APP - managed Devices
Implement SCA for your devices managed with Microsoft Endpoint Manager. Our App can be deployed automatically as iOS Store App or Volume Purchase Program App.
SCA support the core Intune App Protection Policy settings and is capable of supporting advanced App Protection Policy and App Configuration Policy settings. The moment a user connects with the AAD-account Access control via Azure AD, Conditional Access enforces our App to require an App Protection Policy for the SCA.
- Add Secure Contacts to App Protection Policies for managed Devices
- Configure the setting for Send org data to other apps at least with the restrictive option e.g. Policy managed apps in the Data protection-pane for App Protection Policies.
- Add for the setting “Select apps to exempt” the following Name/Value
This option is needed for SCA to open phone-settings on the iOS/iPadOS device.
Proceed with the other settings according to your best practice for App Protection Policy
For more information about App Protection policies, you can check Microsoft Docs. App protection policies overview - Microsoft Intune | Microsoft Docs