# APP - unmanaged Devices

Implement SCA as [Mobile Application Management (MAM) App](https://learn.microsoft.com/en-us/mem/intune/fundamentals/deployment-guide-enrollment-mamwe) within Microsoft Endpoint Manager.\
Our App can be downloaded from the App Store directly and installed on any iOS/iPadOS device.\
The moment a user connects with the AAD-account Access control via Azure AD, Conditional Access enforces our App to require an App Protection Policy for the SCA.

SCA supports the core Intune App Protection Policy settings and is capable of supporting advanced App Protection Policy and App Configuration Policy settings.

* Add Secure Contacts to App Protection Policies for unmanaged Devices

<figure><img src="/files/1XGgCGz7Rzn89mXLgCHJ" alt=""><figcaption></figcaption></figure>

* Configure the setting for *Send org data to other apps at least* with the restrictive option e.g.\
  \&#xNAN;*Policy managed apps* in the *Data protection-*&#x70;ane for App Protection Policies.

<figure><img src="/files/ILUBnGS7g3o8rCURPtDQ" alt=""><figcaption></figcaption></figure>

* Add for the setting “Select apps to exempt” the following Name/Value

| **Name**  | **Value**   |
| --------- | ----------- |
| `Default` | `app-prefs` |

\
This option is needed for SCA to open phone-settings on the iOS/iPadOS device.

{% hint style="success" %}
Proceed with the other settings according to your best practice for App Protection Policy&#x20;
{% endhint %}

{% hint style="info" %}
For more information about App Protection policies, you can check Microsoft Docs .\
[App protection policies overview - Microsoft Intune | Microsoft Docs](https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy)
{% endhint %}

&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.secure-contacts.com/documentation/deployment-sca/app-protection-policy-ios-only-integration-in-microsoft-intune/app-unmanaged-devices.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.