# Step 2 -iMAM- Add App Protection Policy

SCA supports the core Intune App Protection Policy settings and is capable of supporting advanced App Protection Policy and App Configuration Policy settings.

{% hint style="success" %}
For more information about App Protection policies, you can check out Microsoft Docs.\
[App protection policies overview | Microsoft Docs](https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy)
{% endhint %}

\
2.1 - Create an App Protection Policy in Microsoft Intune.

2.2 - Add Secure Contacts to App Protection Policies

2.3 - Configure the setting for *Send org data to other apps at least* with the restrictive option e.g.\
\&#xNAN;*Policy managed apps* in the *Data protection-*&#x70;ane for App Protection Policies.

<figure><img src="/files/FMo2f2luNiqa0BUOHent" alt=""><figcaption></figcaption></figure>

2.4 - Add for the setting “Select apps to exempt” the following Name/Value

| **Name**  | **Value**   |
| --------- | ----------- |
| `Default` | `app-prefs` |

{% hint style="info" %}
This option is needed for SCA to open phone-settings on your iOS/iPadOS device.
{% endhint %}

\
Proceed with the any other setting in this policy according to your best practice for App Protection Policies and assign the test group to this policy.

After you created the App Protection Policies and configured them in Endpoint Manager,\
in the next step, you need to enforce this policy with Conditional Access.

{% hint style="success" %}
If you have any questions regards the implementation of App Protection Policies, \
do not hesitate to [contact us](https://secure-contacts.com/en/kontakt-beratung/) for support.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.secure-contacts.com/quickstart-guide/ios-mam-steps-to-activate-sca-in-your-azure-tenant/step-2-add-app-protection-policy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.