How to deploy apps in the Mobile Security Portal using the Apple Volume Puchase Program (VPP)
Last adaptation to the version: 1.25 (04.2024)
This article refers to a Resellerpreview
-
Requirements
- To use the Apple Volume Purchase Program, a link between the Securepoint Mobile Security Portal and Apple [MS/Enrollment-iOS-DEP Device Enrollment Program (DEP)] is required.
- To deploy apps via VPP, the Securepoint Mobile Security account must be linked to the Apple Volume Purchase Program.
Connect to the VPP (Volume Purchase Program)
The connection is done in three steps at in section Apple VPP / Apple business Manager / Apple Schoolmanager with button Add resp. Update
- Download the Apple Push certificate (*.pem file)
- Upload this certificate in the [business.apple.com Apple Business Manager] or [school.apple.com Apple School Manager]
This is only required once per location. - Download the vpp token in the Apple Business Manager or Apple School Manager:
- Klick on Username in the corner down left
- Menü
Settings - Payments and Billing
- Tab Apps and Books / Section Server-Tokens
Choose Token and Download
- Download the *.vpptoken file in the Securepoint Unified Security Portal under
in the section Upload Apple VPP / Apple Business Manager / Apple School Manager
using the buttons Add or Update / Upload Token.
Finish with Done
notempty
VPP tokens expire annually and must therefore be renewed regularly
Note for invalid VPP token:Troubleshooting
If the VPP token becomes invalid before one year has elapsed, this may be due to the following reasons:The account of the ABM user who created the token is locked or deleted The ABM user who created the token has changed his password .In this case, the VPP token must be renewed with a valid account.
If the VPP token becomes invalid before one year has elapsed, this may be due to the following reasons:
Deploying an App in Apple Busines Manager
- The apps are purchased in the Apple Business Manager or Apple School Manager in the menu content / apps and books.
- Afterwards they are available with the purchased number of licenses in the new menu .
- The free apps must first be "purchased" in the Apple Business Manager / Apple School Manager (at a price of € 0,-)
- in order to allocate the (free) licenses to the devices
- and then install the apps.
Overview of the app administration
The Apple VPP licenses overview lists all apps purchased or licensed by Apple busines Manager and can be assigned to devices.
General Options
| Sort by name | |
| Sort ascending/descending | |
| Search bar | |
| Assigning licenses | Assign multiple licenses simultaneously |
| Show / hide details: For a lot of apps, it can be helpful to hide the display of the most important details. | |
| / | Switch between lists and grid view. |
| Refresh the display |
Details shown in the app tile:
| Available licenses: |
Number of free, still available and total number of licenses |
| Pricing: | Apples price type: STDQ (Standard Quality) or PLUS (High Quality) Description from Apple about this: The quality of a product in the iTunes Store. If a pricing parameter is specified, only records with that parameter are included in the results. Possible values are: |
The app description and a manual license assignment can be accessed by clicking on the respective license tile (see below)
Assign multiple licenses simultaneously
Assign license
Opens the dialog to assign multiple VPP licenses to multiple devices simultaneously
| Caption | Value | Description |  |
|---|---|---|---|
| Devices | iPhone | A drop-down menu opens in the click box from which the desired devices can be selected. | |
| Managed Apple IDs | Homers (homers@ttt-point.de) | A drop-down menu opens in the click box, from which the desired Apple IDs can be selected. | |
| VPP licenses | VPN-Client | A drop-down menu opens in the click box from which the desired app licenses can be selected. | |
To install the apps on the respective devices, they have to be assigned via the menu or via a !
More app information
To get more information about an app, you can click on the tile of the respective app. Then there are the tabs Description and }License assignment.
App-Description
Description
The app developer's details from the appstore will be displayed here. (Securepoint has no control over the content)
License assignment
License assignment
Available devices or users can be assigned to this app license in the click boxes.
Installation of an app or web clip
After these preparations, the app or web clip can be installed under button Add app.
| App | |||
| Caption | Selection | Description |  |
|---|---|---|---|
| Source | iTunes Store ID | iTunes Store ID 1436024470 Example for the Securepoint VPN Client | |
| or Identifier | de.securepoint.ms.agent Example for the Securepoint VPN Client | ||
| or Manifest URL | URL that can be used to download the app without the app store. | ||
| Take over management | Activation is necessary to delete the app remotely. | ||
| Purchase Method | |||
| Legacy Volume Purchase Program | (Not recommended!) To use, if an existing VPP should not yet have been upgraded to the Apple Business Manager or Apple School Manager. | ||
| Volume Purchase Program App Assignment | Required to install apps without device users being logged into the App Store. | ||
| Management-flags | Both disabled | Application data is included in the icloud backup. App remains on the device when the profile is deleted | |
| Delete app if the MDM profile has been deleted | Deletes the app from the device when the profile is deleted. Application data is included in iCloud backup | ||
| Prevent backup of the app data | Prevents application data from being included in the iCloud back. App remains on the device if the profile is deleted. | ||
| Both enabled | Prevents the app data from being included in the iCloud back. Deletes the app from the device when the profile is deleted. | ||
| Devices | Add device | The app is assigned to these devices | |
| User | » Add user | The app is assigned to all devices from these users | |
| roles | »Add roles | The app is assigned to all devices by all users with these roles | |
| Tags | »Add tags | The app is assigned to all devices with these tags | |
| Comment | Comment | Description of the app | |
Web clip | |||
| URL | https://wiki.securepoint.de https://203.0.113.203 New as of 02.2023 |
The Web clip URL. The IP address can also be entered. |  |
| Name | Securepoint Wiki | Freely selectable name that is displayed in the portal | |
| Label | SP Wiki | The name of the we clip as it appears on the device's home screen. | |
| Icon | Choose image | Icon on the display of the device:
| |
| Removable | Determines whether the user can remove this web clip or not. | ||
| Full screen | When active, the web clip is launched as a full-screen web app. | ||
| Ignore Manifest Scope | When active, a full screen web clip can navigate to an external website without displaying the Safari user interface. Otherwise, the Safari UI is displayed when you navigate away from the URL of the web clip. Has no effect if full screen is disabled. | ||
| Pre-composed | When active, prevents the SpringBoard from adding "shine" to the icon. | ||
| Devices | Add device | The app is assigned to these devices | |
| User | » Add user | The app is assigned to all devices from these users | |
| roles | »Add roles | The app is assigned to all devices by all users with these roles | |
| Tags | »Add tags | The app is assigned to all devices with these tags | |
| Comment | Comment | Description of the app | |
| Save | Saves the information and transmits the app immediately to the devices | ||