When an iOS device user can use AppConnect for iOS

An iOS device user can use an AppConnect app only if:

• The device user has been authenticated through Ivanti Neurons for MDM.

  The user must use the Go for iOS app to register the device with Ivanti Neurons for MDM. Registration authenticates the device user.

• You have authorized the app to run on the device.

  If the app is not authorized, the app does not allow the device user to access any secure data or functionality. If a device user launches an unauthorized wrapped app, the app displays a message and exits. An SDK app (an app built with AppConnect for iOS SDK or Cordova Plugin) should have the same behavior if the app handles only secure data and functionality. Otherwise, an SDK app runs but restricts the user to only unsecured functionality and data.

  To authorize an AppConnect app for a device, you apply the appropriate labels to the app’s AppConnect container policy.

• No situation has caused an authorized AppConnect app to become unauthorized for a device.

  These situations include, for example, when the device OS is compromised. Go reports device information to Ivanti Neurons for MDM. Ivanti Neurons for MDM then determines whether to change the AppConnect apps on the device to unauthorized based on security policies and associated compliance actions that you configure.

• The device user has entered the AppConnect passcode or Touch ID / Face ID.

  You configure whether the AppConnect passcode is required, and also configure rules about its complexity. You also configure whether the device user can use Touch ID or Face ID to access secure apps.