Mobile Application Management enables system administrators to manage and secure applications or app data. This includes the configuration of application to address several requirements. As an example, applications need to be targeted to specific servers, or restrictions are intended to prevent several features of an application. Additionally, pre-configurations can be provided to users. This category is all about the application configuration for several and most common applications.
If you are starting with application configuration, you should be already familiar with the processes of adding applications into the App Portal and the different application types. Additionally, it is important to understand how the inheritance is working by configuring an application in the App Portal and adding it into a Tag. If you have configured the application inside the App Portal, this will be the default configuration when adding the application into a Tag. Afterwards, you can overwrite the default configuration inside the Tag, and it won't be touched afterwards by changes in the App Portal. But when you add the application again into a different Tag, the default configuration from the App Portal will be applied again. This means after an application is added to a Tag, any changes in the App Portal will not be taken over inside the Tag. In this case you need to update the specific configuration that is retaining inside your current tags.
A general recommendation is to start with application configuration typically for some test devices upfront, as accidentally misconfigured applications might lead to several follow up issues. As an example, when you accidentally misconfigured an iOS or iPadOS application, it might be that the application won't be installed on managed devices in any case. This includes automatic installations, remote initiate installations from the Managed Application section or when users trying to install the application from the App Portal. In this scenario, the device will be busy with trying to install the application and will not be able to execute other commands. In such scenarios remove your current configuration and delete the Pending Commands for the specific device and force a new check-in for the device with the Refresh button in the device overview.
Application configurations are executed on iOS, iPadOS and macOS device via XML schemas. Application developers should target the general App Config Community best practices and standards. For Windows 10/11 applications, *.msi installation parameters can be provided for installing applications. On Android Enterprise, application configuration is executed via Managed Configurations. For Android Enterprise ready Enterprise Mobility solutions, it is possible to retrieve available configurations provided by the application developer and present them to Administrator in a rendered schema in the Management Console. This is the best practise for Android Enterprise management, and it enables to configure applications like Gmail, Samsung Mail, Outlook, VPN applications and much more with an easy and streamlined process and a zero day support for application capabilities. Additionally, note that Managed Configurations are distributed via the Managed Play API, and they might be applied on the device with a certain delay as Silverback is not directly communicating to the devices in this case. You can review the list of applications configured with Managed Configurations under Profiles > App Configuration Profile inside the Companion application.
Android Enterprise offers to application developers a feedback channel, so that applications configured via managed configurations can send to Google and to the MDM/EMM system feedback about applied configurations with information like if they are applied successfully or if issues appeared. After applying configurations, you can use feedback information within the device overview under Actions and Application Feedback to review the feedback. Additionally, you have a message-centric bird's eye view of application feedback available in the App Portal, indicated with a notification icon. This information is particularly useful for troubleshooting scenarios.
Several Microsoft 365 and partner applications are supporting app protection policies for adding an additional security layer on managed apps. Please refer to Azure AD Integration VI: App Protection Policies for the integration on Android and iOS/iPadOS applications.