iOS (MAM) - Steps to activate SCA in your Azure Tenant

This guide shows you all required steps to onboard SCA in your environment.
This configuration uses SCA with Mobile Application Management (MAM) within Microsoft Intune.

Our App can be downloaded from the App Store directly and installed on any iOS/iPadOS device.
The moment a user connects with the AAD-account, Conditional Access enforces our App to require an App Protection Policy for the SCA.
Preconditions
For this Quick Guide, the AAD-Role “Global Administrator” or a comparable Administrator role in Microsoft Intune is required, depending on your RBAC-Concept.
You need an Azure-User with a proper license assigned. The test-device for SCA should have the latest OS-version and Microsoft Authenticator installed.
You need additionally an Azure-Security Group with your test user as Member.
​
​Step 1 - Register Enterprise App​
Register Enterprise App with your tenant-ID from our website.
​Step 2 - Add App Protection Policy​
Create an App Protection Policy or add SCA to existing policy.
​Step 3 - Add Conditional Access Policy​
Create a Conditional Access Policy for SCA.
​Step 4 - Add App Configuration Policy​
Create an App Configuration Policy for licensing.
​Step 5 - Onboarding Test device​
Test the Onboarding of SCA with your device and Azure account.
​Optional Step - Connect DataSource​
Find a list of additional supported Datasource for contacts in this section.
In this Guide you can also find the Features of SCA and the difference 
in between Standard vs. Enterprise Editon.
​
In case you have further questions see our Frequently Asked Questions (FAQ).
Your question is missing in the FAQ? Do not hesitate to contact us!
​
Last modified 16d ago