iOS (MAM) - Steps to activate SCA in your Azure Tenant

This guide shows you all required steps to onboard SCA in your environment. This configuration uses SCA with Mobile Application Management (MAM) within Microsoft Intune. Our App can be downloaded from the App Store directly and installed on any iOS/iPadOS device. The moment a user connects with the AAD-account, Conditional Access enforces our App to require an App Protection Policy for the SCA.


For this Quick Guide, the AAD-Role “Global Administrator” or a comparable Administrator role in Microsoft Intune is required, depending on your RBAC-Concept.

You need an Azure-User with a proper license assigned. The test-device for SCA should have the latest OS-version and Microsoft Authenticator installed.

You need additionally an Azure-Security Group with your test user as Member.

Register Enterprise App with your tenant-ID from our website.

Create an App Protection Policy or add SCA to existing policy.

Create a Conditional Access Policy for SCA.

Create an App Configuration Policy for licensing.

Test the Onboarding of SCA with your device and Azure account.

Find a list of additional supported Datasource for contacts in this section.

In this Guide you can also find the Features of SCA and the difference in between Standard vs. Enterprise Editon.

In case you have further questions see our Frequently Asked Questions (FAQ). Your question is missing in the FAQ? Do not hesitate to contact us!

Last updated