Application Configuration Guide
Introduction
Mobile Application Management enables system administrators to manage and secure applications or app data. This includes configuring the application to meet various requirements. For example, applications may need to be targeted to specific servers, or restrictions may be placed to prevent certain features of an application. Additionally, pre-configurations can be made available to users. This category covers application configuration for multiple and most common applications.
If you are starting to configure applications, you should already be familiar with the processes of adding applications in the App Portal and the different types of applications. It is also important to understand how inheritance works by configuring an application in the App Portal and adding it to a Tag. If you have configured the application in the App Portal, this will be the default configuration when you add the application to a Tag. You can then override the default configuration in the Tag, and it won't be affected by changes in the App Portal. However, if you add the application again to another Tag, the default configuration from the App Portal will be used again. This means that after adding an application to a Tag, any changes made in the App Portal will not be reflected in the Tag. In this case, you will need to update the specific configuration that is retained within your current Tags.
A general recommendation is to start with application configuration typically for a few test devices, up front, as accidentally misconfigured applications can lead to a number of subsequent problems. For example, if you've inadvertently misconfigured an iOS or iPadOS application, the application may not be installed on managed devices at all. This includes automatic installs, remotely initiated installs from the Managed Applications section, or when users try to install the application from the App Portal. In this scenario, the device will be busy with trying to install the application and will not be able to execute any other commands. In such scenarios remove your current configuration and clear the Pending Commands for the specific device and force a new check-in for the device using the Refresh button in the Device Overview.
Application configurations is performed on iOS, iPadOS and macOS devices via XML schemas. Application developers should follow the general best practices and standards of the App Config Community. For macOS Enterprise applications, you can use the Edit button for App Configs and Managed Preferences for applications distributed through the Volume Purchase Program. For Windows 10/11 applications, *.msi installation parameters can be provided to install applications. For Android Enterprise, application configuration is performed via Managed Configurations. For Android Enterprise ready enterprise mobility solutions, it is possible to retrieve available configurations provided by the application developer and present them to the administrator in a rendered schema in the management console. This is best practise for Android Enterprise management and allows applications such as Gmail, Samsung Mail, Outlook, VPN applications and many more to be configured with a simple and streamlined process and a zero-day support for application features. Please note that Managed Configurations are distributed via the Managed Play API, and may be applied on the device with a certain delay as Silverback does not communicate directly with the devices in this case. You can view the list of applications configured with Managed Configurations under Profiles > App Configuration Profile inside the Companion application.
Android Enterprise provides a feedback channel for application developers so that applications configured via managed configurations can send feedback about applied configurations to Google and to the MDM/EMM system, including information about whether they were applied successfully or whether there were any issues. After applying configurations, you can use the feedback information in the Device Overview under Actions and Application Feedback to review the feedback. In addition, a message-centric bird's-eye view of application feedback is available in the App Portal, indicated by a notification icon. This information is especially useful for troubleshooting scenarios.
Several Microsoft 365 and partner applications support app protection policies, providing an additional layer of security for managed apps. Please refer to Azure AD Integration VI: App Protection Policies for the integration on Android and iOS/iPadOS applications.