Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.16
  3. Administration
  4. Managing apps
  5. Limiting devices to a single app or apps that you specify
  6. Create an app lock mode profile

Create an app lock mode profile

Specify a single app or apps to run on devices and select the device settings that you want to enable for the user. For supervised 
iOS
 devices, you can select an app in the app list, specify the bundle ID of the app, or select a built-in app. For 
Android Enterprise
 devices and 
Android
 devices that are managed using 
Samsung Knox
 MDM, you can add apps from the app list or specify the app package identifier. For 
Windows 10
 devices managed using MDM, specify the account and the Application User Model ID (AUMID) of the app. Visit docs.microsoft.com to find the AUMID.
If the user does not install the app on a device, when you assign the profile to a user or user group the device is not restricted to the app.
If you plan to use the app list to select an app, make sure that the app is available in the app list.
  1. On the menu bar, click 
    Policies and Profiles
    .
  2. Click 
    Policy > App lock mode
    .
  3. Click The Add icon.
  4. Type a name and description for the profile.
  5. Specify the device types the profile applies to. 
  6. Perform one of the following tasks:
    Task 
    Steps 
    Specify the app to run on 
    iOS
     devices 
    In the 
    Specify the app to run on the device
     section, perform one of the following actions:
    • Click 
      Select an app from the app list
      , click 
      Add an app
      , and click an app in the list. 
    • Click 
      Specify the app package ID of an app
       and type the app package ID (for example, <
      com.company.appname
      >). Valid characters are uppercase and lowercase letters, 0 to 9, hyphen (-), and period (.). 
    • Click 
       Select a built-in iOS app
       and select an app from the drop-down list.
    Specify the apps to run on 
    Android
     devices
    In the 
    Specify the apps to run on the device
     section, beside the app table, click The Add icon and do the following to specify the apps that you want to limit the device to:
    • Click 
      Specify the app package ID of an app
       and type the app package ID (for example, <
      com.company.appname
      >) and the name of the app. Valid characters are uppercase and lowercase letters, 0 to 9, hyphen (-), and period (.). Click 
      Add
      .
    • Click 
      Select an app from the app list
      , and click an app in the list. Click 
      Add
    For 
    Android Enterprise
     devices, if you want to limit the device to a specific app, click 
    Limit device to a single app
     and select the app. The app that you specify in this setting automatically opens when the device starts and the user always returns to it. The app can access the other apps that you specify in the profile when it is required.
    Specify the app to run on 
    Windows 10
     devices
    • In the 
      Account
       field, type a user account name that includes the domain name and user name. For a local user, use the device name in place of the domain name.
    • In the 
      Application User Model ID
       field, type the AUMID of the app (for example, the AUMID for the Calculator app is 
      Microsoft.WindowsCalculator_8wekyb3d8bbwe!App
      .
  7. For 
    iOS
     and 
    Android
     devices, in the 
    Administrator-enabled settings
    , select the options that you want to enable for the user when using the app.
  8. For 
    iOS
     devices, in the 
    User-enabled settings
    , select the options that the user can enable.
  9. Click 
    Add
    .
If necessary, rank profiles.