Managed App Configuration Components (Single Login)

Managed App Configuration

Managed App Configuration is a method in which an MDM server can dynamically configure managed applications over the air.

It can be used to deliver the authentication server information, which is the case for applications that integrate with Jamf’s Single Login. Managed App Config can also pass necessary information to the application on the device, as seen in the Jamf Setup snippet below. Jamf variables may also be passed to applications via a Managed App Config payload which can then be used by the application (i.e., as device identifiers). See Acting on Extension Attribute Data for a list of Jamf variables which can be used with Managed App Config.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>device_serial_number</key>
    <string>$SERIALNUMBER</string>
    <key>device_UDID</key>
    <string>$UDID</string>
    <key>Authentication Server</key>
    <string>https://login.microsoftonline.com/TENANT-ID-HERE/</string>
    <key>Application ID</key>
    <string>APPLICATION-ID-HERE</string>
    <key>Username</key>
    <string>$USERNAME</string>
</dict>
</plist>
<key>com.jamf.config.sso.login-type</key>
<string>AZURE</string>
<key>com.jamf.config.sso.client-id</key>
<string>APPLICATION-ID-HERE</string>
<key>com.jamf.config.sso.authority-uri</key>
<string>https://login.microsoftonline.com/TENANT-ID-HERE/</string>
<key>com.jamf.config.setup.require-passcode</key>
<true/>

The Single Login example above is a full Managed App Config payload which illustrates how Authentication Server information can be passed to the device and also demonstrates that Jamf variables can be used to provide identifying information to the application.

❗️

Warning

Please note that since Xcode Simulator is not a full iOS framework, it is not eligible for enrollment into an MDM server - therefore, if an application is run via Simulator it will not be eligible to receive Managed App Config.


What’s Next

Read more about Managed App Configuration or continue learning about Single Login.