We have an enterprise app that will run through our MDM in ASAM (Autonomous Single App Mode). We will install it through the MDM but need to be able to detect and initiate updates programatically without user interaction.
From the thread I gather this is possible for enterprise apps as long as they are not currently the front running app.
BTW all ipads will be managed and supervised so we have complete control of them.
We are following somewhat the plan laid out in comments above:
1) Have Single App Mode running on target app
2) Ping our server to identify a new update available (compare current version to listed version)
3) Disable Single App Mode on target app
4) Launch Maintenance App (just shows image saying "Maintenance Mode...Please Wait")
5) Push update to target app
6) Relaunch Target App
7) Re-enable Single App Mode on target app
The question I have is around Step 5 above.
Typically we would initiate the update through a browser to start the download and update of the application, however I need this instead to be initiated automatically, I would assume by the maintenance app.
How would I programatically initiate an update to an enterprise app without prompting the user to accept the update? Or is this something I have to push through the MDM and can't be called on from an app within the ipad?
Thanks in advance for your help.
Related
I got an email from Apple that apps now require iOS13 + storyboard for app launch screen for existing apps. (I do not use storyboard for main app functionality)
I have developed a couple swift1/swift2 based for schools a long time ago. (Still works well)
Can I somehow ditch the app store and then provide direct access or download for school pupils?
i.e. is there any way forward to simple keep the apps-as-they-are? Maybe limited download availability?
Or will I have to take plunge back into app-building?
The requirement of a Storyboard launch screen is only when you need to submit an app update. If you are not wanting to update your app any more, then it won’t stop working because of this new requirement.
Regarding distribution outside of the App Store, you could use Adhoc distribution which requires you to know the device ID’s of the devices you want to install it to.
I have a need to update my managed app running on a large amount of iPads without any user interaction. These devices all have the managed app locked in Single App Mode. As I understand it, it's an iOS limitation that an app cannot be updated if either of the following conditions are present:
The app to be updated is in the foreground.
Any app is locked in Single App mode.
With our use case, both of these conditions are present. I also understand that the current workaround is to do the following:
Disable Single App Mode.
Enable Single App Mode for a different app (e.g. Safari) to bring that app into the foreground.
Disable Single App Mode.
Update app.
Re-enable Single App Mode for your app when the update finishes to bring it back into the foreground.
While this method works, it has a lot of drawbacks:
It's highly manual, we have not found a way to automate it. This is especially a problem as the number of devices becomes large. Internet connections can be spotty and there is no robust way to ensure that each step has executed for all devices.
It's prone to failure. Especially between steps 4 and 5 above. It seems there are little to no guarantees of when/if an update was successful to know definitively when to re-enable Single App Mode.
It fails for devices that are offline at time of update. If a device does not have internet connection when the update is executed, there is no way to guarantee that the steps execute fully and in the correct order the next time the device comes back online.
I am looking for a scalable solution to reliably update my managed, Single App Mode app running on thousands of devices in an automated way with no user interaction. I am using Meraki for an MDM right now, for what it's worth.
With iOS 11.2 you can now push a silent update to a device with it running SingleApp mode.
Apple failed to mention this to the public but is included in the beta notes.
Called Enterprise Support today, They could not find any official documentation mentioning ios 11.2.x supports the updating of apps while in single app mode :(
Now with iOS 11.3 beta it is working again but after updation, app is not automatically locking in Single App mode we have to restart device.
Hope in upcoming beta's this issue will get addressed.
iOS 13.1 beta 1 seems to fix most of the issues I have been having in this area.
I had seen issues in iOS 11-12.* where updates sometimes worked, but sometimes showed a pin-pad even though no passcode or guided access code was set, or otherwise behaved strangely.
In the 13.1 beta 1 you can push an App update and nothing will happen on the device, but if you send a restart command afterwards the device will restart, update the App and continue in single app mode.
I have tested with both 'Single App Mode' (SAM) and 'Autonomous Single App Mode' (ASAM) and it has worked every time for me so far.
This works for my use case as you can push the update anytime and schedule the restart at suitable time when the device is not in use.
edit: 13.1 beta 2/3/4 changes this, now when you push an update from your MDM the App will close, update and re-open and continue in single App mode. I checked both SAM and ASAM both now update without the need for a restart.
I'm building an in-house app that is distributed via the AirWatch app catalog. The app always runs with Guided Access enabled and all devices running it are managed by AirWatch. My questions are regarding auto-update:
Is there a way that AirWatch can force the update immediately or as soon as the device comes back online, without asking for the user's input? If so, how does the app being open affect this behavior? How does guided access being enabled affect this behavior?
Is there a link from AirWatch, perhaps an itms-services:// link, that the app can call to install the new version if a web service had indicated that it's no longer the latest version? If so, how does Guided Access being enabled affect this behavior?
Is there any other good model for remotely updating the app that will spread the update as quickly as possible and under the above conditions? The solution can be using MDM or a custom web service or both combined.
Thanks a lot for your help!!
If your devices are running iOS7 and you have your app Deployment settings set to "Auto" (as opposed to "On-Demand") the device will automatically take the update once it processes the APNs notification to do so. If the device is locked/offline it will typically check for outstanding APNs messages within a minute or so of being unlocked or coming back online.
What I don't know is since your app is in guided access mode if you're receiving a pop-up to install the new version. I've seen previously where if the app that requires an update is open iOS will prompt. What we have done to battle this is embed a check in the app that phones home to see if the app is current. If the app is NOT current the user can't do anything until they update their app.
Regarding a direct-link to the App Catalog to update the app that might get tricky with guided access enabled. Before you even try to tackle that issue understand that the app catalog webclip URL contains the UDID of the device as of AW7.1 (I think). Since the UDID is no longer programmatically accessible code-side AirWatch allows you to push the UDID upon app installation in the Deployment/Application Configuration section. You can embed {DeviceUid} into the key share on the device which will make it accessible for that applciation, hence allowing you to create the appropriate App Store URL within your app.
Good luck
honestly I didn't work with AirWatch. But I don't think that Apple provides a way for automatic update of ad-hoc or enterprise apps.
Well, I can describe a solution for an enterprise app I developed last year. Hope it will help you somehow.
First of all, I made it as a part of our secure website. (a little test flight)
Here's how app update works
When the app launches it sends special request to a server asking if
it is outdated and a new app version is available. (+ servers sends
url for new version installation (with itms-services://))
Then
if update is required, app fires alert with description of new
version, if user taps update, the app opens Safari where the user
is able to install a new version.
We made to different kinds of alert, optional (minor version change) and compulsory(major version change). With later variant user is unable to get rid of alert view, so he has to update the app.
You can update your internal app through the AirWatch Console and applications versioning.
I never used it but I imagine that at the end of the new version process, there is a way to push the updated app to the related devices. If the Push Mode is set to Auto, the user won't have to do anything and the app should be updated. If it is On Demand, the use will have to initiate the process from the App Catalog. From for the latest option, you have the solution to send a notification to the user.
It is also possible to retire or inactivate older versions to only keep the newest one.
If you have access to AirWatch Online Documentation, I recommend you the page Using Add Version for Applications. If you don't, contact your administrator and ask for all the pages located in Mobile Application Management -> Internal Applications and the page Using Add Version for Applications.
You should try it with a single device though ;)
I have a an iOS7 app running in a Single App Mode on an iPad.
The device is put in the Single App Mode via Apple Configurator.
The Single App mode does not respond to the Home Button.
Is there a way a user can access the device settings when running in a Single App Mode (For example change device brightness or turn bluetooth ON)
Short answer is no.
A device running in single app mode will not allow the user to exit the app to access settings.
A possible solution is to use the Restrictions configuration payload with the autonomousSingleAppModePermittedAppIDs key set to the bundle id for your app.
You will need to install a configuration profile either manually or through an MDM with this payload on the device.
Once the profile is installed your app you can enter single app mode programmatically by calling UIAccessibilityRequestGuidedAccessSession.
You can now add some UI (like a button) to permit the user to exit guided access and launch settings, you exit guided access using the same API to enter it.
Note: This won't force the user back to your app once they have exited your app. You will have to find some other way to do that (ugly hack: force install another configuration profile that brings your app back into single app mode, once that has happened, remove this profile but leave the one permitting it to request guided access).
Note : I don't want to submit this app to app store.
What i want to achieve :
I want simple app with one view having two button Lock and Unlock.
Lock - This button will lock device. Only this app's screen will show nothing else will be accessible even after restart same screen will show up. Home button, gestures will get disabled similar to single app mode.
Unlock - This will unlock device and switch to normal behaviour of device.
iOS :
I want this for iOS 4.3 and above.
I have checked following solutions, but these don't match my requirements
Configuration profile
Lock-down iPhone/iPod/iPad so it can only run one app
But it is manual (reboot device, open app which you want to run in single app mode). I want to do it programmatically the way i mentioned above through my app.
Guided access (iOS 6 and above)
How to lock down user to Single App mode in iOS 6, Programmatically?
I want it do for all os and programatically.
Is there any way to do this ? As i don't wan't to submit it to app store is there any private api, some hack for springboard to achieve this ?
Thanks in advance !!
As I know in iOS 7 there is a new feature which allow to do exactly what you want.
However, it's only applicable for iOS 7 (and I believe it's only applicable to a supervised devices).
1) You will need to install restriction configuration profile with autonomousSingleAppModePermittedAppIDs key (take a look here)
This is one time step and a user will need to manually accept this configuration profile.
There is another option to use MDM to install it silently, but it could be an overkill for you.
2) You should use API:
UIAccessibilityRequestGuidedAccessSession (to lock/unlock)
It is defined here
3) And most beautility part. All of it is officially document. So, you can even submit it to AppStore.
P.S. Why do you care about 4.3 or 5? They have tiny market share by now. Most likely even iOS 6 has below 20% market share already.
Update 1
Potentially, you can try to use API which sends clicks and keys (search for GSEvent in iPhone-privateapi tag). May be using these API's you can do triple home to toggle accessibility on and off.
If this work, I think you should be able to cover iOS 6. I am not sure whether both this API and triple home click were available prior that.
It looks like this private API is unaccessible anymore in iOS 7. So, probably you can ignore this idea.
Just wanted to write on this even though this is old as i needed to implement a similar solution and i got it working. The steps for me as follows and a note here is that this involves MDM and other specific steps.
My requirement was as follows. Each of the iPad at different locations has a set of apps installed.For ease of it lets assume each Dept. has their own apps. Participants open a app related to their dept. to take a test, the APP automatically Locks the iPad to single-app Mode and at the end of the test, it will unlock it self.
Supervise the iPad/iphone using the Apple Configurator.
Install the MDM related files ( Each MDM has its own set of instructions, usually involves downloading a profile).
Every MDM has a option of Single APP Mode or MultipleAppMode. Select the second option and add the app IDs to the list. (A single APP mode works pretty well with MDM's but i did not want the app to be locked to a single APP all the time).
I used the UIAccessibilityRequestGuidedAccessSession api to lock unlock the device from single app mode.
http://bobxcode.blogspot.com/2015/12/programmatically-implement-single-app.html
Thanks,
Bob
In MDM configuration, There is an option
autonomousSingleAppModePermittedAppIDs
Optional. Supervised only. If present, allows apps
identified by the bundle IDs listed in the array to
autonomously enter Single App Mode.
Availability: Available only in iOS 7.0 and later.
But this needs Supervised Device mode.