How to connect Intune MDM connect to Apple Business Manager and Public Store

This guide explains how to use the Microsoft Intune MDM to Intune connect to Apple Business Managed Apps, as well as AppStore Public applications, and deploy both for your company employees.

Before you start with the Apple Business Manager, make sure that your company was provided with access to the enterprise app, as explained here

Enroll the devices (Apple MDM Push certificate already set before)
Choose Apple Environment on the left menu
Choose Enrollment program tokens
You will see the list of program tokens, if available
Click + Add at the top left menu
A new enrolment plan will open as seen below
Accept the selection of the I agree checkbox to Grant permission and Add the program token:
Download your public key
Choose to use the Apple Business Manager
This will open a new window of the Apple Business console
In this window, choose to add MDM Server – by clicking on the Add on the right
It will open a new window in the Business Manager
Set a name to your MDM server in
Confirm the checkbox selection default:
Add public key that you previously downloaded (in step 7) by clicking on
After the Server is created, open it, and download the Token by clicking Download Token.
Go Back to MDM tab in Intune, and enter your Apple ID (the email address that you used to register to your apple manager account). You should be back at the page below:
Now add your Apple ID in
And then upload your Apple token file to the section below

(The file that you are uploading is the file that you downloaded in step 15 above)
Set Profile in Enrollment tokens, in the window below:
In the left side menu, click Menu > Profiles to display:
Click Create profile
Set all desired options or/and choose a default profile
Once the new profile is created, navigate to Tenant admin window
In the menu on the left, select Connectors and tokens.
In the newly displayed window, select Connectors and tokens VPP
Then choose Apple VPP Tokens
Create a new VPP token name
Open Apple Business Manager in a separate window/tab
In the new tab, go to Apple business > Apps & Books > Download token
Go back to the VPP token tab, as seen in step 25, and enter the missing information in

Specify the Token Name as TeleMessage TM SGNL
In the Apple ID enter your manager’s email ID used to sign into the Apple business manager
And upload the VPP token that you downloaded in step 27. To the MDM
Continue to the next step, and set the Settings > Add scope tags > click Create to finish.
Go back to the Apple Business manager tab.
Navigate to the MDM Server created. As seen in the image below.
Click the blue MDM Server Assignment on the left:
On the dropdown menu on the right, choose the MDM server that you created.

To all the device types that you intend to manage (iPhone, or additional devices)
And click on Done
Go back to the main Intune MDM interface.

and select Apps, opening a page with all your apps overview
Choose All Apps, or iOS/iPadOS apps in the middle left menu.
Now enroll devices from MDM and assign to desired app from Apple Business, in the screenshot below:
Choose the iOS/iPadOS apps you are interested to add to your organization from the list on the right (image above)
The specific app you choose will be opened, so you can change their properties.

Note: Provide the proper assignments to the apps.
In the window below click Assignments > Edit
This will open the assignment window, and provide the required assignments:

Important: Before this stage, you should already create your users, groups or devices, because you are now going to assign the app permissions to the selected.
Click ssigning the required permissions to your group as seen below:
After we assigned the information to the group, click Review + save, as seen below:
The Purchased app(s) will appear in a list as iOS volume purchase program app
Go to All apps > iOS apps > Search for desired purchased app and assign it to device /Group
The purchased application(s) you selected, will be deployed on the devices in about 15 minutes, and your employees can start using those.

Good luck with enrolment!

For more information, please watch this video.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Products

About

RESOURCES

Developer APIs & Docs

Contact Us

FIND US HERE

Solutions

Verticals

Blog

Customers