# iOS - MobileDeviceManagement (MDM) protocol SCA uses a standard protocol, the [Mobile Device Management (MDM) protocol](https://developer.apple.com/business/documentation/MDM-Protocol-Reference.pdf) from Apple. \ You can use any EMM provider for our app (e.g. Microsoft Intune, MobileIron, Jamf, Airwatch, XenMobile...).\ \ To cause the device to poll the MDM server for commands, the MDM server sends a notification through the APNS gateway to the device. This message gets sent via the push notification service. Configuring the user UPN setting is **required** for devices that are managed by Intune or a third-party EMM solution to identify the enrolled user account for the sending *policy managed app* when transferring data to an iOS managed app. The UPN configuration works with the app protection policies you deploy from Intune.
### How to manage data transfer between SCA and iOS Apps In case you have managed Devices in Intune (not MAM-WE), it is mandatory to use the IntuneMAMUPN ConfigurationKey in App Configuration Policy for Intune, for App Protection Policy. The exact syntax of the key/value pair for SCA may differ based on your third-party MDM provider. The following table shows examples of third-party MDM providers and the exact values you should enter for the key/value pair.

Third-party MDM provider	Configuration Key	Value Type	Configuration Value
Microsoft Intune	IntuneMAMUPN	String	{{userprincipalname}}
Microsoft Intune	IntuneMAMOID	String	{{userid}}
VMware AirWatch	IntuneMAMUPN	String	{UserPrincipalName}
MobileIron	IntuneMAMUPN	String	${userUPN} or ${userEmailAddress}
Citrix Endpoint Management	IntuneMAMUPN	String	${user.userprincipalname}
ManageEngine Mobile Device Manager	IntuneMAMUPN	String	%upn%

{% hint style="info" %} For more information about [How to manage data transfer between iOS apps in Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/apps/data-transfer-between-apps-manage-ios) {% endhint %}