Common: Microsoft Intune app protection profile settings
Microsoft Intune
app protection profile settingsThese settings correspond to
Intune
app protection policy settings. If you want more information about a setting, see the Microsoft Intune documentation.Intune app protection profile setting | Description |
---|---|
Interoperability | |
Enable interoperability between Intune and Dynamics apps | This setting specifies whether BlackBerry
Dynamics apps can interact with Intune -managed apps, such as Microsoft 365 apps, on the device.To allow interoperability between BlackBerry
Dynamics apps and Intune -managed apps, BlackBerry BRIDGE must be installed on users' devices.For more information, see the BlackBerry BRIDGE Administration Guide. |
Custom JSON | Edit the JSON values to customize messages and warnings seen by your users in the BlackBerry BRIDGE app. |
Data relocation | |
Allow app to transfer data to other apps | This setting specifies the apps Intune -managed apps can send data to.The "Policy managed apps" option allows data to be transferred only to other apps that are managed by Intune . If the "Enable interoperability between Intune and Dynamics apps" setting is selected, you can't change this setting from the default option. |
Allow app to receive data from other apps | This setting specifies the apps that apps managed by the app protection policy can receive data from. The "Policy managed apps" option allows data to be transferred only from other apps that are managed by Intune . If the "Enable interoperability between Intune and Dynamics apps" setting is selected, you can't change this setting from the default option. |
Prevent "Save as" | This setting specifies whether the "Save As" option is enabled for apps. If you select this setting in an on-premises environment, you can allow using the "Save As" option to save work data only to one or more of the following locations:
|
Restrict cut, copy, and paste with other apps | This setting specifies how cut, copy, and paste operations can be used with the app.
|
Disable contact sync | This setting specifies whether the app can save contacts to the native Contacts app on the device. |
Disable printing | This setting specifies whether the app can print data. |
Inclusion group | This setting specifies whether the policy is deployed to inclusion groups. |
Access | |
Require corporate credentials for access | This setting specifies whether users must use their organization credentials to access the app. If this rule is selected, it takes precedence over requirements for a PIN or fingerprint. |
Block managed apps from running on jailbroken or rooted devices | This setting specifies whether apps can run on jailbroken or rooted devices. |
Recheck access requirements timeout period | This setting specifies, in minutes, how often the access requirements for the app are rechecked when the app is open. |
Offline grace period | This setting specifies, in minutes, how often the access requirements for the app are rechecked when the device is offline. |
Offline interval before app data is wiped | This setting specifies, in days, how long a device can be offline before app data is wiped from the device. |
Require PIN for access | This setting specifies whether users must enter a PIN to access the app. If this option is selected, the user is prompted to provide a PIN the first time they run the app. If the "Require corporate credentials for access" setting is selected, it takes precedence over this rule. |
Number of attempts before PIN reset | This setting specifies the number of PIN entry attempts that can be made before the user must reset the PIN. |
Allow simple PIN | This setting specifies whether users can use simple PIN sequences such as 1234 or 1111. |
PIN length | This setting specifies the minimum number of digits in the PIN. |
Allow fingerprint instead of PIN | This setting specifies whether users can use a fingerprint instead of a PIN to access the app. |
Disable app PIN when device PIN is managed | This setting specifies whether the app prompts for the PIN when the device is required to have a password. If this setting is selected, the app PIN is not requested on Android devices if the UEM IT policy for the device requires a password. To disable the app PIN on iOS devices, the device PIN must be required by Intune . |
PIN character set | This setting specifies the types of characters the PIN must contain.
|
PIN reset | This setting specifies the number of days before the user must reset their PIN. The default setting is 90 days. |