Friday, February 9, 2018

Distributing/Pushing/Sending Apps in an Enterprise

You might have reached this post because you are looking to find how you can push your iOS App to your internal users without going through App store.

Here are few things that might help your search better:

1) By default, Apple restricts installing Apps that are not from authenticated Developers. You can jailbreak your device to work around this restriction.  This is not an easy option or a preferred way because your device is now highly vulnerable to malicious apps.
 So the first step is to sign your App with a valid Apple Developer Certificate. You can only get a Developer certificate if you enroll in the Apple Developer program which is $99 per year.

2) Okay, now you have an App that is signed by a genuine Developer certificate and ready to push the app to your user's device.(if you are wondering how can you send, that's a different topic). Let's say you have shared the IPA file to your user will not be able to install it. This is because Apple again has a restriction on the Apps that can be installed if you App is not on the App Store.  Yes, even if it signed by a genuine Developer certificate.

This is where a Provisioning profile comes into the picture, a provisioning profile is a file that is included in the IPA, that tells the device if this App can be installed on the device.

There are 3 ways to push the signed App to your users.

1) Ad-Hoc profile. This is meant to distribute apps to known users. Here are the steps
    i) The users have to share their UDIDs with you. Apple recommended way is to connect your device to iTunes on your Mac/PC and get the UDID by clicking on the device details. But other than developers, who are buying laptops nowadays, google for other options to get your user's UDID.

     ii) Register the user's device on the Apple Developer portal.

     iii) Create an ad-hoc distribution profile. While creating the profile, you will get an option to include the devices in the profile, select the user's device to include in the profile.

    iv) Once the profile has been created, download that to your Mac/PC. 
     v) When doing the Build, use the downloaded provisioning profile to sign the App.
     vi)  The IPA generated from this step should get installed on your user's device without any issue.

2)  In-House/Enterprise users:  You are looking to push the App to a large number of users or users who are not willing to share their UDID with you. (  you know Enterprise users...)

    For this scenario, what you need is to create a provisioning profile for "in-house" distribution.  When you create an "in-house" profile, you don't have to explicitly mention the device id.

But this option is only available if you are part of Apple Enterprise Developer program, which costs $299 per year and you can only subscribe for your organization and you can buy this as an individual. Apple does a verification of the account and your account will be activated only if it clears all the approval process. It may take 4-5 business days.

3) Using MDM (Mobile Device Management tools)

    MDM software is meant to help you with installing the apps outside of the app store. Other than app installation, they do a lot more, like restricting the device features, remote wipe etc.

You can sign-up for a cloud MDM software and try to push your Apps through MDM.  The MDM vendor will provide specific instructions on how to sign the App for distribution through MDM.

I am not a professional writer, excuse my writing style. My intent is to share what I know so that your bad day might turn into a great day.

No comments:

Post a Comment