AppConnect passcode and Touch ID/Face ID policy

The Ivanti server administrator determines:

• whether the AppConnect passcode or Touch ID/Face ID is required, which requires the device user to enter a passcode or Touch ID/Face ID to access any secure enterprise apps.

• the complexity of the AppConnect passcode.

• the auto-lock time for the AppConnect passcode or Touch ID/Face ID. After this period of inactivity in AppConnect apps, the device user is locked out of the apps until he enters the AppConnect passcode or Touch ID/Face ID.

The AppConnect for iOS Wrapper Library and the Ivanti client app enforce the AppConnect passcode or Touch ID/Face ID policy as follows:

• The Ivanti server notifies the Ivanti client app when the server administrator has enabled an AppConnect passcode or Touch ID/Face ID. The client app prompts the user to set the AppConnect passcode or enter the Touch ID/Face ID the next time that the device user launches or switches to a secure enterprise app.

• The client app prompts the user to set the AppConnect passcode the next time the device user launches or switches to a secure enterprise app after the server has notified the client app that the passcode’s complexity rules have changed.

• The user is prompted to enter the AppConnect passcode or Touch ID/Face ID when the user subsequently launches or switches to a secure enterprise app but the auto-lock time has expired.

• The user is prompted to enter the passcode or Touch ID/Face ID when the auto-lock time expires while the user is running a secure enterprise app.