Appian Mobile provides two ways to protect business data on your users' mobile devices:
Mobile application management (MAM) in Intune is designed to protect corporate data at the application level, through app protection policies. MAM through Intune can be used both on company-owned devices and personal devices.
In order to use these Microsoft Intune MAM capabilities with Appian Mobile, users must download the Appian for Intune app and enroll it with Microsoft Intune.
Note: Appian for Intune supports app-based Conditional Access starting in version 23.4 of the app. If app-based Conditional Access policies are enabled, ensure users are on at least version 23.4 of the Appian for Intune App.
The Microsoft Endpoint Manager admin center is where you can find the Microsoft Intune service, as well as other device management related settings.
To configure Appian Mobile for your organization, sign into Microsoft Endpoint Manager admin center and follow the steps listed here.
To add the Appian for Intune app:
com.appian.tempo.intune.com.appian.android.intune.Once the app has been added, you can enforce Intune app protection policies to manage and protect your organization's data.
The AppConfig Community is a collection of industry leading EMM solution providers and app developers that have come together to make it easier for developers and customers to drive mobile adoption in business. The community's mission is to streamline the adoption and deployment of mobile enterprise applications by providing a standard approach to app configuration and management, building upon the extensive security and configuration frameworks available in the mobile operating systems.
EMM Administrators can set the following configurations for the Appian Mobile application directly through the EMM provider:
The following additional custom configurations can be enabled for the Appian Mobile application:
| Configuration | Description | Key | Type | Default Value |
|---|---|---|---|---|
| Suggested Servers | A list of servers presented to the mobile user to select from when creating a new account. | suggestedServers |
String (comma separated value of server addresses) | {} (No servers presented to the user) |
| Prevent Copy Paste (iOS) | Disables the ability to copy from, or paste into any fields in the application. Note: This property only applies to iOS. Copy and paste operations on Android are automatically restricted to applications in the work profile. |
copyPasteProtection |
Boolean | False (Copy-paste is allowed by default) |
| Open Custom Camera App | The name of an intent for a custom camera app. Use this if you want the Appian Mobile app on Android devices to open a custom camera app instead of the default camera app. | openCustomCameraApp |
String | {} (No intent specified) |
| Prompt for Passcode on Launch | Forces users to provide a user-defined passcode every time they launch the app. | promptPasscodeOnLaunch |
Boolean | FALSE |
| Prompt for Passcode on Idle | Forces users to provide a user-defined passcode when application has been backgrounded for greater than the specified time (in minutes) and on every launch. | promptPasscodeOnIdleTimeout |
Int | -1 (Don't prompt for passcode when application is backgrounded) |
| Shared Device | Indicates if the mobile device is shared among multiple users. When enabled, Appian includes a ForceAuthn parameter on the request to the SAML provider. This informs the SAML provider that it should reauthenticate the user, regardless of whether or not they are remembered. Only affects remember me that is configured directly with the SAML identity provider; does not affect remember me configured in Appian. |
isDeviceShared |
Boolean | False |
| Enable Client Certificate Access | Enables an option on the accounts screen that allows users to import a certificate into the mobile app. The certificate is used to ensure secure access to the server from authorized clients. On iOS, the certificate can be imported from any application that acts as a Document Provider. On Android, the certificate can only be imported from the device's trusted credential store. |
enableClientCertificates |
Boolean | False |
| Default Browser | Specifies the browser to be used exclusively by the mobile app (during authentication and for opening links to external web pages). Note: Authentication and links are blocked if the specified browser is not found on the device. To allow the MDM browser to redirect to Appian (during authentication), you need to specify the following URL schemes in your MDM console: - appianauth- com.appian.tempo and- appianauth-standard |
defaultBrowser |
String (from the following list) - access - airwatch - citrix - maas360 - mobileiron - edge |
{} (No browser specified. Defaults to using Safari on iOS, and Chrome on Android) |
These configuration keys are defined in the EMM Admin Console and are normally stored as part of a profile assigned to the application. The EMM Admin has the ability to update the configurations over the air at any point without requiring the application to be reinstalled.
This section explains how to enable the following custom configurations on the Appian mobile application through the BlackBerry Unified Endpoint Management (UEM) console:
Refer to the documentation of your EMM provider for further instructions if needed.
Select the Appian iOS application from your BlackBerry UEM console.
Scroll to the bottom of the Settings tab. There should be a section for App Configuration. This is where you can specify the custom configurations you want to enable for the application.
Click on the + icon and choose the option to Configure manually.
Specify a name for the App Configuration. Click on the + icon and select option String.
Click on the + icon and select option Boolean. Set the key to promptPasscodeOnLaunch. Set the value to be true. Once you are done configuring these properties the configuration should look as shown below.
Save the configuration with the application. You can then assign the application along with the configuration to your users.
These configurations take effect after the Appian mobile application is pushed to the device. Any updates to these configurations will be automatically applied when the application is relaunched.
Select the + icon from under App Configuration section when adding the application to your BlackBerry UEM console.
Check the option Prompt Passcode on Launch Enabled. Once you are done configuring these properties the configuration should look as shown below.
You can then assign the application along with the configuration to your users.
These configurations take effect after the Appian mobile application is pushed to the device. Any updates to these configurations will be automatically applied when the application is relaunched.
The Appian Mobile application can be configured and managed through any of the EMM vendors that comply with the AppConfig standards.
Appian for Enterprise Mobility Management (EMM)
