Apps can query the Intune MAM SDK for allowed save-to storage locations by using the isSaveToAllowedForLocation:withAccount: API, defined in IntuneMAMPolicy.h. Intune lets IT admins select which storage locations a managed app can save data to or open data from. If isFileEncryptionRequired is true, then it's the app's responsibility to ensure that any files saved to disk by the app are encrypted using the APIs in IntuneMAMFile.h, IntuneMAMFileProtectionManager.h, and IntuneMAMFDataProtectionManager.h.Īpps can react to changes in this policy by observing the IntuneMAMDataProtectionDidChangeNotification notification defined in IntuneMAMFDataProtectionManager.h. The isFileEncryptionRequired API defined in IntuneMAMPolicy.h informs applications when the IT administrator requires that applications use Intune encryption on any files saved to disk. The notification is posted whenever the allowedAccounts property changes in value. If the property is nil then no allowed accounts have been specified.Īpps can also react to changes of the allowedAccounts property by observing the IntuneMAMAllowedAccountsDidChangeNotification notification. The allowedAccounts property is either an array containing the allowed accounts or nil. To query for allowed accounts, the App should check the allowedAccounts property on the IntuneMAMEnrollmentManager. Apps can query the Intune App SDK for the specified list of allowed accounts and then ensure only allowed accounts are signed into the device. Intune lets IT admins specify which accounts can be logged into by the user. The identity can be managed by Intune or unmanaged, and the SDK will apply encryption appropriately. The IntuneMAMDataProtectionManager class exposes APIs the app can use to secure data buffers given a supplied identity. The identity can be managed by Intune or unmanaged, and the SDK will apply the appropriate MAM policy. The IntuneMAMFileProtectionManager class exposes APIs the app can use to explicitly secure files and directories based on a supplied identity. App developers should review the comments in this header to determine which APIs are applicable to their application's scenarios. Most policy settings are enforced by the SDK and not the app. Most of these policy settings are exposed so the app can customize its UI. The IntuneMAMPolicy class exposes some MAM policy settings that apply to the app. Notably, it exposes APIs that are useful for Enabling multi-identity. The IntuneMAMPolicyManager class exposes the Intune APP policy deployed to the application. The following table provides information on some essential Intune classes you'll use. You can use this data to customize your app's behavior. The Intune App SDK has several APIs you can call to get information about the Intune APP policy deployed to the app. Enable targeted configuration (APP/MAM app config) for your iOS applications.Share Data via UIActivityViewController.Implement save-as and open-from controls.The rest of this guide describes the remaining set of app participation features: Web-view specific features covered in Stage 7: Web-view features.App Protection CA as covered in Stage 6: App Protection Conditional Access support.Multi-identity as covered in Stage 5: Multi-Identity.The next stages of this guide will describe several important app participation features: Typically, the SDK doesn't have enough context about your application's code or the end user scenario to automatically enforce these settings, and thus relies on developers to call the SDK APIs appropriately.Īpp participation features aren't necessarily optional.ĭepending on your app's existing features, these features may be required. However, there are some settings that require app-specific code to enforce properly these are called app participation features. This SDK integration process attempts to minimize the amount of app-specific code that developers need to write.īy successfully completing the prior stages of the SDK integration your app can now enforce the majority of app protection policy settings, such as file encryption, copy/paste restrictions, screenshot blocking, and data transfer restrictions.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |