Quick start configuration AppConnect for iOS

Ivanti provides the default configurations needed to quickly set up and distribute AppConnect apps to devices. The following default configurations for AppConnect for iOS are:

  • AppConnect Device configuration - Specifies security settings for AppConnect-enabled apps on devices.
  • Default iOS AppConnect Configuration - This includes the default AppConnect passcode and data loss prevention (DLP) settings that are automatically applied to all devices.

When you upload an AppConnect app to Ivanti Neurons for MDM, the app settings provided by the AppConnect app are automatically available. No additional app configurations are needed. Therefore, to quickly distribute an AppConnect app, simply add and distribute the AppConnect app as you would any other in-house app.

Adding AppConnect apps to Ivanti Neurons for MDM

The AppConnect apps and many third-party AppConnect apps for iOS are available in the Apple App Store. By adding them to the Ivanti Neurons for MDM App Catalog, you can distribute them to devices using Apps@Work.

You add iOS AppConnect apps to Ivanti Neurons for MDM in the same manner you add any iOS apps. Apps are distributed to devices in the distribution list you selected when adding the app. To add AppConnect apps from the Apple App Store, go to Apps > App Catalog > +Add.

Before you begin 

If you are adding in-house AppConnect apps, obtain the apps. Check with the app developer for the location of in-house and third-party AppConnect apps. Place the IPA files where they are available for upload to Ivanti Neurons for MDM.

The AppConnect apps for iOS provided by Ivanti are available in the Apple App Store.

Procedure 

  1. In Ivanti Neurons for MDM, go to Apps > App Catalog > iOS Store.

    Or, to add an in-house app, go to Apps > App Catalog > Add+ > In-House.

  2. In the search box enter the name of the app to add.

    Or, to add an in-house app, click Choose File to navigate to the IPA file or drag and drop the IPA file.

    Find iOS AppConnect app in the Apple App Store

  3. Select the app to add, and click Next

  4. You can choose to keep the defaults or optionally, make selections for App Information, Screenshots, App Delegation, and Distribution by clicking Next.
  5. Click Done to add the app to the App Catalog.

Next steps 

Adding an AppConnect Custom Configuration

The settings in an iOS AppConnect app are automatically available. To customize the app behavior, add certificates, or allow screen capture in the app, create an AppConnect Custom Configuration. You configure key-value pairs to customize the app behavior and add certificates for distribution.

Before you begin 

  • Check your app documentation for the key-value pairs supported by your app.
  • For the supported key-value pairs see AppConnect key-value Pairs.

Procedure 

  1. In Ivanti Neurons for MDM, go to App > App Catalog.
  2. Click the app listing to edit the settings.
  3. Go to App Configurations > AppConnect Custom Configuration and click +Add.
  4. Enter a name for the configuration.
  5. Enter the key-value pairs for the desired configuration and certificates. For more information, see Configuring the key-value pairs for the certificate and URL matching rule.
  6. Optionally, select Allow screen capture.
  7. Select a distribution option.
  8. Click Save.

AppConnect for iOS key-value pairs

Editing AppConnect Devices configuration

Using AppConnect for iOS requires that an AppConnect Devices configuration is set up. This configuration specifies settings that are not specific to a particular AppConnect app such as the AppConnect passcode requirements and data loss protection(DLP) requirements.

A Default iOS AppConnect Configuration is applied to all devices. You can either edit the default configuration for your specific deployment or create a new configuration.

Default AppConnect iOS Devices configuration

Procedure 

  1. In your instance of Ivanti Neurons for MDM, go to Configurations > +Add.
  2. Enter AppConnect Devices in the Search Configuration text box to filter quickly to the configuration.

    Add AppConnect Device configuration

  3. Click the tile for AppConnect Device.
  4. Select iOS to display the settings for the AppConnect Device configuration for iOS.
  5. Update the settings as needed and click Next.
  6. Select a distribution option and click Done.

Next steps 

To add an AppTunnel configuration, see Configuring AppTunnel for AppConnect appsThis step is optional.

iOS AppConnect Devices field description

iOS AppConnect Devices field description

The following table describes the settings in the AppConnect Devices configuration.

Table 5.  iOS AppConnect Devices field description

Setting

What To Do

Name

Enter a name that identifies this configuration.

Description

Enter a description that clarifies the purpose of this configuration.

AppConnect Passcode

Secure Apps Passcode

Enable to require users to enter their secure apps passcode before accessing AppConnect apps.

4-digit numeric

Select to allow the passcode to have only 4 digits in it.

Alphanumeric

Select to require the passcode to contain at least one digit and one letter.

Maximum Password Age

Select an age from the list or select Custom to enter a specific number of days.

Specifies the number of days the secure apps passcode is valid. The value is updated on a device when the next device check-in occurs. When the passcode age exceeds the specified age, device users see an alert after authenticating that the passcode has expired. Device users must create a new passcode before they can access secure apps.

If you do not want the passcode to expire, select None, which is the default.

Auto-Lock

Select the maximum amount of time to allow as an inactivity timeout. After this period of inactivity in AppConnect apps, the device user is locked out of the apps if an AppConnect passcode is required. The device user must reenter the AppConnect passcode to access AppConnect apps.

Passcode history (1-50 passcodes)

Select a value from 1 to 50.

This value specifies the number of most recently used secure apps passcodes that device users cannot use when changing their passcode.

Case is not considered when passcode reuse is evaluated. This means that device users cannot just change the case for a past passcode and reuse that passcode. Password and passWord are considered the same when a passcode is evaluated for reuse.

Passcode history is preserved even after AppConnect is disabled and re-enabled.

By default, no value is set. In this case, the user can reuse any previous passcode, including the current passcode.

Maximum number of failed attempts

Select a value between 4 and 10. Select “--” if you do not want to limit failed attempts.

If the device user fails to correctly enter the AppConnect passcode after a certain number of attempts, the user cannot access AppConnect apps.

Device users must enter their Ivanti Neurons for MDM credentials and then create a new AppConnect passcode. After the passcode is reset, the Go client does not flip back to the AppConnect app.

Enable Touch ID

Slide the toggle to ON to allow device users to enter their Touch ID (fingerprint) or Face ID, if available, to access secure apps.

App Authorization

App check-in interval

Enter the number of minutes the app should wait before checking in with Ivanti Neurons for MDM to receive AppConnect-related configuration updates. Note that app authorization is an automatic result of adding an app to the app catalog.

Unauthorized message

Enter the default message that is displayed to the user if the app is not authorized on the device. If you do not enter a default message, the system provides one.

Device Out of Contact

Wipe AppConnect device after

Enter the number days (1-90) that the device can remain out of contact before having its AppConnect data wiped. Enter 0 to disable this option.

Once the configuration is applied to the device, wiping the AppConnect apps occurs on the device after the specified time without reconnecting to Ivanti Neurons for MDM.

Block AppConnect data after

Enter the number days (1-90) that the device can remain out of contact before having its AppConnect data blocked. Enter 0 to disable this option.

Once the configuration is applied to the device, blocking the AppConnect apps occurs on the device after the specified time without reconnecting to Ivanti Neurons for MDM.

Data Loss Prevention Settings

Allow copy/paste to

Select to if you want the device user to be able to copy content from AppConnect apps to other apps. You can override this option in each app’s individual AppConnect container policy.

Allow printing

Select if you want AppConnect apps to be allowed to use print capabilities by default. You can override this option in each app’s individual AppConnect container policy.

Allow open-in

Select if you want AppConnect apps to be allowed to use the Open In (document interaction) feature by default.

When you select this option, then select either:

  • All apps
    Select if you want the app to be able to send documents to any other app.

  • Whitelist Apps only

    Select if you want the app to be able to send documents only to the apps that you specify. Enter the name of each app in your App catalog to Whitelist, one per line, or in a semi-colon delimited list.

    Example  

    com.myAppCo.myApp1

    com.myAppCo.myApp2;com.myAppCo.myApp3

Configuring iOS 16 compatibility for AppConnect quick start