Home » App Management for iOS, macOS, iPadOS & tvOS
pdf icon
Category Filter

iOS Apps Configurations

Managed App Configuration (often called "App Config") is a feature of iOS and macOS that allows MDM to push specific settings and preferences directly to a managed application. Instead of requiring users or IT admins to configure an app after installation manually, these settings are automatically applied upon app installation or update. The mechanism relies on a predefined schema, typically a property list (plist) in XML format, that is created by the app's developer. This schema defines the configurable keys. The MDM server pushes these key-value pairs to the device, and the iOS system delivers them to the designated app.

Why is Managed App Configuration Valuable?

  • Standardization: Ensures every instance of an app across your fleet is configured identically according to corporate policy.
  • Zero-Touch Deployment: Apps are installed and configured automatically, providing a seamless out-of-the-box experience for the end-user.
  • Enhanced Security: Allows admins to enforce security policies within apps, such as forcing encrypted connections, disabling backups of sensitive data, or pre-configuring compliance settings.
  • Dynamic Configuration: Settings can be updated remotely at any time via the MDM without requiring the user to uninstall and reinstall the application.

Key Use Cases for Managed App Configuration

  • Pre-configuring Connection Settings: Automatically setting server URLs, ports, and organization-specific domains for apps like email clients or custom business apps.
  • Single Sign-On (SSO) & Authentication: Pre-populating authentication realms, tenant IDs, or client IDs to streamline the login process and integrate with identity providers.
  • Enforcing Compliance Policies: Disabling features like file sharing to personal cloud services, requiring PIN codes within the app, or enabling data loss prevention (DLP) settings.

When is App Developer Involvement Needed?

  • To Define Keys: The app developer must define the specific keys (e.g., serverURL, enableAutoUpdate, companyTenantID) that their app will accept.
  • To Handle the Payload: The app's code must include logic to check for a Managed App Configuration payload upon launch and apply the provided key-value pairs to its internal settings.
  • To Provide the Schema: Developers should provide documentation or a sample XML plist detailing all supported keys, their expected data types (string, integer, boolean, etc.), and possible values.

As an Admin, your role is to:

  1. Obtain the configuration schema from the developer or vendor.
  2. Format these keys and values into a valid XML plist.
  3. Upload and assign this configuration within your MDM console.

How to Implement Managed App Configuration?

Pre-requisites: The app developer must support app configurations for the app, to implement it using MDM.

Process for MDM Admins:

  1. On the MDM console navigate to Device Mgmt > App Repository.
  2. Either select an existing app from your repository or add a new one (e.g., from the App Store or as a custom internal app).
  3. For a new app, you will find a Configurations section during the setup process.
    For an existing app, click the ellipsis (...) button under Action and select Modify App.
  4. To avoid creating static configurations for each user, MDM support dynamic variables in your XML values. These variables are automatically replaced with device-specific or user-specific information from the enrollment record.
    Example: Instead of hard-coding john.doe@zylker.com, use %email%. The MDM will populate the user's actual email address upon deployment.

    Here is the table of parameters for which MDM supports dynamic variables:

    PARAMETER DYNAMIC VARIABLE
    Device UDID %udid%
    Device Name %devicename%
    User Name %username%
    E-mail %email%
    Domain name %domainname%
    Serial Number %serialnumber%
    IMEI %imei%
    Exchange ID %easid%

    Sample XML file
    The app configuration file is an XML file which contains details regarding the configurations supported by the app. A sample XML file is shown below:

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
                 <key>serverURL</key>
                <string>myServerUrl.myDomain.com</string>
                <key>username</key>
                <string>%username%</string>
                <key>domain</key>
                <string>%domainname%</string>
                <key>email</key>
                <string>%email%</string>        
    </dict>
    </plist>
  5. Save the changes to the app configuration in the MDM. The configuration will be pushed to the device alongside the app installation command or during the next policy refresh.
    To meet your organizational needs, you can create app configurations for the following applications.
Jump To

< Previous

Next >