About real-time push notifications for Email+ for iOS

Email+ can be set up to receive real-time push notifications. Real-time notifications require additional setup with the Cloud notification service (CNS).

The Cloud notification service (CNS) is a cloud-based service hosted on Amazon Web Services (AWS) that provides real-time push notifications for Email+ for iOS users through Microsoft Exchange Web Services (EWS), Amazon Simple Notification Service (SNS), and Apple Push Notification Service (APNs). Need for a notification service

Need for a notification service

As a third-party app, Email+ for iOS is not permitted by iOS to execute for an unlimited period of time when the app is in the background. Only apps developed by Apple, such as the native mail app, are able to execute for an unlimited period of time in the background. Therefore, even though both native mail and Email+ use the ActiveSync protocol, only the native mail app can get real-time notifications.

The Cloud-based notification service (CNS) addresses this limitation by using the Apple APNS push notification service to notify users about new emails even when Email+ is running in the background on iOS devices. New emails also include calendar invites.

About the cloud notification service for Email+ for iOS

Cloud-based notification service enables Email+ for iOS to check new emails at regular intervals. The cloud server sends a periodic APNs message to devices with Email+ for iOS installed. The periodic APNs message triggers iOS to launch Email+ for iOS in the background, allowing Email+ to download new email from the mail server and notify device users accordingly. Administrators can optionally set the interval at which Email+ app checks for new email.

The notification service is configured on Core using key-value pairs added to the AppConnect app configuration for Email+ for iOS.

Configuring the cloud notification service for Email+ for iOS involves the following main steps:

  • Provide an email address to Ivanti for registration with the cloud notification service.

No push notifications will be sent to this email address.

  • Configure your organization ID and token (received from Ivanti) in Core.

Before you begin 

Configure, distribute, and install Email+ for iOS on all iOS devices.

Configuring cloud notification service for Email+

You must provide Ivanti with the name of your organization and an email address to which the cloud notification service is to be registered. Ivanti will register your organization with the service, and provide an organization ID and token (for security purposes) to be configured on Core. The ID and token will allow Email+ for iOS to use the service.

To configure the cloud notification service for Email+ for iOS:

1. Navigate to the Customer Support Portal at http://help.mobileiron.com.
2. Enter your log in credentials.
3. Click the Software link at the top of the page.
4. On the Software page, click the Cloud Notification Service (CNS) for iOS Email+ link.
5. To register for the service, click Register Cloud Notification Service for iOS Email+.

Make sure popup windows are enabled in your browser.

6. On the registration page, enter the following information in the space provided:
  • Email: The email address to which the cloud notification service is to be registered.
  • Organization: The name of your organization.

Make sure the email address you provide to Ivanti is an externally facing group address (not the email address of an individual), such as [email protected].

7. Click Register.

The registration page shows the email address and organization you entered, as well as an authorization token for the cloud server.

After Ivanti has registered your details, you will receive an email with the following information:

Item

Description

Name

The name of your organization as provided to Ivanti. For example, Acme Corp.

Email

The email address you provided to Ivanti, for example [email protected].

ID

An ID for your organization generated by Ivanti. For example: 000000b0-e000-00eb-a0ba-000000ba000c

Token

A randomly generated string from Ivanti, representing an authorization token for the cloud server.

8. Copy the token and paste it into a text editor.
9. In the Core Admin Portal, go to Policy & Configs > Configurations.
10. Select the AppConnect app configuration you created for Email+.
11. Click Edit.
12. Add the following key-value pairs:

Key

Decription

notification_server_host

Enter the URL of the notification server:

  • cns-na1.mobileiron.com/PROD (interval-based push notifications)
  • cns.mobileiron.com/PROD (real-time notifications)

 

The name of your organization as provided to Ivanti. For example, Acme Corp.

allow_device_keychain

Enter a value of true to enable Email+ for iOS to fetch email in the background.

notification_server_organization_id

Enter your organization’s ID as provided to you by Ivanti. Use this KVP for interval-based push notifications.

notification_server_authorization

Copy and paste the token you received after you registered for the cloud notification service. Use this KVP for interval-based push notifications.

notification_interval

Optional. Enter the desired notification interval in seconds. The recommended interval is range is 5 minutes (300 seconds) to15 minutes (900 seconds). Use this KVP for interval-based push notifications.

13. Click Save.
14. The updated AppConnect app configuration for Email+ for iOS will be sent to devices at the next sync interval.

Verifying the working of cloud notification service

To confirm if the cloud notification service is working:

Before you begin 

Ensure that you have a registered email address to configure and access the Email+ app.

  1. Install the Email+ iOS app and log in with the registered email address.

  2. Place the Email+ app in the background mode without exiting the app.

  3. Send a mail to the registered email address. New mail notification is received on the iOS device.

    The time taken to get new mail notification on your iOS device should be same as the interval at which the cloud service sends a push notification to iOS devices.

How the notification service works

Email+ uses Microsoft’s Exchange Web Services (EWS) protocol to subscribe with Exchange to receive push notifications. As a result of the EWS subscription, Exchange sends a brief message to the Cloud-based notification service (CNS) when a new message is received.The Cloud notification service is hosted on Amazon Web Services (AWS) and uses Amazon’s SNS service in conjunction with Apple’s APNs service to send notifications to iOS devices. The APNs message triggers iOS to launch Email+ for iOS in the background, allowing Email+ to notify device users of new emails.

No sensitive user data or email content is transferred from Exchange to CNS. No corporate data or user identity information is stored on CNS, thus making the notification service safe and secure. Only the following information is sent from EWS to CNS:

    1. The unique EWS subscription ID of the user.
    1. Watermark to avoid duplicate notifications.
    1. The folder ID of the sub folder from which the new email originated.

CNS does not make any requests to the Exchange server.

The notification service is configured via the Unified endpoint management (UEM) platform using key-value pairs added to the AppConnect app configuration for Email+ for iOS.

Figure 1. Real time push notification architecture

1. Subscription workflow:

a. Device registers with Apple APNs.

b. Devices registers with the EWS service on Exchange.

2. A new email arrives on the Exchange server.
3. Exchange notifies MobileIron CNS.
4. MobileIron CNS triggers APNs.
5. APNs notifies the iOS device.
6. Notification workflow on Email+:

This feature requires users to be subscribed to CNS v2 for Real Time Notifications.

a. iOS displays a notification to the user indicating that there are new messages.

b. iOS wakes up Email+ in the background.

c. Email+ wakes up and fetches the email messages from the Exchange server via ActiveSync. Note that the email headers are fetched, and the body snippet is used for list view. The entire email body is not fetched.

d. Email+ replaces the previous notification with details of the new messages.