Quick start configuration AppConnect for iOS
Ivanti provides the default configurations needed to quickly set up and distribute AppConnect apps to devices. The following default configurations for AppConnect for iOS are:
- AppConnect Device configuration - Specifies security settings for AppConnect-enabled apps on devices.
- Default iOS AppConnect Configuration - This includes the default AppConnect passcode and data loss prevention (DLP) settings that are automatically applied to all devices.
When you upload an AppConnect app to Ivanti Neurons for MDM, the app settings provided by the AppConnect app are automatically available. No additional app configurations are needed. Therefore, to quickly distribute an AppConnect app, simply add and distribute the AppConnect app as you would any other in-house app.
Adding AppConnect apps to Ivanti Neurons for MDM
The AppConnect apps and many third-party AppConnect apps for iOS are available in the Apple App Store. By adding them to the Ivanti Neurons for MDM App Catalog, you can distribute them to devices using [email protected]
You add iOS AppConnect apps to Ivanti Neurons for MDM in the same manner you add any iOS apps. Apps are distributed to devices in the distribution list you selected when adding the app. To add AppConnect apps from the Apple App Store, go to Apps > App Catalog > +Add.
Before you begin
If you are adding in-house AppConnect apps, obtain the apps. Check with the app developer for the location of in-house and third-party AppConnect apps. Place the IPA files where they are available for upload to Ivanti Neurons for MDM.
The AppConnect apps for iOS provided by Ivanti are available in the Apple App Store.
Procedure
-
In Ivanti Neurons for MDM, go to Apps > App Catalog > iOS Store.
Or, to add an in-house app, go to Apps > App Catalog > Add+ > In-House.
-
In the search box enter the name of the app to add.
Or, to add an in-house app, click Choose File to navigate to the IPA file or drag and drop the IPA file.
Find iOS AppConnect app in the Apple App Store
-
Select the app to add, and click Next
- You can choose to keep the defaults or optionally, make selections for App Information, Screenshots, App Delegation, and Distribution by clicking Next.
- Click Done to add the app to the App Catalog.
Next steps
-
If your app requires any custom configurations, create an AppConnect Custom Configuration.
- To customize the passcode and data loss prevention (DLP) settings, edit the Default iOS AppConnect Configuration configuration or create a new AppConnect Device configuration. See Editing AppConnect Devices configuration.
- See the Ivanti Neurons for MDM Administrator Guide or help for more information on adding apps to the Ivanti Neurons for MDM app catalog.
- See Quick start configuration AppConnect for iOS for the field descriptions and defaults for settings in the iOS AppConnect Device configuration.
- To add an AppTunnel configuration, see Adding an AppTunnel configuration
Adding an AppConnect Custom Configuration
The settings in an iOS AppConnect app are automatically available. To customize the app behavior, add certificates, or allow screen capture in the app, create an AppConnect Custom Configuration. You configure key-value pairs to customize the app behavior and add certificates for distribution.
Before you begin
- Check your app documentation for the key-value pairs supported by your app.
- For the supported key-value pairs see AppConnect key-value Pairs.
Procedure
- In Ivanti Neurons for MDM, go to App > App Catalog.
- Click the app listing to edit the settings.
- Go to App Configurations > AppConnect Custom Configuration and click +Add.
- Enter a name for the configuration.
- Enter the key-value pairs for the desired configuration and certificates. For more information, see Configuring the key-value pairs for the certificate and URL matching rule.
- Optionally, select Allow screen capture.
- Select a distribution option.
- Click Save.
AppConnect for iOS key-value pairs
Editing AppConnect Devices configuration
Using AppConnect for iOS requires that an AppConnect Devices configuration is set up. This configuration specifies settings that are not specific to a particular AppConnect app such as the AppConnect passcode requirements and data loss protection(DLP) requirements.
A Default iOS AppConnect Configuration is applied to all devices. You can either edit the default configuration for your specific deployment or create a new configuration.
Default AppConnect iOS Devices configuration
Procedure
- In your instance of Ivanti Neurons for MDM, go to Configurations > +Add.
-
Enter AppConnect Devices in the Search Configuration text box to filter quickly to the configuration.
Add AppConnect Device configuration
- Click the tile for AppConnect Device.
- Select iOS to display the settings for the AppConnect Device configuration for iOS.
- Update the settings as needed and click Next.
- Select a distribution option and click Done.
Next steps
To add an AppTunnel configuration, see Configuring AppTunnel for AppConnect appsThis step is optional.
iOS AppConnect Devices field description
iOS AppConnect Devices field description
The following table describes the settings in the AppConnect Devices configuration.
|
Setting |
What To Do |
|---|---|
|
Name |
Enter a name that identifies this configuration. |
|
Description |
Enter a description that clarifies the purpose of this configuration. |
|
AppConnect Passcode |
|
|
Secure Apps Passcode |
Enable to require users to enter their secure apps passcode before accessing AppConnect apps. |
|
4-digit numeric |
Select to allow the passcode to have only 4 digits in it. |
|
Alphanumeric |
Select to require the passcode to contain at least one digit and one letter. |
|
Maximum Password Age |
Select an age from the list or select Custom to enter a specific number of days. Specifies the number of days the secure apps passcode is valid. The value is updated on a device when the next device check-in occurs. When the passcode age exceeds the specified age, device users see an alert after authenticating that the passcode has expired. Device users must create a new passcode before they can access secure apps. If you do not want the passcode to expire, select None, which is the default. |
|
Auto-Lock |
Select the maximum amount of time to allow as an inactivity timeout. After this period of inactivity in AppConnect apps, the device user is locked out of the apps if an AppConnect passcode is required. The device user must reenter the AppConnect passcode to access AppConnect apps. |
|
Passcode history (1-50 passcodes) |
Select a value from 1 to 50. This value specifies the number of most recently used secure apps passcodes that device users cannot use when changing their passcode. Case is not considered when passcode reuse is evaluated. This means that device users cannot just change the case for a past passcode and reuse that passcode. Password and passWord are considered the same when a passcode is evaluated for reuse. Passcode history is preserved even after AppConnect is disabled and re-enabled. By default, no value is set. In this case, the user can reuse any previous passcode, including the current passcode. |
|
Maximum number of failed attempts |
Select a value between 4 and 10. Select “--” if you do not want to limit failed attempts. If the device user fails to correctly enter the AppConnect passcode after a certain number of attempts, the user cannot access AppConnect apps. Device users must enter their Ivanti Neurons for MDM credentials and then create a new AppConnect passcode. After the passcode is reset, the Go client does not flip back to the AppConnect app. |
|
Enable Touch ID |
Slide the toggle to ON to allow device users to enter their Touch ID (fingerprint) or Face ID, if available, to access secure apps. |
|
App Authorization |
|
|
App check-in interval |
Enter the number of minutes the app should wait before checking in with Ivanti Neurons for MDM to receive AppConnect-related configuration updates. Note that app authorization is an automatic result of adding an app to the app catalog. |
|
Unauthorized message |
Enter the default message that is displayed to the user if the app is not authorized on the device. If you do not enter a default message, the system provides one. |
|
Device Out of Contact |
|
|
Wipe AppConnect device after |
Enter the number days (1-90) that the device can remain out of contact before having its AppConnect data wiped. Enter 0 to disable this option. Once the configuration is applied to the device, wiping the AppConnect apps occurs on the device after the specified time without reconnecting to Ivanti Neurons for MDM. |
|
Block AppConnect data after |
Enter the number days (1-90) that the device can remain out of contact before having its AppConnect data blocked. Enter 0 to disable this option. Once the configuration is applied to the device, blocking the AppConnect apps occurs on the device after the specified time without reconnecting to Ivanti Neurons for MDM. |
|
Data Loss Prevention Settings |
|
|
Allow copy/paste to |
Select to if you want the device user to be able to copy content from AppConnect apps to other apps. You can override this option in each app’s individual AppConnect container policy. |
|
Allow printing |
Select if you want AppConnect apps to be allowed to use print capabilities by default. You can override this option in each app’s individual AppConnect container policy. |
|
Allow open-in |
Select if you want AppConnect apps to be allowed to use the Open In (document interaction) feature by default. When you select this option, then select either:
|