LogoLogo
Provectus Technologies GmbH
  • Introduction
    • Secure Contacts App (SCA) - Safe & GDPR Compliant
    • Technical / Security Overview
    • Editions
    • Requirements
  • Quickstart Guide
    • iOS (MAM) - Steps to activate SCA in your Entra Tenant
      • Step 1 -MAM- Register Enterprise App
      • Step 2 -MAM- Add App Protection Policy
      • Step 3 -MAM- Add Conditional Access Policy
      • Step 4 -MAM- Add App Configuration Policy
    • iOS (Intune Managed Device) - Steps to activate SCA in your Entra Tenant
      • Step 1 -MDM- Register Enterprise App
      • Step 2 -MDM- Add App Protection Policy
      • Step 3 -MDM- Add Conditional Access Policy
      • Step 4 -MDM- Add App Configuration Policy
    • Android (Android Enterprise) - Steps to activate SCA in your Entra Tenant
      • Step 1 -AE- Register Enterprise App
      • Step 2 -AE- Add App Configuration Policy
    • Android (aMAM) - Steps to activate SCA in your Entra Tenant
      • Step 1 -aMAM- Register Enterprise App
      • Step 2 -aMAM- Add App Configuration Policy
      • Step 3 -aMAM- Add App Protection Policy
      • Step 4 -aMAM- Add Conditional Access Policy
    • Additional Datasource for SCA
    • Best-Practice Guide for SCA
  • Enduser guide
    • iOS - Onboarding SCA
    • iOS - activate Caller Identification
    • iOS - Userguide
    • iOS - App Manual
      • Contacts page
      • Contacts Sync
      • Contact information
      • Contact settings menu
      • Side menu
      • Logviewer
      • Help menu
      • vCard
    • Android Enterprise - Userguide
  • Documentation
    • Authentication
      • Enterprise Application
      • Conditional Access
        • CA with SCA - Require Complaint Device
        • SCA with CA - Require App Protection Policy
    • Deployment SCA
      • iOS - App Installation
      • Android - App Installation
      • App Configuration
        • iOS - MobileDeviceManagement (MDM) protocol
        • Android - App Restrictions
        • AppConfigurationPolicies
          • iOS - App Configuration Policies - MAM Integration in Microsoft Intune
          • Android - App Configuration Policies - MDM Integration in Microsoft Intune
      • App Protection Policy - Integration in Microsoft Intune
        • APP - unmanaged Devices
        • APP - managed Devices
        • Requirement - Open phone-settings
        • Requirement - Open Maps app
        • Requirement - Open GoogleMaps app
        • Requirement - Open WebExTeams
        • Requirement - Open WhatsApp
        • Requirement - Open Facetime
        • Requirement - Open email-link from SCA in Outlook
      • Deployment for your Devices in Intune
        • Deployment iOS - MAM-WE - APP only
        • Deployment iOS MDM - Managed & Complaint Device
        • Deployment iOS MDM - Managed Device & APP
        • Deployment Android MDM - Managed Device
    • App Configuration Policy -Name/Values for SCA
      • SCA Configuration - SecContacts.Defaults
      • SCA Configuration - SecContacts.Licenses
      • SCA Configuration - AAD filters
      • SCA Configuration - AAD groups
      • SCA Configuration - Connect additional Datasource
      • SCA Configuration - Custom Datasource Names
      • SCA Configuration - CI Customization
    • Data Sources
      • AAD - Azure Active Directory
      • GAL - Global Address List
      • APC - Personal Outlook Contacts
      • D365 - Dynamics 365
      • DVRS - Dataverse
      • ABS - Azure Blob Storage
      • SMC - Shared Mailbox Contacts
    • Valid phone numbers for SCA
    • iOS and Android version of SCA in comparison
  • Additional Information
    • Troubleshooting
    • Frequently Asked Questions (FAQ)
    • Phone number handling defaults changed in release v2.0.19
    • Links
    • Product Page - Secure Contacts App
Powered by GitBook
On this page
  • App Configuration Policy
  • App Protection Policy
  • Conditional Access Policy

Was this helpful?

  1. Documentation
  2. Deployment SCA
  3. Deployment for your Devices in Intune

Deployment iOS MDM - Managed Device & APP

Last updated 1 year ago

Was this helpful?

Implement SCA for your devices managed with Microsoft Endpoint Manager. Our App can be deployed automatically as iOS Store App or Volume Purchase Program App.

App Configuration Policy

It is mandatory to configure an App Configuration Policy for SCA to your managed devices

  1. Login to Endpoint Manager with your Admin-Account

  2. Go to Apps → App configuration policies or follow this link:

  3. Click on Add -> Managed devices

  4. Enter a Name for App configuration policy e.g. “Secure Contacts App Configuration Managed”

  5. Add “Secure Contacts” by clicking Targeted app - Select app (1) and search for “Secure Contacts” and select the app (2) and click on OK (3)

  6. Click on Next

  7. In the Settings pane, choose for Configuration settings format - Use configuration designer

  8. A full list of all configuration values can be found in the documentation:

  9. Click on Next

  10. Add group at Included groups in the Assignments-pane, choose your SCA test-group with Select.

  11. Click on Next after adding SCA test-group

  12. In the Review + create pane click on Create

App Protection Policy

You can add SCA to your existing App Protection Policies or add a new one for testing.

  1. Click on Create policy and select iOS/iPadOS

  2. Enter a Name for your Policy e.g. “Secure Contacts App Protection Policy Managed”

  3. Click Next

  4. In the Apps pane, change Target to apps on all device types to No

  5. Select the box Managed for Device types

  6. Click on + Select public apps and search for “Secure Contacts”

  7. Select the app and confirm with Select

  8. Click Next on the Apps pane

  9. Please proceed configuring App Protection Policies as recommended by Microsoft

  10. Finish the setup by clicking on Create

Conditional Access Policy

  1. Click on New policy to create a new Conditional Access policy

  2. Enter a Name for the Policy e.g. “Secure Contacts Conditional Access Policy”

  3. Go to Users or workload identities in Assignments

  4. Go to Cloud apps or actions in Assignments

  5. Set mandatory Conditions for your environment e.g. tick as a Condition for Client apps the value Mobile apps and desktop clients

  6. Go to Grant in the Access controls pane

  7. Set Require app protection policy

  8. Set Enable Policy to On

  9. Click on Create

According to Microsoft, it is mandatory to target Office 365 and Secure Contacts as Cloud App in your Conditional Access Policy in order to correctly implement SCA. It is required to add Office 365 as Cloud App, because our Enterprise Application (Provectus - Secure Contacts) is using these data sources.

Go to and login with your credentials

Go to Endpoint security → Conditional access or follow this link:

Include your SCA-Testgroup to Users and Groups

Include as Cloud Apps the apps Office 365 and Secure Contacts

App protection policies - Microsoft Endpoint Manager admin center
Conditional Access - Microsoft Endpoint Manager admin center
App configuration policies - Microsoft Endpoint Manager admin center
AppConfigurationPolicy Name-Values for SCA