Provectus Software GmbH

iOS Contact Provider (CPE)

aka share contacts with iOS

What is the iOS Contact Provider?

The Contact Provider Extension (CPE) allows an iOS app to make its own contacts from a proprietary data source (e.g. a corporate or CRM system) available system-wide in the native iOS Contacts app.

Features:

  • The provided contacts appear in the native iOS address book but are not physically stored there.

  • They are not copied into the native address book and are therefore:

    • Not part of iCloud backups

    • Read-only

  • The contacts are made available temporarily based on a contractual or provisioning model.

  • In the iOS Contacts app, they appear as a separate managed list under Contacts > Lists.

  • All apps that have access to the iOS address book can interact with these contacts as if they were stored locally (e.g. Siri, CarPlay, etc.).

  • When the app is uninstalled, the provided contacts are automatically removed.

CPE in SCA 3.0

The Contact Provider Extension (CPE) functionality in Secure Contacts App (SCA) 3.0 is controlled through three primary App Configuration settings. These allow administrators to define if and which SCA data sources are allowed to be shared with iOS, and whether users are allowed to customize that selection.

CPE_Enabled : Enables or disables the CPE functionality entirely. If set to "true", contacts from specified SCA data sources can be made system-wide available in iOS via the CPE. Default value: "false"

CPEDataSources_Option : Defines which SCA data sources may be shared with iOS through the CPE. This is a comma-separated list of SCA source IDs (e.g. "AAD,APC,GAL"). Default value: "APC"

CPEDataSources_Enabled : Specifies whether users can select the available SCA data sources themselves. If set to "true", users will see an option within the app to choose sources. If set to "false", the selection is locked and a predefined configuration is enforced. Default value: "false"

By default, the CPE functionality in SCA is disabled (CPE_Enabled = "false"), and only APC is configured as the available data source (CPEDataSources_Option = "APC").

Enabling the CPE in SCA

  1. To use the Contact Provider Extension (CPE) in the Secure Contacts App (SCA), the administrator must first include and configure the relevant App Configuration settings in the App Configuration policy. Only then will the CPE-related options become visible within the app.

  2. The actual activation of CPE on the end device must then be performed by the user within the app itself, as automatic activation through policy is not possible.

AppConfig used for this screenshot: CPE_Enabled = "true" und CPEDataSources_Option = "AAD,APC"

By enabling the CPE functionality, your contacts will leave the protected environment of SCA. This could allow other apps to access your contacts outside of SCA, which may put your data at risk.

Granular Control Over Shared Contact Information

Administrators can use additional AppConfig parameters to define precisely which specific contact details are allowed to be shared with iOS. These parameters allow the data sharing settings to be tailored to meet internal company privacy policies. For example, it's possible to define whether information such as email addresses, phone numbers, or organizational details are exposed.

Available AppConfig Parameters:

  • CPECompany_Enabled: Defines whether a contact's company name can be shared with iOS. Default value: "true"

  • CPEJobtitle_Enabled: Defines whether a contact's job title can be shared with iOS. Default value: "true"

  • CPEDepartment_Enabled: Defines whether a contact's department name can be shared with iOS. Default value: "true"

  • CPEAddresses_Enabled: Defines whether a contact's address(es) can be shared with iOS. Default value: "true"

  • CPEPhonenumbers_Enabled: Defines whether a contact's phone number(s) can be shared with iOS. Default value: "true"

  • CPEEmailaddresses_Enabled: Defines whether a contact's email address(es) can be shared with iOS. Default value: "true"

Comparison: Contact Provider (CPE) vs. Traditional SCA Caller ID (CDE)

While the Contact Provider Extension (CPE) offers deep iOS integration, it does not fully replace the traditional Caller ID functionality via Call Directory Extension (CDE) in SCA.

Key Differences and Limitations of CPE

  • Limited data source access: Depending on configuration, CPE may only access a subset of SCA’s available contact sources.

  • Performance impact with large datasets: CPE can handle over 10,000 contacts, but this significantly strains the iOS Contacts app. Tested successfully with more than 20,000 entries.

  • No call blocking support: Call blocking is only available through the CDE.

  • CPE contacts cannot be blocked and are not affected by Vacation Mode.

  • Different incoming call UI (compared to CDE):

    • Displays First and Last Name in large font (but no phone number).

    • Company name appears above the name in smaller font.

    • The contact image shows the SCA logo by default to clearly indicate that the contact is provided by SCA. Unlike the traditional SCA Caller ID, this information isn’t displayed through CPE.

Left hand side: CDE - Right hand side: CPE

Traditional SCA Caller ID via Call Directory Extension (CDE)

  • Phone number displayed at the top.

  • Scrolling banner text below, format:

    • {first name last name, company name}.

    • The display format is defined by iOS and cannot be changed.

    • The company name can be optionally disabled via AppConfig.

  • In call history, it shows:

    • "{AppName}: {first name last name, company name}"

    • The display format is defined by iOS and cannot be changed.

Parallel Use of CPE and Traditional Caller ID (CDE)

Both features — Contact Provider Extension (CPE) and Call Directory Extension (CDE) — can be used simultaneously within the SCA app.

When both are active, contacts provided via CPE take precedence over those provided by the traditional Caller ID (CDE).

PreviousApp Config Policy - Name/Values for SCA 3.0

Last updated

Was this helpful?