDAV sites only on Ivanti EPMM. $PASSWORD$ value is available only when admin enables "Save User Password" option on the device registration settings on Ivanti EPMM and user is registered to [email protected] Client. For more information, Ivanti EPMM documentation for its usage. The $PASSWORD$ option is not available for Ivanti EPMM. Examples: •{"https://sharepoint.miacme.com": {"domainType":"SharePoint","userName":"miacme/$USERID$"},"default":"miacme.com/$USERID$"} •{"https://sharepoint.miacme.com":{"domainType":"SharePoint","userName":"miacme\\$USERID$"},"default":"miacme.com\\$USERID$"} •{"default": "domain/$USERID$"}{"https://cifs.company.com:445": {"domainType": "CIFS","userName": "$USERID$","password":"$PASSWORD$"}} Copying and pasting JSON strings might result in invalid JSON. Ivanti recommends that you validate the JSON string before using it. There are validator tools such as JSONLint (jsonlint.com) that will help validate the JSON string.
Custom browser applications rather than default Safari browser
http_prefix	mibrowser: URLs starting with http:// are opened in [email protected] http: URLs starting with http:// are opened in Safari. googlechrome: URLs starting with http:// are opened in Google Chrome.	Allows users to tap on a URL starting with http:// and view the site in a browser. If the key-value pair is not configured, users will not be able to view an http link in a browser. If the key-value pair is not configured, http:// links are not opened in any browser. Ivanti recommends that both HTTP_PREFIX and HTTPS_PREFIX are configured. If only one URL scheme is configured, the unconfigured URL scheme will not be opened in any browser, thus impacting user experience.
https_prefix	mibrowsers: URLs starting with https:// are opened in [email protected] https: URLs starting with https:// are opened in Safari. googlechrome: URLs starting with http:// are opened in Google Chrome.	Allows users to tap on a URL starting with https:// and view the site in a browser. If the key-value pair is not configured, users will not be able to view an https link in a browser. If the key-value pair is not configured, https:// links are not opened in any browser. Ivanti recommends that both HTTP_PREFIX and HTTPS_PREFIX are configured. If only one URL scheme is configured, the unconfigured URL scheme will not be opened in any browser, thus impacting user experience.
Apply SSO label to add SharePoint site flow
apply_sso_label	true false	Changes the NoAuthn label to Corporate single sign-on (SSO) in [email protected] The NoAuthn option is seen in the Authentication settings for SharePoint sites in [email protected] There is no functional change.
Share PDF documents
ENABLE_PDF_DOCUMENT_DEFINE	true false	Makes the Share option available for PDF documents.
Default to Polaris Viewer instead of iOS Native Viewer
enable_polaris_viewer	true false	Use this key-value pair to set the [email protected] embedded viewer as default instead of iOS Native viewer.
Enable Polaris document content share
ENABLE_POLARIS_DOCUMENT_CONTENT_SHARE	true false	Makes the Share option available for Microsoft Office documents in Polaris editor, regardless of whether Copy/Paste is enabled in AppConnect policy. This key-value pair is case sensitive.
Load/Authentication SharePoint for WebView
ENABLE_WEBVIEW_AUTHENTICATION	•true •false	Use this key-value pair if the SharePoint server is not set up to use persistent authentication cookies and users encounter issues with opening WebView for SharePoint sites. This key-value pair is case sensitive.
Custom email app such as Email+ client
mailto_prefix	To open Email+, use: email+launcher://docsatwork?url=mailto: To open IBM verse, use ibmverse://com.ibm.lotus.traveler/mailto?to= To open SecurePIM, use spmailto:	Brings up the email client for which the schema is configured in mailto_prefix. Use this key-value pair to open the email client for which the schema is configured in mailto_prefix. Support for third party email client enabled.
Enable Certificate Based Authentication (CBA)
IdCertificate_1_host	IdCertificate_1_host IdCertificate_1	Use this key-value pair to enable the certificate-based authentiation (CBA). For example: cert_hostname such as (defender.stutz.qa.domain.com) SharePoint client-scep using authentication type. This key-value pair is case sensitive.
Enable Certificate Authorities
known_ca_<n>_<m>	id_certificate_n id_certificate_n_host	Support for private certs in id_Certificate_<n> if the root cert(s) is provided with the kvp known_ca_<n><m>.
Display SharePoint title for files and folders
show_title	true false	Displays user friendly title for files and folders in SharePoint. Use the following values to set the key-value pair: true: Enables title display. false: Disables title display. The default value is set to false.
Allow sending analytics from [email protected] to Mixpanel and Crashlytics
allow_analytics	true false	Use the following values to set the key-value pair: true: Enables sending analytics from [email protected] to Mixpane and Crashlyticsl. false: Disables sending analytics from [email protected] to Mixpanel and Crahlytics. If the key-value pair is not defined in the configuration, allow_analytics is set to true by default.
Enable watermarks when viewing documents
watermark_text	Use a user identifying variables a values such as, $USERID$ and $EMAIL$.	Displays a diagonal watermark text (provided by the administrator) over all the documents viewed or edited using [email protected]
Allow document sharing from [email protected]
mi_enable_doc_sharing	true false	Use this key-value pair to enable the [email protected] document sharing feature. Multiple file sharing from same folder is enabled in [email protected] using extension. Multi-select option is available for the following folders: My Files Recent Offline folders The default value is set to false, and must be set to true to enable document sharing.
Allow document sharing from [email protected] for AppConnect apps
MI_SHARED_GROUP_ID	A unique, sufficiently complex alphanumeric string	This key manages the decryption of documents from [email protected] extension. Once this key is set in [email protected] configuration, only the apps having the identical key value in their configuration would be able to decrypt the documents from [email protected] Extension. This is an optional key. The key is case sensitive. Enter the key in uppercase. IMPORTANT: Configure mi_enable_doc_sharing with value true to enable document sharing.
MI_AC_ACCESS_CONTROL_ID	A unique, sufficiently complex alphanumeric string	This key manages the access control between the apps. Once this key is set in [email protected] configuration, only the apps having the identical key value in their configuration would be able to access the documents from [email protected] Extension. Ensure that the key-value pair is configured in the Email+ configuration as well and that the value is identical (including case) in both [email protected] and Email+ configurations. The key is case sensitive. Enter the key in uppercase. IMPORTANT: Configure mi_enable_doc_sharing with value true to enable document sharing.
Allow document sharing from [email protected] for non AppConnect apps
MI_AC_DOCUMENT_EXTENSION_DLP	Sentry All	This key allows the admin to add attachements when you compose mail using Email+ or anyother email client. This key is applicable while sharing documents from [email protected] with non AppConnect apps.: Sentry: The documents are encrypted using Sentru attachement control key. All: The attachements are not encryptyed and are sent as plain text. The key is case sensitive. Enter the key in uppercase.
block_unmanaged_extension	true false	Allows the admin to block or unblock unmanaged versions of [email protected] from exposing the document extension to all the apps. Default is set to false. If an admin wants to restrict the document sharing extension to only managed apps, then the block_unmanaged_extension key should be set to true. In addition to this, a separate configuration parameter IS_MANAGED should be set to true via the iOS MDM managed configuration. A sample of sample of managed app configuration is as follows: <?xml version=“1.0” encoding=“ UTF‐8"?> <!DOCTYPE plist PUBLIC “‐// Apple//DTD PLIST 1.0//EN” “http://www.apple.com/ DTDs/PropertyList‐1.0.dtd“> <plist version=“1.0”> <dict> <key>IS_MANAGED</key> <true/> </dict> </plist>
IS_MANAGED	true false	Set this key to true if you want to restrict extension only to managed apps . A sample.contents of managed app is as follow: <?xml version=“1.0” encoding=“UTF-8"?> <!DOCTYPE plist PUBLIC “-//Apple//DTD PLIST 1.0//EN” “http://www.apple.com/DTDs/PropertyList-1.0.dtd“> <plist version=“1.0”> <dict> <key>IS_MANAGED</key> <true/> </dict> </plist> The default values is set to False.
Custom keyboards
MI_AC_IOS_ALLOW_CUSTOM_KEYBOARDS	true	This key allows the admin to enable or disable the use of custom keyboards. This key is enabled for AppConnect. This is case sensitive. true: [email protected] allows the use of custom keyboards false: [email protected] does not allow the use of custom keyboards. Default if key-value is not configured: true. This key-value pair is case sensitive.
AppConnect logs
MI_AC_LOG_LEVEL	Error Info Verbose Debug	Specifies the level of logging from the least to the most verbose. Default if key-value is not configured: true.
MI_AC_LOG_LEVEL_CODE	Any string	Underspecification prompted in [email protected] to activate AppConnect logs
MI_AC_ENABLE_LOGGING_TO_FILE	Yes No	Enables collecting AppConnect logs to a file in [email protected]
Allow digital signature for PDF
signing_certificate	Certificate	This key allows the admin to enable or disable the use of digital signature for PDF forms in [email protected] added. To enable digital signature add signing_certificate to [email protected] configuration to provide the certificate in .p12 format used for PDF signing.
signing_certificate_ca_(n)	Certificate	This key allows the admin to add multiple Certificate Authorities to trusted CA’s. If the signing_certificate is not issued by the CA which is not publicly trusted. The certificate must be DER-encoded. Where, the value of n can be 0 to 9. For example: signing_certificate_ca_0, signing_certificate_ca_1.
Miscelleneous
document_menu_restricted_items	define lookup	This key allows the admin to fix the text data leak from [email protected] document view or edit when you perform the Define and LookUp functions. For example: document_menu_restricted_items = define\|lookup
disable_slideshow_autolock	yes no	This key prevents the device screen from getting locked during Microsoft PowerPoint presentation after Auto Lock timeout.
group_offline_files	true false	Grouping offline files based on file path feature is added. To enabled this key set the "group_offline_files" key value to true in [email protected] key-value pairs. The default value of this KVP is false. Offline file grouping is only for the [email protected] and not for the file shown in the extension. After upgrade, if KVP is set to true, all offline files appear grouped.
filepass_key_identifier	A unique, sufficiently complex alphanumeric string.	This key allows admin to enable sharing documents securely between [email protected] and Microsoft IntuneMAM protected Office365 apps through FilePass. The value for this key-value pair needs to be same for the all the supported productivity apps ([email protected], Email+, and FilePass) participating in File Sharing with Microsoft Office 365 apps.
disable_download_upload_autolock	true false	This key allows admin to disable device auto-lock during download or upload. The default values is set to False.
allow_filename_special_characters	true false	This key allows admin to enable special characters in the file name for a new folder or file created in [email protected] The following special characters are allowed in the file names: ~`#%^+;={}[],.' Uploading files with special characters may not work for all the sites.