How to auto-update apps managed by MDM? - ios

I'm building an in-house app that is distributed via the AirWatch app catalog. The app always runs with Guided Access enabled and all devices running it are managed by AirWatch. My questions are regarding auto-update:
Is there a way that AirWatch can force the update immediately or as soon as the device comes back online, without asking for the user's input? If so, how does the app being open affect this behavior? How does guided access being enabled affect this behavior?
Is there a link from AirWatch, perhaps an itms-services:// link, that the app can call to install the new version if a web service had indicated that it's no longer the latest version? If so, how does Guided Access being enabled affect this behavior?
Is there any other good model for remotely updating the app that will spread the update as quickly as possible and under the above conditions? The solution can be using MDM or a custom web service or both combined.
Thanks a lot for your help!!

If your devices are running iOS7 and you have your app Deployment settings set to "Auto" (as opposed to "On-Demand") the device will automatically take the update once it processes the APNs notification to do so. If the device is locked/offline it will typically check for outstanding APNs messages within a minute or so of being unlocked or coming back online.
What I don't know is since your app is in guided access mode if you're receiving a pop-up to install the new version. I've seen previously where if the app that requires an update is open iOS will prompt. What we have done to battle this is embed a check in the app that phones home to see if the app is current. If the app is NOT current the user can't do anything until they update their app.
Regarding a direct-link to the App Catalog to update the app that might get tricky with guided access enabled. Before you even try to tackle that issue understand that the app catalog webclip URL contains the UDID of the device as of AW7.1 (I think). Since the UDID is no longer programmatically accessible code-side AirWatch allows you to push the UDID upon app installation in the Deployment/Application Configuration section. You can embed {DeviceUid} into the key share on the device which will make it accessible for that applciation, hence allowing you to create the appropriate App Store URL within your app.
Good luck

honestly I didn't work with AirWatch. But I don't think that Apple provides a way for automatic update of ad-hoc or enterprise apps.
Well, I can describe a solution for an enterprise app I developed last year. Hope it will help you somehow.
First of all, I made it as a part of our secure website. (a little test flight)
Here's how app update works
When the app launches it sends special request to a server asking if
it is outdated and a new app version is available. (+ servers sends
url for new version installation (with itms-services://))
Then
if update is required, app fires alert with description of new
version, if user taps update, the app opens Safari where the user
is able to install a new version.
We made to different kinds of alert, optional (minor version change) and compulsory(major version change). With later variant user is unable to get rid of alert view, so he has to update the app.

You can update your internal app through the AirWatch Console and applications versioning.
I never used it but I imagine that at the end of the new version process, there is a way to push the updated app to the related devices. If the Push Mode is set to Auto, the user won't have to do anything and the app should be updated. If it is On Demand, the use will have to initiate the process from the App Catalog. From for the latest option, you have the solution to send a notification to the user.
It is also possible to retire or inactivate older versions to only keep the newest one.
If you have access to AirWatch Online Documentation, I recommend you the page Using Add Version for Applications. If you don't, contact your administrator and ask for all the pages located in Mobile Application Management -> Internal Applications and the page Using Add Version for Applications.
You should try it with a single device though ;)

Related

How to configure a minimum app version for an iOS app React-Native

I want all users off my app to stay above a minimum threshold version. Is there a way I can configure it either in the code or app store that invalidates the users on a certain version and redirects them to the app store?
I assume you have already an application that in the production and installed to devices.
In this case, unfortunately you can't put version limit on them. The only way is, deprecating v1 APIs and creating v2 APIs. The older version app owners will get a warning (If you well made the error handling.).
Otherwise, you can add a new feature like checking the version on the startup of the application. And If it is older, you can show a message like "Please update the application." and put a button that redirects to the AppStore.
(The image is from a Medium blog post named "Mandatory Update for your apps".
I don't recommend forcibly redirecting users to AppStore. It is not a great UX practice. You can block the screen of the application with the warning but at least leave the basic functionalities open.

New requirements for iOS app - keep them accessible to users/customers

I got an email from Apple that apps now require iOS13 + storyboard for app launch screen for existing apps. (I do not use storyboard for main app functionality)
I have developed a couple swift1/swift2 based for schools a long time ago. (Still works well)
Can I somehow ditch the app store and then provide direct access or download for school pupils?
i.e. is there any way forward to simple keep the apps-as-they-are? Maybe limited download availability?
Or will I have to take plunge back into app-building?
The requirement of a Storyboard launch screen is only when you need to submit an app update. If you are not wanting to update your app any more, then it won’t stop working because of this new requirement.
Regarding distribution outside of the App Store, you could use Adhoc distribution which requires you to know the device ID’s of the devices you want to install it to.

Is there an api to allow the user to update the app from within the app?

Some new users may not know how to use the app store for updating apps. Is there a way from within the app I can provide a button that triggers updating the app ?
No, there is no built in way to do this.
If you have a way of detecting when a newer version is out (e.g. your server reports the version number of the latest version), then you could just direct users to your app's App Store page when they have an old version — just use -[UIApplication openURL:] to open your app's App Store URL, and it'll transfer them to the App Store app.
But as Losiowaty's comment mentions, this is not a thing you should worry about. Most people have automatic app updates turned on. This really is a non-issue.

Detect if user has a specific Profile installed on their device

I've come across this application today, Adblock Mobile, which installs a Profile on the users device and routes all web traffic through its secure VPN to disable/block advertisements both when surfing the web, and when using an application that implements advertisements, for example banner or interstitial ads. The majority of my applications revenue is ad based so this causes some concern for me and I'm actually surprised Apple would approve this application, as it hinders iAd from working as expected.
Is there a way to access a user's installed Profiles to check if this Profile is installed from my application?
No, it's not possible to check for existence of configuration files. Some sources:
"... if you're thinking about checking whether the profile exists and if not to install it, it's impossible (as for available documentation thus far)", October 2012, iOS - Prevent iPhone Configuration Profile from being deleted OR check to see if it's installed
Apple dev forum: How can I read the configuration profile, 2011. "Not specifically. However, iOS 7 added a bunch of enterprise integration features that might allow you to achieve the same goal via a different path.", 2013.
But you if you merely want to know whether your ads are served you can do this in another way: Simply try to load some of your ads and see if they're actually loaded and act accordingly.
This should be easy to implement. And it's all you need you only care about the fact that the ads are blocked, not in what way.
Quite a few websites do this. E.g. the Dutch tech website tweakers.net serves a message to people who block ads. And I'm sure a few iOS apps will start doing this soon as well.
Check this SO question How to detect Adblock on my website? for some ways that websites handle this.
No this is not possible due to sandbox. It would be a huge security issue if you could programmatically check or install profiles. Apple is very strict about security.
More details about the topic you can find there: iOS - Prevent iPhone Configuration Profile from being deleted OR check to see if it's installed
Retrieving data programmatically from a Configuration Profile in IOS
How Configuration Profiles Could Be Installed:
http://www.howtogeek.com/176195/why-configuration-profiles-can-be-as-dangerous-as-malware-on-iphones-and-ipads/

Removal of TestFlight apps?

Is there a way to remvoe TestFlight apps from users that have installed them? Also is there a way that TestFlight can bake into the app some sort of password that the users all have to log in with (in case of a lost phone, we don't want our developement apps exposed).
If left untouched, the provisioning of your apps will eventually expire automatically. Even without the native ability to remove applications with TestFlight there is still something of an expiration date on the application.
That would still leave your question of a "baked in password prompt" and removing the application itself physically from the device.
The first part, the app checking for authentication could be solved by implementing a solution with a more robust SDK that happens to have that sort of security-minded approach. As far as I know, and based on TestFLight's feature grid, this exceeds the abilities of their tool.
The second part, removing the application itself from the device, would be accomplished by using a tool that has the ability to use MDM (Mobile Device Management) for device-level control. Specifically you'd want to look for something that can selectively control a single application, rather than having to apply a blanket MDM policy. Again based on knowledge of TestFlight and based on their web page this is also not something TestFlight is capable of.
There are solutions out there that will give you exactly what you are asking about - easy beta testing with the added ability to force the app to check in and re-authenticate as well as the ability to remove applications from the device when you're done testing. If you hit your search engine of choice you can find a few tools that will give you a "yes" to all of your questions here. The list is very short so they're easy to find. :)
If it is at all helpful to you, I am associated with one of those companies, AppBlade, and would be happy to answer questions about this sort of thing. We're at https://AppBlade.com and you're welcome to give us a call or even log into the tool to see how it works for yourself.
Unfortunately you can't delete apps that are already installed on the device via TestFlight, unless you do it on the device itself. As for the password, TestFlight doesn't exactly support that either. You could however put a passcode lock feature in all of the Beta versions of your apps through your code. Sorry thats probably not the answers that you wanted to hear, but TestFlight is still in its early stages.
You are not able to delete apps from a users device, however TestFlight is testing in their 'Area51' an option to force users to update to a new build if there is one available.
If you no longer want testers to access your app you probably could add a new build which justs shows some info screen.
There is a way to expire the builds in the app store connect when you click on build.
Another way if you want to get rid of it as a tested to open the app page and click on stop testing.

Resources