Home » App Management for iOS, macOS, iPadOS & tvOS
pdf icon
Category Filter

Managing iOS Apps in MDM

This document outlines the detail information on managing applications on Apple iOS and iPadOS devices using ManageEngine Mobile Device Management (MDM). It covers the management of both free and paid applications from the App Store utilising Apple Business Manager (ABM) for streamlined volume purchase and license management.

Managing App Store Apps

The App Store contains both free and paid applications:

  • Free Apps: Can be added directly to the MDM's App Repository by searching with the app name or its Bundle Identifier.
  • Paid Apps: You are required to purchase of app licenses through Apple Business Manager (ABM) and need to sync them with the Content Token. Upon schedule/manual sync in MDM, these apps will be added to the repository. Licenses are managed and reassigned by the administrator.
  • Unlisted Apps: To distribute unlisted iOS apps (apps not publicly searchable on the App Store) to devices, please refer to the Distributing Unlisted iOS Apps to Devices guide.

Key Advantages of ABM Managed Distribution

  • License Management: Administrators can assign or revoke app licenses from users at any time. Revoked licenses are returned to the pool for reuse.
  • Silent Installation (Supervised Devices): Applications can be installed on Supervised devices without any user interaction.
  • No Apple ID Required: App installation is tied to the device, eliminating the need for end-users to sign in with a personal or corporate Apple ID on the device itself.
  • Bulk Purchase: Ability to purchase licenses in bulk for both free and paid apps.

Purchasing and Approving App Licenses

An "App License" corresponds to one installation on one device. To distribute an app to 300 devices, 300 licenses must be approved/purchased.

Prerequisites

  • Availability of ABM/ASM in Your Country: Confirm that Apple Business Manager is available in your country or region. ABM’s features and functionalities might vary based on location.
  • ABM/ASM Account: You must have an Apple Business/School Manager (ABM/ASM) account. If you don’t have one, you can create one here. This account must not be associated with or signed into any other Apple device.
  • The ABM account must be registered with MDM using a Content Token. Configure a Location in ABM if not available..

Steps to Purchase the Apps

  1. Log in to ABM Portal using your corporate Apple ID. If your organization does not have an ABM account, select Enroll now to create one.
  2. On the ABM portal, navigate to Payments and Billing > Apps and Books > Content Tokens.
  3. Search for the required application. For free apps, approve the desired number of licenses. For paid apps, purchase the required number of licenses.
  4. For downloading Apple Content Token from ABM, uploading them in the MDM and managing it in the MDM Console, visit our Apple Content Token Management guide.

Note:
1. Apple currently does not permit in-app purchases on apps distributed via ABM Managed Distribution.
2. To migrate unused VPP Redemption codes to Managed Distribution, refer this.

Application Distribution and Installation

  1. License Deduction: A license is consumed when an app is assigned to a device, not a user. Distributing an app to 5 devices uses 5 licenses.
  2. Silent Installation (Supervised Devices): On Supervised devices, apps purchased through ABM can be pushed and installed without any user interaction.

Distributing the MDM Agent App

The ME MDM agent application is critical for full device management functionality, including location tracking, compliance monitoring (e.g., jailbreak detection), and policy enforcement.

  • Purchase the required number of ME MDM app licenses. Distribute it as a required app to all managed devices.
  • This enables silent installation on Supervised devices and installation without an Apple ID on non-Supervised devices. For detailed information on benefit of installing ME MDM app, visit our ME MDM app Guide.

Application Updates

When apps are distributed via ABM, the App Store update mechanism is controlled by the IT administrator. Users will not see available updates for these managed apps in the App Store. Therefore, it is the admin's responsibility to review, test, and push critical updates. Follow the below Process for Distributing App Updates:

  1. Sync App Repository: The MDM server will automatically detect new versions of apps in your ABM catalogue during its regular sync, or you can trigger a manual sync.
  2. Review Updates: In the MDM App Repository, updated apps will typically be flagged as having a new version available.
  3. Approve & Distribute: The administrator can approve the update, which will then be pushed to all devices that have the previous version installed. For detailed steps, refer our Distributing App Updates to Devices guide. To add apps to the MDM repository, refer our "Adding Applications to the App Repository".

Troubleshooting Tips

  1. An SSL error has occurred and a secure connection to the server cannot be made.
    This error happens due to network failure. Ensure that you have stable network connectivity throughout the app distribution.
Jump To

< Previous

Next >