Quick start configuration AppConnect for iOS

MobileIron provides the default configurations needed to quickly set up and distribute AppConnect apps to devices. MobileIron provides the following default configurations for AppConnect for iOS:

• A default AppConnect Device configuration, Default iOS AppConnect Configuration, which includes the default AppConnect passcode and data loss prevention (DLP) settings that are automatically applied to all devices.

When you upload an AppConnect app to MobileIron Cloud, the app settings provided by the AppConnect app are automatically available. No additional app configurations are needed. Therefore, to quickly distribute an AppConnect app, simply add and distribute the AppConnect app as you would any other in-house app.

Adding AppConnect apps to MobileIron Cloud

The MobileIron AppConnect apps and many third-party AppConnect apps for iOS are available in the Apple App Store. By adding them to the MobileIron Cloud App Catalog, you can distribute them to devices using Apps@Work.

You add iOS AppConnect apps to MobileIron Cloud in the same manner you add any iOS apps. Apps are distributed to devices in the distribution list you selected when adding the app. To add AppConnect apps from the Apple App Store, go to Apps > App Catalog > +Add.

Before you begin 

If you are adding in-house AppConnect apps, obtain the apps. Check with the app developer for the location of in-house and third-party AppConnect apps. Place the IPA files where they are available for upload to MobileIron Cloud.

NOTE:

The AppConnect apps for iOS provided by MobileIron are available in the Apple App Store.

Procedure 

1. In MobileIron Cloud, go to Apps > App Catalog > iOS Store.

   Or, to add an in-house app, go to Apps > App Catalog > Add+ > In-House.

2. In the search box enter the name of the app to add.

   Or, to add an in-house app, click Choose File to navigate to the IPA file or drag and drop the IPA file.

   Figure 1. Find iOS AppConnect app in the Apple App Store

   

3. Select the app to add, and click Next

4. You can choose to keep the defaults or optionally, make selections for App Information, Screenshots, App Delegation, and Distribution by clicking Next.
5. Click Done to add the app to the App Catalog.

Next steps 

• If your app requires any custom configurations, create an AppConnect Custom Configuration.

  See Adding an AppConnect Custom Configuration.

• To customize the passcode and data loss prevention (DLP) settings, edit the Default iOS AppConnect Configuration configuration or create a new AppConnect Device configuration. See Editing AppConnect Devices configuration.

Related topics 

• See the MobileIron Cloud Administrator Guide or help for more information on adding apps to the MobileIron Cloud app catalog.
• See Quick start configuration AppConnect for iOS for the field descriptions and defaults for settings in the iOS AppConnect Device configuration.
• To add an AppTunnel configuration, see Adding an AppTunnel configuration

Adding an AppConnect Custom Configuration

The settings in an iOS AppConnect app are automatically available. To customize the app behavior, add certificates, or allow screen capture in the app, create an AppConnect Custom Configuration. You configure key-value pairs to cusomize the app behavior and add certificates for distribution.

Before you begin 

• Check your app documentation for the key-value pairs supported by your app.
• For the supported key-value pairs see AppConnect key-value Pairs.

Procedure 

1. In MobileIron Cloud, go to App > App Catalog.
2. Click the app listing to edit the settings.
3. Go to App Configurations > AppConnect Custom Configuration.
4. Click Add to add a new AppConnect Custom Configuration.
5. Enter a name for the configuration.
6. Enter the key-value pairs for the desired configuration and certificates.
7. Optionally, select Allow screen capture.
8. Select a distribution option.
9. Click Save.

Related topics 

AppConnect for iOS key-value pairs

Editing AppConnect Devices configuration

Using AppConnect for iOS requires that an AppConnect Devices configuration is set up. This configuration specifies settings that are not specific to a particular AppConnect app such as the AppConnect passcode requirements and data loss protection(DLP) requirements.

MobileIron provides a default AppConnect Devices configuration, Default iOS AppConnect Configuration, which is by default applied to all devices. You can either edit the default configuration for you specific deployment or create a new configuration.

Figure 2. Default AppConnect iOS Devices configuration

Procedure 

1. In your instance of MobileIron Cloud, go to Configurations > +Add.

2. Enter AppConnect Devices in the Search Configuration text box to filter quickly to the configuration.

   Figure 3. Add AppConnect Device configuration

   

3. Click the tile for AppConnect Device.
4. Select iOS to display the settings for the AppConnect Device configuration for iOS.
5. Update the settings as needed and click Next.
6. Select a distribution option and click Done.

Next steps 

To add an AppTunnel configuration, see Configuring AppTunnel for AppConnect appsThis step is optional.

Related topics 

iOS AppConnect Devices field description

iOS AppConnect Devices field description

The following table describes the settings in the AppConnect Devices configuration.

Table 1. iOS AppConnect Devices field description

Setting	What To Do
Name	Enter a name that identifies this configuration.
Description	Enter a description that clarifies the purpose of this configuration.
AppConnect Passcode
Secure Apps Passcode	Enable to require users to enter their secure apps passcode before accessing AppConnect apps.
4-digit numeric	Select to allow the passcode to have only 4 digits in it.
Alphanumeric	Select to require the passcode to contain at least one digit and one letter.
Maximum Password Age	Select an age from the list or select Custom to enter a specific number of days. Specifies the number of days the secure apps passcode is valid. The value is updated on a device when the next device check-in occurs. When the passcode age exceeds the specified age, device users see an alert after authenticating that the passcode has expired. Device users must create a new passcode before they can access secure apps. If you do not want the passcode to expire, select None, which is the default.
Auto-Lock	Select the maximum amount of time to allow as an inactivity timeout. After this period of inactivity in AppConnect apps, the device user is locked out of the apps if an AppConnect passcode is required. The device user must reenter the AppConnect passcode to access AppConnect apps.
Passcode history (1-50 passcodes)	Select a value from 1 to 50. This value specifies the number of most recently used secure apps passcodes that device users cannot use when changing their passcode. Case is not considered when passcode reuse is evaluated. This means that device users cannot just change the case for a past passcode and reuse that passcode. Password and passWord are considered the same when a passcode is evaluated for reuse. Passcode history is preserved even after AppConnect is disabled and re-enabled. By default, no value is set. In this case, the user can reuse any previous passcode, including the current passcode.
Maximum number of failed attempts	Select a value between 4 and 10. Select “--” if you do not want to limit failed attempts. If the device user fails to correctly enter the AppConnect passcode after a certain number of attempts, the user cannot access AppConnect apps. Device users must enter their Cloud credentials and then create a new AppConnect passcode. After the passcode is reset, the Go client does not flip back to the AppConnect app.
Enable Touch ID	Slide the toggle to ON to allow device users to enter their Touch ID (fingerprint) or Face ID, if available, to access secure apps.
App Authorization
App check-in interval	Enter the number of minutes the app should wait before checking in with MobileIron Cloud to receive AppConnect-related configuration updates. Note that app authorization is an automatic result of adding an app to the app catalog.
Unauthorized message	Enter the default message that is displayed to the user if the app is not authorized on the device. If you do not enter a default message, the system provides one.
Device Out of Contact
Wipe AppConnect device after	Enter the number days (1-90) that the device can remain out of contact before having its AppConnect data wiped. Enter 0 to disable this option. Once the configuration is applied to the device, wiping the AppConnect apps occurs on the device after the specified time without reconnecting to MobileIron Cloud.
Block AppConnect data after	Enter the number days (1-90) that the device can remain out of contact before having its AppConnect data blocked. Enter 0 to disable this option. Once the configuration is applied to the device, blocking the AppConnect apps occurs on the device after the specified time without reconnecting to MobileIron Cloud.
Data Loss Prevention Settings
Allow copy/paste to	Select to if you want the device user to be able to copy content from AppConnect apps to other apps. You can override this option in each app’s individual AppConnect container policy.
Allow printing	Select if you want AppConnect apps to be allowed to use print capabilities by default. You can override this option in each app’s individual AppConnect container policy.
Allow open-in	Select if you want AppConnect apps to be allowed to use the Open In (document interaction) feature by default. When you select this option, then select either: All apps Select if you want the app to be able to send documents to any other app. Whitelist Apps only Select if you want the app to be able to send documents only to the apps that you specify. Enter the name of each app in your App catalog to Whitelist, one per line, or in a semi-colon delimited list. Example   com.myAppCo.myApp1 com.myAppCo.myApp2;com.myAppCo.myApp3