Custom app distribution with Apple Business Manager
Apple Business Manager is the best way to manage and deploy business apps to your employees and customers. Whether you're a developer, business owner, or IT administrator, we'll showcase the benefits of Custom apps for each role and provide guidance on each step in the process — from app creation to distribution.
Hello, and thanks for joining. My name is Jacob. I'm a program manager for the Enterprise and Education team, and I'm here to talk with you about deploying custom apps with Apple Business Manager. Apple builds products to enrich people's lives.
This principle extends to business and education customers as well. Custom apps can make it easy for you to reach this audience and provide tools for them to be productive, engage with their employees and staff, and reach their customers.
Whether you're a developer considering custom apps, a business customer purchasing and distributing apps to your employees, or an end user who just wants to know more about the process, I'll cover the benefits of custom apps for you. When you see these icons throughout the session, I'm covering a topic of particular interest to that audience.
These three groups interact with and influence each other, so it's important to understand how all the elements fit together. This is a continual cycle, as developers add features and sell to new customers, businesses expand and offer more apps to their employees, and users transition to different roles within the organization.
First, let's do a quick review. There are multiple ways to distribute your apps to customers.
Enterprise app distribution allows for customization, but is intended only for internal deployment to your own company's employees. Historically, Enterprise app distribution was the only approved path for internal deployment. The Custom app process includes the benefits of TestFlight and App Review and is now the preferred path for internal deployments in countries where Apple Business Manager is available.
Public App distribution lets you leverage the App Store infrastructure and makes apps readily available for your customers to purchase, but this method is intended for a broad audience and doesn't allow for any customization.
We're gonna focus on custom apps, which provide you as the developer the ability to build apps with features specific to your customers while making it easier for them to purchase and deploy the apps.
Custom apps allow you the developer to distribute to a select customer or group of customers. This is essentially a private App Store, where you determine the audience who can purchase your app. It allows you to provide specific features, branding, or other customization.
Customers purchase these apps through Apple Business Manager. They are not exposed to the public App Store and only visible to the organizations you allow.
And now, we're excited to extend custom apps support to Apple School Manager customers as well. I'll refer primarily to Apple Business Manager throughout this session, but the two programs have the same support for custom apps. Everything here that applies to Apple Business Manager also applies to Apple School Manager.
If you're a third-party developer, you can build and sell these apps to customers. If you are part of a company or organizational's internal development team, you can create and distribute custom apps to your employees and staff. This extends the scope of custom apps to companies that want to develop yourselves and deploy internally. Customers purchase a custom app using Apple Business Manager or Apple School Manager. This is the same purchase flow as other volume licenses of public App Store apps. The only differences are that you as a developer explicitly allow which organizations will see your custom apps, and custom apps show up in a separate collection in Apple Business Manager.
After purchase, customers manage licenses and distribution the same as other volume-purchased apps. Connect an MDM server to Apple Business Manager for license distribution and other management tasks. This connection allows MDM to manage devices on behalf of the organization. Once the license is distributed to the device, the device downloads the custom app from the App Store infrastructure. Custom apps represent a private App Store. You authorize organizations or specific purchasers who can buy your apps, and those apps only show up for those customers.
So zooming in a bit, we're gonna focus on how this process works for the developer. There are advantages to you as a developer: private distribution of a custom-built app to the customers you specify. You can create apps with the features and functions that might not be relevant for the general public, and provide these apps exclusively to your customers.
You are able to provide custom features for your audience while leveraging the App Store infrastructure for distribution. And because your apps go through the same app review process, you get feedback from Apple and confidence that your app meets our quality standards.
You get access to App Store Connect tools for submitting your app, viewing app analytics and crash logs, and managing payment and pricing. Apple takes care of payment processing, taxes, and other overhead. And if you're currently using App Store Connect, the process for submitting apps and using these tools is already familiar to you.
Another important benefit with App Store Connect is the ability to use TestFlight for beta testing with select users. You can send invitations via e-mail or a public link and collect feedback before launching your app for general availability.
If you're developing apps for internal use, you can also distribute internally to your employees and associates. This is a big improvement because it greatly simplifies the process of getting your apps to your staff.
And because these apps come from the App Store, the distribution certificates don't expire. This is an important distinction for developers who are familiar with Enterprise distribution and the requirements to renew distribution certificates on a regular basis. With custom apps, you can focus on enhancements and features for new versions of your app, not certificate management. It all starts with inspiration. You have a great idea for a custom app, or a customer has reached out to you and wants you to modify an existing App Store app for them. Let's say this developer has a popular app called Forest Explorer for exploring parks and open spaces, and a business contacts them and wants a custom version to help their employees navigate the corporate campus and find local green spaces. We'll call this custom app Campus Explorer.
The first thing you need to do is get your team together. Enroll in developer programs if necessary. If you already have an account, great. You're ahead of the game. Use the same Organization Developer program that you do for the apps you publish to the App Store. If you're setting up a new program, be aware that you need an Organization Developer program, and this requires a DUNS number. If you charge for your app, you'll also need to provide banking information and accept the paid apps agreement. If you are an internal development team, the same rules apply.
Get added to your company's existing developer program, invite third-party contributors...
If you're the account holder or admin for your developer program and want to include external developers, grant them access to the apps they are working on and maintain control of the app submission process yourself.
Once you're enrolled, App Store Connect is where you manage aspects of your developer account, including inviting new members to your team, signing necessary agreements, providing payment information, and submitting your app.
Let's go through this together. Under Users and Access, we can see everyone associated with our developer account and their roles and app privileges.
For this project, we're going to hire a contracted developer to help with some of the work.
We're adding Lucinda Yang as a developer with access only to the Campus Explorer app. When we select invite, Lucinda will get an invitation to join our developer account.
Once we have our team together and our app is ready to go, the next step is to submit it for review and distribution in App Store Connect.
Provide metadata for your app, like screen shots, description, keywords, and other information.
Set the price and regions where your app will be available. We recommend making your app available globally, because this allows you to reach the broadest possible audience.
This is also the point where you'll choose the distribution type: available as a public app on the App Store or available for specific business and education customers.
For more information, refer to the "What's New in App Store Connect" session.
Okay, so we're ready to submit our custom app. First, we create a new app entry by selecting the "plus" icon.
Then we provide the name, app preview, screen shots, and other metadata.
We set a price for our app, select the countries or regions where our app will be available for purchase...
and we provide the org details for our customer, Pretendco, which will allow them to purchase our app from their Apple Business Manager instance.
We're almost ready to submit our app. Our app requires sign-in using a corporate account, so we're providing a demo credential that will help the App Review team access the app. We're also providing notes with additional details, and we have the option to submit screen shots or other attachments. When we're ready, we submit the app for review.
And here's our app, back from review and ready for customers to purchase. App Review gives you direct feedback from our review team and gives your customers the confidence that your app has been vetted and approved by Apple.
While Custom App Review differs slightly from public apps, to make sure your app goes through this process smoothly, provide a demo account and credentials if your app requires authentication. This demo account should be able to access all the functions of your app. Or you could build a demo mode into your app and supply sample data. The intent is to make sure the review team is able to inspect all the functionality and features of your app.
Submit good metadata, such as description, keywords and screen shots that show details about your app. If you're providing your app to a specific audience or market segment, describe it in the notes review.
The more details the App Review team has about your app, the easier the process will go, especially if this is your first time submitting an app. If you're updating an existing app, provide details about the new enhancements and features. If the update is a maintenance release, add notes with specific information about what is fixed in the new version beyond just "bug fixes." Make sure you account for App Review time when planning your deployment schedule. Also, be aware of times when there is increased traffic, such as holidays and product launches, when it might take longer to get through the process. And be mindful of deadlines when your app is required to support the latest SDKs.
Use only public APIs, and make sure your app runs on the currently shipping OS. This is covered in the guidelines, but it's worth a call-out here. Using documented APIs and phasing out deprecated frameworks ensures your app is stable and continues to function. Apple changes and modifies private APIs without advance notice.
If your app relies on these, it could stop working or cause unexpected issues for your end users.
If your app requires additional entitlements for hardware resources or user data, make sure you adhere to Apple's privacy guidelines for collecting and storing user data. Refer to the privacy and legal section in the App Store Review Guidelines and developer documentation.
As you expand your customer base, you might create a new instance of your app-- for example, if you're selling to a new customer or market segment or selling your app in a new region with different regulatory requirements.
If possible, keep these variations to a minimum. This avoids the complexity of managing separate build trains and release cycles. If you need to provide specific branding or other minor modification, use App Configuration or rules based on user authorization to deliver this content. All customers get the same app, but you can fine-tune the experience based on these settings.
If you do need to create a completely new app, collect common code into frameworks so you can reuse it across your different apps.
If you're creating a new app, each instance requires a new Bundle ID, a new submission, and a separate App Review, and you'll need to maintain these as separate build trains.
Your development and release cycle will be different than the deployment cycles for your customers. It's important to take this into consideration when planning major releases.
Here, you release Version 1.1 in the middle of your customer's deployment wave one. This means that half the employees will be on Version 1 of the app, but devices that go out to employees after this date will have a Version 1.1 installed. There are ways to mitigate this with MDM commands, but it's best to coordinate ahead of time, especially when planning around new product launches or OS releases.
Once you publish a new version of your app, your customers cannot deploy the previous version.
This process usually goes smoothly. But if you do run into problems, make sure your customers have enabled custom apps in Apple School Manager and Apple Business Manager. The org name and org ID you specify in App Store Connect must match exactly, including punctuation.
Apps can take time to show up as available on a customer's Apple Business Manager org. If you authorize a new customer to purchase an existing app, allow up to 24 hours before that app shows up in their Apple Business Manager instance.
If you're modifying a consumer app for a business customer, you need to create a new Bundle ID and submit it as a new app. You can't convert an existing consumer app into a custom app or vice versa.
If you do run into problems, we're here to help. Contact the App Review team using your developer account for issues like appealing a rejection or providing additional information about your submission. You can submit a Developer Technical Support case for code-level technical assistance, and your customers can contact AppleCare if they experience issues purchasing or deploying your app.
Now we're gonna transition from our development track and go back to our app life cycle and focus on what this looks like from the perspective of a business buying the app. For the administrators managing devices and deploying apps to your employees, this is your section.
Custom apps give you the benefit of deploying and managing apps like you're doing right now with volume-purchased apps through Apple Business Manager. You purchase and manage licenses the same way you would for other content.
IT teams can leverage the same distribution model as App Store apps, including device-based assignment and managed-app capabilities. You can assign, revoke, and reassign licenses as your needs change.
Since the custom app has gone through App Review screening, you can be confident that it meets Apple's quality and security guidelines.
And you can work with the developer to provide the level of customization you need, such as security features for sensitive corporate data, company branding, or specific functionality for your workflows.
Apple Business Manager is the service that makes this all possible. There are three main functions of Apple Business Manager: deploying and managing devices, purchasing and assigning content, and managing accounts and privileges.
Apple Business Manager makes it easy to deploy devices at scale using automated device enrollment and configure them with your security policies and content. You can automatically enroll organization-owned devices into your MDM solution without having to prep each device individually. You can simplify the setup process by removing specific steps in Setup Assistant so users are up and running quickly.
You can delegate privileges for certain functionality, like managing devices or content. And with Federated Authentication, it's easy to use existing corporate credentials to reduce the number of accounts employees need to maintain and to give IT a central point of control.
Last year, we introduced User Enrollment as an option for organizations who want to enable their employees to use their own device while giving the corporate IT organization lightweight control.
Companies can provide custom apps and other managed content to the device.
Check out the "What's New in Managing Apple Devices" session for the latest updates.
Okay, let's set up Apple Business Manager together. As an IT administrator, the first thing you need to do to support custom apps is enable it under Settings.
You also need to provide your organization details to the developer so they can authorize you to purchase the app. This name and ID must match exactly as it's displayed in Apple Business Manager. Mobile device management is required to make this all work. You purchase content, manage locations, and assign devices to MDM servers in Apple Business Manager. MDM does the heavy lifting of assigning and revoking licenses as well as ongoing device management.
So now, we'll configure the connection between our Apple Business Manager instance and our MDM server.
First, we'll add a new MDM server.
We're using Profile Manager, Apple's reference MDM. In Profile Manager, we've generated a public key, which we upload here.
Then we download the Device Enrollment token and upload it to Profile Manager. This creates the trust connection. And now we can see that our devices have been assigned and are managed by Profile Manager.
Next, we download the location token for apps and books and save it to Profile Manager. This allow license distribution. In addition to license management for volume-purchased content, MDM handles management functions like enforcing policies to manage app updates centrally, and restrict employees from updating apps on their own.
This is useful if you want to keep employees on a specific version of an app until you're ready to update to the new version.
Custom apps adhere to the same rules as managed apps, so you can remove a license, push a new license to a deployed device, or initiate an update to a deployed app and enforce a policy to defer OS updates for up to 90 days after release. For more information, refer to the Mobile Device Management Settings for IT Administrators documentation.
Going back to Apple Business Manager, last step: We'll purchase the custom app now and assign it to a location.
Then, MDM will be able to assign that license to end users and devices. Administrators can create separate groups in Apple Business Manager called Locations, and use these to delegate license management to specific users in their organization.
If you have regional offices, for example, you can purchase licenses from the main corporate location, then assign them to each regional office to manage on their own.
If you're migrating from the legacy volume purchase program, Apple Business Manager and Apple School Manager provide better flexibility for managing licenses. You'll need to plan your migration to ensure deployed apps continue to work without an interruption. See the support article on Migrating to Apps and Books for more information. And as a reminder, the volume-purchase program will no longer be available starting December 1, 2020.
If you need to keep users from updating, use MDM restrictions to allow IT control over initiating app updates. And like other managed license distribution, you can assign apps to device or to users.
If you're new to Apple Business Manager and just getting started, make sure your MDM solution supports these features for managed apps. Custom app support allows the MDM to manage licenses for custom apps. If you want to manage app updates centrally, restrict end users from updating the app on their own...
and initiate the app update when you're ready to update the entire organization to the new version.
Deferring OS updates can be a good technique for keeping your devices on the previous version of the OS for compatibility or other reasons. OS updates can be deferred for up to 90 days. Wrapping up for the business segment, and finally, our app life cycle, we'll look at the end-user perspective.
As an end user, you get the benefits of using an app that's been designed to fit your specific needs. When activating your device for the first time, MDM takes over initial configuration and allows you to skip through the setup process. Your apps are automatically installed, and company accounts like Mail and network access are configured automatically.
Your company can publish an App Catalog to make it easy to discover other optional or recommended apps, including other managed apps or App Store apps.
And iCloud can help keep data in sync across multiple devices while giving IT the ability to restrict content flowing from managed sources to unmanaged sources.
As an end user, we'll take the device out of the box and activate it for the first time. We'll start the Setup Assistant, choose a location, language, and a Wi-Fi network.
And we'll see that our organization is managing our device for us to skip the rest of the setup process, and our custom app is automatically installed on the device, and we're ready to go.
Last step: back to our cycle.
This is a continuous process. As end users or organizations have enhancement requests and new feature ideas, they communicate those to the developer. The developer releases new versions and enables more customers to purchase their app.
Let's do a quick recap. As a developer, custom apps are a great way for you to reach business and education customers and provide them an easy way to distribute apps for their employees, staff and students.
Businesses can benefit from easy deployment using existing tools, and they can get apps with specific features built for them. Internal teams can use custom apps to easily deploy to their employees, and Apple Business Manager and Apple School Manager make all this possible. Thank you for your time,
and enjoy the rest of WWDC.
Looking for something specific? Enter a topic above and jump straight to the good stuff.
An error occurred when submitting your query. Please check your Internet connection and try again.