I am in early stage of Mobile Device Management implementation. I am in process to get iOS Enterprise developer account.I have already started exploring MDM Server implementation.
I need some iOS sample Check-in data which is received from iOS device. These samples are required to understand to write APIs in server side,because these APIs should be common for Blackberry,Android and other mobile platforms.
Once you have an Apple Developer account, log in and go to iOS Provisioning Portal->Certificates->Other and look for the link to the document "Mobile Device Management Protocol Reference". This document explains the structure of a device check-in.
UPDATE (30-Sep-2012): It appears the link text has changed from "Mobile Device Management Protocol Reference" to "Configuration Profile Reference".
You can get step by step all the sample plist in the MDM_Protocol document also.
For example in device check-in process when iOS device receives the push notification from MDM server via APNS then device can respond to MDM Sever as below sample plist format.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Status</key>
<string>Idle</string>
<key>UDID</key>
<string> [ redacted ] </string>
</dict>
</plist>
Related
I have enabled Data Protection for my iOS application and set Protected Until First User Authentication mode. Here is screenshot from my App ID:
I also set this in my entitlements file:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.default-data-protection</key>
<string>NSFileProtectionCompleteUntilFirstUserAuthentication</string>
</dict>
</plist>
However, xcode constantly shows issue on Capabilities tab:
When I click Fix Issue it modifies my entitlements file and sets: NSFileProtectionComplete which is different than App ID setting, so then I get errors on General tab under each provisioning profile (I have disabled Automatically manage signing).
I can't get rid off this issue. However everything seems to work, I can build it without any issues. Any ideas how to fix it?
Bundle identifier is correct and provisioning profiles are set properly. I'm using Xcode 10.2.
I’m trying to leverage the new extension to work with a password management app, and I’m running into a road block setting it up. It could be my googling skills but there is almost no documentation on how to do this with xamarin.
What I have so far:
Added com.apple.developer.authentication-services.autofill-credential-provider as a custom property into my iOS project Entitlements.plist
Created an ActivionView extension since there is no credential provider option when creating a iOS extension project.
Changed the ActionViewController to a CredentialProviderViewController
Updated the MainInterface.storyboard to use the CredentialProviderViewController
Added com.apple.developer.authentication-services.autofill-credential-provider as a custom property to the autofill Entitlements.plist
I don’t see the option under Settings>Passwords & Accounts to use my app for the autofill. I must be missing some key pieces. Does anyone know what I should be doing instead?
Here is my Entitlements.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>keychain-access-groups</key>
<array>
<string>$(AppIdentifierPrefix)com.orginization.appname</string>
</array>
<key>com.apple.security.application-groups</key>
<array>
<string>group.com.orginization.appname</string>
</array>
<key>com.apple.developer.authentication-services.autofill-credential-provider</key>
<true/>
</dict>
</plist>
I have confirmed that this is a bug with Xamarin.iOS. Specifically, there is an enumeration of and validation against a list of known Extension Points. The credential provider point introduced in iOS 12, and any others after iOS 10 are not present.
I've forked the Xamarin.iOS code and made the necessary patches and confirmed that I am now able to successfully deploy a credential provider that shows up in the AutoFill Passwords provider list in iOS settings. I will file a bug and submit a pull request as soon as I can, but I may go through and make sure all the other extension points are present first.
Edit: All of my pull requests have been merged into the main development branch and will hopefully be part of an official release soon.
Here is the screenshot of the error
I have enabled keychain access group in capabilities and its added in Entitlements.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>keychain-access-groups</key>
<array>
<string>L23874DF.com.your.appid</string>
</array>
</dict>
</plist>
I signed the archive with development provisioning profile and certificate and given it to the team that pushes it for appstore.
But I got the above error and I don't understand it has right appid prefix and bundle identifier and member center has no options to enable Keychain access group then in my eyes there should not be a problem.
the appstore certificate that they're using is from same appstore account so there shouldn't be a problem with app id.
App id is same for whole account irrespective of whether its development build or adhoc build or release build or appstore build
P.S
I had to remove my entitlements.plist and resign the app with same dev cert and provision to make archive and send to them and it got published to appstore without any problem
somebody explain me whats wrong with this behaviour ? I am still confused
I have a universal iOS app that references HealthKit. When the app is installed on an iPhone the app uses HKHealthStore to retrieve health data and when it is on an iPad I skip the HealthKit queries by checking if HKHealthStore.isHealthDataAvailable is false. This all works well but in order to have the app run on an iPad I have to remove the "healthkit" entry from my app's .plist under "Required device capabilities". This makes sence because the iPad doesn't have healthkit on it so requiring it makes it so the app won't install on the iPad. All of this has already been done in an app I have submitted to the app store and has been approved.
Now I am making an app update and I want to show unit preferences that a user may have manually adjusted in the Health App. The documentation for HKHeathStore says you can do this using the preferredUnitsForQuantityTypes method. However, calling this method from my iPhone app gives me the following error:
Error Domain=com.apple.healthkit Code=4 "Missing com.apple.developer.healthkit entitlement." UserInfo={NSLocalizedDescription=Missing com.apple.developer.healthkit entitlement.}
Except I have the healthkit entitlement in my app id already. If I add the "healthkit" entery under the "Required device capabilities" section of my .plist, then this error goes away and I get the desired results. But this is not a solution for me because then I can't install the app on an iPad.
My question is, how can I support a universal app where the iPhone version can make a successful call to HKHealthStore.preferredUnitsForQuantityTypes?
EDIT
Here is what my .entitlements file looks like:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.developer.healthkit</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>group.com.mycompany.myapp</string>
</array>
</dict>
</plist>
I found out what was happening here. There was a threading issue between when the HKHealthStore was requesting access to health types and requesting the preferred units. I'm not sure why the .plist entry fixes this issue... but moving the preferred units request into the completion block of the HKHealthStore's requesting access method fixed the issue.
I need to create an iOS .xarchive file using a developer profile, that a client can resign using their distribution profile(s).
(I have read this but it didn't have any real solutions: How can I send iOS app to client, for them to code-sign)
The client doesn't want to share their private keys, nor give me access above 'Developer' in the member center. And we don't want to share our source code.
We need to support push notifications, so this means we need a fully qualified app id.
I cannot figure out a way that allows me to build and export an .xarchive signed with 'aps production', 'get-task-allow' as false, BUT ALSO using the certificate that matches the clients distribution certificate.
This feels like a bug in Xcode, shouldn't the changes to 'aps production' and 'get-task-allow' be tied to the configuration, not the type of provisioning profile? I am using 'Release', but with my developer profile.
Am I missing something, or is this just not possible?
I figured out the answer to this question through trial and error. Even though tech notes and most web resources say you don't need an entitlements.plist if you are using XCode4+, there are certain cases where you do. Two cases are represented by my question above:
building Release configuration (i.e.: Archive), but signing with a Developer provisioning profile
using push notifications
My final custom entitlements.plist has 3 values:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>get-task-allow</key>
<false/>
<key>aps-environment</key>
<string>production</string>
<key>keychain-access-groups</key>
<array>
<string>L23874DF.com.your.appid</string>
</array>
</dict>
</plist>
Once I had that in my entitlements.plist, I built with the developer provisioning profile for this app id. Then I archived it, and exported the archive from the organizer. Once exported, I sent it to my client. The client was able to resign the archive with an ad hoc profile, and send me back an IPA file, which I loaded onto my device. I also successfully received a push notification from Urban Airship to this IPA!