iOS Enterprise Apps
Enterprise Apps are proprietary applications developed for internal use within an organization. These apps are not listed on the public App Store and are distributed directly by the organization. Any enterprise app added to the App Repository and associated to devices gets automatically trusted and does not require the user to trust the app on the device manually. follow these steps to upload and manage the Enterprise apps.
What is provisioning profiles?
A provisioning profile is a collection of digital entities that uniquely ties developers and devices to an authorized iPhone Development Team and enables a device to be used for testing.
Why provisioning profiles?
Unlike Android, you can’t install any app on an iOS device. It has to be signed by Apple first. However, when you’re developing an app, you probably want to test it before sending it to Apple for approval. Provisioning profile act as a link between the device and the developer account. During development, you choose which devices can run your app and which app services your app can access. A provisioning profile is downloaded from your developer account and embedded in the app bundle, and the entire bundle is code-signed. A Development Provisioning Profile must be installed on each device on which you wish to run your application code. If the information in the provisioning profile doesn’t match certain criteria, your app won’t launch.
Types of provisioning profiles
There are several types of iOS app provisioning profiles, each serving a different purpose. Here are the most common types:
- Development Provisioning Profile: This profile is used during the development phase of an app. It allows you to install and run your app on physical devices for testing purposes. It is typically associated with a specific set of devices and tied to a development certificate.
- Ad-Hoc Provisioning Profile: An ad hoc provisioning profile allows you to distribute your app to a limited number of specified devices for testing outside the App Store. It is useful for beta testing or sharing the app with a select group of users. Ad hoc profiles are associated with a distribution certificate and require the UDIDs (Unique Device Identifiers) of the target devices.
- In-House Provisioning Profile: This type of provisioning profile is used when developing apps for in-house or enterprise distribution within an organization. It allows you to distribute apps to devices within your organization without going through the App Store. In-house provisioning profiles are associated with an enterprise distribution certificate. To achieve this developer needs to enroll into enterprise program.
Notes:
1. In MDM, uploading enterprise apps build with Development/In-house/Ad-Hoc provisioning profiles is only possible.
2. Provisioning Profile is valid only for 1 year. Upon expiry, you need to take a need build with the latest provisioning profile and update the app to the latest version; otherwise, the App can not be distributed or installed or used. - App Store Provisioning Profile: This profile is required for distributing your app on the App Store. It is associated with a distribution certificate and is used to sign your app for submission to Apple's review process. App Store provisioning profiles allow you to reach a broader audience by making your app available to users worldwide.
Notes:
1. For an app to be installed in all compatible Apple Devices, without registering their UDIDs like Ad-hoc and Development provisioning profiles, the In-house provisioning profile must be used. To create an In-house provisioning profile, one must have been enrolled in Apple Developer Enterprise Program.
2. Ensure https://ppq.apple.com is allow listed on your external firewall to ensure the added enterprise apps are trusted on the device.
Troubleshooting Tips
- Info.plist not found
While trying to upload an enterprise app, you receive the error message Info.plist not found. This error occurs when the .ipa file is extracted from an invalid source. Contact the developer to get the valid .ipa file.