I made an app deployed internally at my company. It is placed outside conference rooms and allows the user to see if it's open, schedule room time, view other rooms, etc. Given its nature and use, the app is always the active one on the device and is placed into guided access mode to prevent passers-by from playing around with it. However, the update process is rather tedious since despite our MDM solution, we have to go around and take each device individually out of guided access mode in order for the app to be updated. I've been looking into supervised mode for each device (using the Apple Configurator tool), but I wanted to ask if there was anyone here with experience trying this who could point me in the right direction in case that idea doesn't bare fruit. Is there perhaps a way to trigger the app (and guided access) to close remotely and open, also remotely, once updated? Naturally, this would go against Apple's guidelines, but this app will never touch the app store, so any solution at all is feasible. I saw a few answers on this site from over two years ago saying it isn't possible, but perhaps something has changed to allow this possibility between then and now seeing as so much has changed around deployment in the past few years.
I would do something like that:
Have a device in supervised mode
Set Guided mode through configuration profile (rather than manually doing it). App Lock payload does that.
And when you need to upgrade the app:
Try to upgrade it without disabling guided mode. As I remember, you can install applications silently on a supervised device. So, there is a chance that it will upgrade it and restart it (because of Guided mode) after that.
If it won't restart the app on upgrade try following:
Remove App Lock profile
Upgrade app
Install App Lock profile again
This should work.
Related
I'm building an in-house app that is distributed via the AirWatch app catalog. The app always runs with Guided Access enabled and all devices running it are managed by AirWatch. My questions are regarding auto-update:
Is there a way that AirWatch can force the update immediately or as soon as the device comes back online, without asking for the user's input? If so, how does the app being open affect this behavior? How does guided access being enabled affect this behavior?
Is there a link from AirWatch, perhaps an itms-services:// link, that the app can call to install the new version if a web service had indicated that it's no longer the latest version? If so, how does Guided Access being enabled affect this behavior?
Is there any other good model for remotely updating the app that will spread the update as quickly as possible and under the above conditions? The solution can be using MDM or a custom web service or both combined.
Thanks a lot for your help!!
If your devices are running iOS7 and you have your app Deployment settings set to "Auto" (as opposed to "On-Demand") the device will automatically take the update once it processes the APNs notification to do so. If the device is locked/offline it will typically check for outstanding APNs messages within a minute or so of being unlocked or coming back online.
What I don't know is since your app is in guided access mode if you're receiving a pop-up to install the new version. I've seen previously where if the app that requires an update is open iOS will prompt. What we have done to battle this is embed a check in the app that phones home to see if the app is current. If the app is NOT current the user can't do anything until they update their app.
Regarding a direct-link to the App Catalog to update the app that might get tricky with guided access enabled. Before you even try to tackle that issue understand that the app catalog webclip URL contains the UDID of the device as of AW7.1 (I think). Since the UDID is no longer programmatically accessible code-side AirWatch allows you to push the UDID upon app installation in the Deployment/Application Configuration section. You can embed {DeviceUid} into the key share on the device which will make it accessible for that applciation, hence allowing you to create the appropriate App Store URL within your app.
Good luck
honestly I didn't work with AirWatch. But I don't think that Apple provides a way for automatic update of ad-hoc or enterprise apps.
Well, I can describe a solution for an enterprise app I developed last year. Hope it will help you somehow.
First of all, I made it as a part of our secure website. (a little test flight)
Here's how app update works
When the app launches it sends special request to a server asking if
it is outdated and a new app version is available. (+ servers sends
url for new version installation (with itms-services://))
Then
if update is required, app fires alert with description of new
version, if user taps update, the app opens Safari where the user
is able to install a new version.
We made to different kinds of alert, optional (minor version change) and compulsory(major version change). With later variant user is unable to get rid of alert view, so he has to update the app.
You can update your internal app through the AirWatch Console and applications versioning.
I never used it but I imagine that at the end of the new version process, there is a way to push the updated app to the related devices. If the Push Mode is set to Auto, the user won't have to do anything and the app should be updated. If it is On Demand, the use will have to initiate the process from the App Catalog. From for the latest option, you have the solution to send a notification to the user.
It is also possible to retire or inactivate older versions to only keep the newest one.
If you have access to AirWatch Online Documentation, I recommend you the page Using Add Version for Applications. If you don't, contact your administrator and ask for all the pages located in Mobile Application Management -> Internal Applications and the page Using Add Version for Applications.
You should try it with a single device though ;)
I want to write an iOS sample application which can launch itself whenever device is rebooted. Please share your thoughts and any pointers will be really helpful.
Setting VOIP in background modes seems to be one option.
I am NOT looking for a Jail break solution.
There is a way if you have access to MDM tools or the Apple Configurator, and are able to control the device and its' profile. For example, if you are the curator at a museum or you or a teacher and hand out iPads to students, you'll most certainly have this level of control; and since you're writing a sample application, I suppose this level of control is possible as well.
There is a feature known as Single App Mode (see page 17) that locks a device into a single app. According to the documentation, if the device is powered down, the specified app will launch at boot. (I don't have the setup to confirm this.)
Note that Single App Mode is not the same as guided access mode, though people do tend to get them confused.
So should you have access to the right tools your original intent may be possible.
There is really not much you can do to achieve such functionality. The most you can do is to provide background fetching to prepare your app for when user launches it explicitly.
I have never seen a single app that could launch itself for no reason.
Hope this can be useful.
Can't be done unless the device is jailbroken, and I can't help you with that.
To my knowledge, this is not possible. Your app does not have access to this level of system information.
What you could do is periodically send push-notifications with a payload that temporary allows you to access app functionality.
Note : I don't want to submit this app to app store.
What i want to achieve :
I want simple app with one view having two button Lock and Unlock.
Lock - This button will lock device. Only this app's screen will show nothing else will be accessible even after restart same screen will show up. Home button, gestures will get disabled similar to single app mode.
Unlock - This will unlock device and switch to normal behaviour of device.
iOS :
I want this for iOS 4.3 and above.
I have checked following solutions, but these don't match my requirements
Configuration profile
Lock-down iPhone/iPod/iPad so it can only run one app
But it is manual (reboot device, open app which you want to run in single app mode). I want to do it programmatically the way i mentioned above through my app.
Guided access (iOS 6 and above)
How to lock down user to Single App mode in iOS 6, Programmatically?
I want it do for all os and programatically.
Is there any way to do this ? As i don't wan't to submit it to app store is there any private api, some hack for springboard to achieve this ?
Thanks in advance !!
As I know in iOS 7 there is a new feature which allow to do exactly what you want.
However, it's only applicable for iOS 7 (and I believe it's only applicable to a supervised devices).
1) You will need to install restriction configuration profile with autonomousSingleAppModePermittedAppIDs key (take a look here)
This is one time step and a user will need to manually accept this configuration profile.
There is another option to use MDM to install it silently, but it could be an overkill for you.
2) You should use API:
UIAccessibilityRequestGuidedAccessSession (to lock/unlock)
It is defined here
3) And most beautility part. All of it is officially document. So, you can even submit it to AppStore.
P.S. Why do you care about 4.3 or 5? They have tiny market share by now. Most likely even iOS 6 has below 20% market share already.
Update 1
Potentially, you can try to use API which sends clicks and keys (search for GSEvent in iPhone-privateapi tag). May be using these API's you can do triple home to toggle accessibility on and off.
If this work, I think you should be able to cover iOS 6. I am not sure whether both this API and triple home click were available prior that.
It looks like this private API is unaccessible anymore in iOS 7. So, probably you can ignore this idea.
Just wanted to write on this even though this is old as i needed to implement a similar solution and i got it working. The steps for me as follows and a note here is that this involves MDM and other specific steps.
My requirement was as follows. Each of the iPad at different locations has a set of apps installed.For ease of it lets assume each Dept. has their own apps. Participants open a app related to their dept. to take a test, the APP automatically Locks the iPad to single-app Mode and at the end of the test, it will unlock it self.
Supervise the iPad/iphone using the Apple Configurator.
Install the MDM related files ( Each MDM has its own set of instructions, usually involves downloading a profile).
Every MDM has a option of Single APP Mode or MultipleAppMode. Select the second option and add the app IDs to the list. (A single APP mode works pretty well with MDM's but i did not want the app to be locked to a single APP all the time).
I used the UIAccessibilityRequestGuidedAccessSession api to lock unlock the device from single app mode.
http://bobxcode.blogspot.com/2015/12/programmatically-implement-single-app.html
Thanks,
Bob
In MDM configuration, There is an option
autonomousSingleAppModePermittedAppIDs
Optional. Supervised only. If present, allows apps
identified by the bundle IDs listed in the array to
autonomously enter Single App Mode.
Availability: Available only in iOS 7.0 and later.
But this needs Supervised Device mode.
This is a strange one, I have a need to create an iOS app that runs in the background on an iOS device, but can not be visible on the Home screen of the device. The app may need to show up in Settings to configure a few options, but it mostly needs to run behind the scenes.
I do not need to publish this app on the app store, it is strictly an enterprise app for my company.
Does anyone know how this kind of behavior might be achieved? Configuration profiles? API's? etc?
Edit: Jailbreaking the device is not really an option for us. We have to keep the devices as they are.
Backgrounding
There are several methods to get permanent background execution:
a) Silent audio which is mentioned by JRG-Developer
b) Usage of beginBackgroundTaskWithExpirationHandler + turning location manager on/off (it will reset remaining time to 600 seconds)
Making app invisible
You can use SBAppTags in Info.plist (take a look at this: How to remove app icon programatically from jail broken iPhone app?)
It will make your icon not visible on Home screen.
I've no idea how you can tackle the not be visible on the home screen criteria, but there are certain services that are allowed to be run in the background continuously, notably:
Background Audio (even silent audio)
While this is indeed very hacky, short of jailbreaking the devices, this may be your best bet.
While it's unlikely / very difficult to get past the review process, in the event for some reason you do need to (attempt) to publish this app to the App Store, some apps are even available on the App Store which take advantage of this hack, such as PasteBot.
You should definitely read their write-up here about getting their app's Cut-and-Paste functionality to work while in the background:
http://tapbots.com/blog/pastebot/pastebot-music-in-background
Another out-of-the-box idea, why not use Android devices instead, which do support multitasking?
Two methods:
Jailbreak. A jailbroken iPhone is essentially a Mac and you can use all Mac UNIX programming tricks - spawn a daemon (you can even ask launchd to do that), or something. You can set up enteprise-wise Cydia source. Refer to saurik's website for a walkthrough and set up an experimental server using Ubuntu (which used apt too)
A non-jailbreak way may be possible, but it will depend on what your app is doing. You can try use enterprise-wise push notifications.
Given that this is impossible to do on non jailbroken phones, I'd suggest the following:
develop a directory app, or a phone list app, something that is specific to your company.
have it connect to a web service once a day to register the device ID (so you know the user has not deleted the app)
tell users they need to keep the app open at all times (and if a user's device does not register one day, send them an email asking them to launch the app).
Now you can send back whatever you want with the app. If they kill it, you'll know the next day when you have a script look at the logs.
If you think this is a terrible idea, it is, but its the best you are going to get on iOS right now.
EDIT: you could send a notification every day - say in the AM - to make sure the user opened the app if it wasn't running.
From my experince, this kind of behaviour cannot be achieved on iOS. When an app enters into background, it is active only for a small particular amount of time. After that, it goes into hybernate state. It stops working. So the behaviour you said can not be achieved without abusing iOS workflow. Thats why some call iOS's multitasking as not true multitasking. Only jailbreaking might help your case. That was for one case. The second one where the app cannot be seen on home screen is again, impossible. It has to be on springboard to run.
Is there a way to remvoe TestFlight apps from users that have installed them? Also is there a way that TestFlight can bake into the app some sort of password that the users all have to log in with (in case of a lost phone, we don't want our developement apps exposed).
If left untouched, the provisioning of your apps will eventually expire automatically. Even without the native ability to remove applications with TestFlight there is still something of an expiration date on the application.
That would still leave your question of a "baked in password prompt" and removing the application itself physically from the device.
The first part, the app checking for authentication could be solved by implementing a solution with a more robust SDK that happens to have that sort of security-minded approach. As far as I know, and based on TestFLight's feature grid, this exceeds the abilities of their tool.
The second part, removing the application itself from the device, would be accomplished by using a tool that has the ability to use MDM (Mobile Device Management) for device-level control. Specifically you'd want to look for something that can selectively control a single application, rather than having to apply a blanket MDM policy. Again based on knowledge of TestFlight and based on their web page this is also not something TestFlight is capable of.
There are solutions out there that will give you exactly what you are asking about - easy beta testing with the added ability to force the app to check in and re-authenticate as well as the ability to remove applications from the device when you're done testing. If you hit your search engine of choice you can find a few tools that will give you a "yes" to all of your questions here. The list is very short so they're easy to find. :)
If it is at all helpful to you, I am associated with one of those companies, AppBlade, and would be happy to answer questions about this sort of thing. We're at https://AppBlade.com and you're welcome to give us a call or even log into the tool to see how it works for yourself.
Unfortunately you can't delete apps that are already installed on the device via TestFlight, unless you do it on the device itself. As for the password, TestFlight doesn't exactly support that either. You could however put a passcode lock feature in all of the Beta versions of your apps through your code. Sorry thats probably not the answers that you wanted to hear, but TestFlight is still in its early stages.
You are not able to delete apps from a users device, however TestFlight is testing in their 'Area51' an option to force users to update to a new build if there is one available.
If you no longer want testers to access your app you probably could add a new build which justs shows some info screen.
There is a way to expire the builds in the app store connect when you click on build.
Another way if you want to get rid of it as a tested to open the app page and click on stop testing.