3

We have an App that is normally used with login + password. But when we want to deploy this app to a customer who has airwatch (which we can handle things through their API), what would be the way to push individual creditals to the Mobile Devices through the Airwatch integration?

Or can I push the App to the iOS Devices with pre-configured individual credentials through Airwatch? The Apple EMM Features seem to cover this topic, but they don't have examples how to do this without the help of an MDM.

Mr.Gosh
  • 181
  • 2
  • 9

4 Answers4

3

You can achieve this by using App Config. Simply put the following lines of code in your iOS application and push the app through MDM defining the same key and value in the app config section of the app publishing:

code:

obj-c

NSString *value = [[[NSUserDefaults standardUserDefaults] dictionaryForKey:@"com.apple.configuration.managed"] objectForKey:@"key"];

swift:

let value = UserDefaults.standard.dictionary(forKey: "com.apple.configuration.managed")?["key"]
java_doctor_101
  • 3,287
  • 4
  • 46
  • 78
2

Here is what I have done to make it work with AirWatch. This concept uses "App Configuration" mechanism provided by Apple's MDM Protocol

  1. Login to Airwatch Console
  2. Click "Apps & Books" section
  3. Click "List View" under the "Application" Tab
  4. Here we have to add the application, which needs custom info(in your case it is credentials). It allows you for both AppStore apps as well as Internal(Enterprise profile signed) app.
  5. Click on the application which we just added
  6. Look for option "Assign", this is like a app-delivery-configuration profile.
  7. If you dont have one already, create one with what ever config details you need
  8. In our context we need to Enable "Application Configuration" Tab, which will enable us to enter key-value pairs. Here we can enter any custom key-value pair parameters.
  9. Then click add, then Save and Publish.

Now the app should receive these custom key-values pairs in com.apple.configuration.managed in NSUserDefaults dictionary.

Trident
  • 810
  • 9
  • 20
1

AppConfig is definitely the way to go if you want to push individual configuration parameters (like username / password) to an app distributed and managed by AirWatch.

You can also consider certificate-based authentication (CBA) in which case the App would present a client authentication certificate to your backend web service instead of username / password. Pushing a certificate down to an App via EMM requires the integration of your vendor's (AirWatch) SDK. There is something called Application Profile you might want to research about if you decide to go down that route.

Let me know if you want to know more about CBA in mobile Apps and how to manage the certificates.

Emil
  • 34
  • 3
  • I would be very interested to know more about CBA in AirWatch and whether it is still required for `WKWebView` to use client certificates already pushed to the device. – Andrew Ebling Feb 11 '19 at 10:56
0

Mr Gosh, See the ACE program. You may find guidance there. All apps loaded in Airwatch for distribution can send configuration data. To what extent I'm unsure. http://appconfigforenterprise.org/

The program is multi vendor, and meant to be a clearing house for standardizing app config with MDMs. I hope this helps.

Donald.M
  • 96
  • 6