Apple’s iOS platform allows you to create custom applications that extend the capabilities of the iPhone, iPod Touch and iPad. When mobile devices are used in business, it’s important to be able to trust the applications that these devices contain.
If you’re part of an enterprise that needs to distribute custom apps for iPhone, iPad and iPod Touch devices, you must follow certain procedures when creating these apps.
Once you’ve built your own custom apps using the Apple Developer Enterprise Program, you need to distribute them to your users. These apps aren’t delivered through the App Store and therefore can’t be opened unless you establish trust for them.
Establishing trust for an app allows your users to install it from anywhere by choosing File > Install from [Untrusted] Source.
There are ways to distribute custom enterprise iOS apps to your organization, but a managed Apple Developer account is required. The managed account provides the certificate configuration and code-signing infrastructure required to establish trust for these apps.
Before you can install, open, and update an iOS custom app that your organization creates, you must first establish trust for the app. In this tutorial, you’ll learn how to perform these tasks from a client device by granting access to the iPhone.
If you have an app that you want to distribute to your users, you have a few options. If it’s a free app available on the App Store for workforce-enrolled devices, you don’t need to take any additional steps. This trust has been established by Apple.
If the app isn’t available in the App Store or Apple isn’t going to manage the app, you need to manually establish trust.
Related: How to delete apps on iPhone
There are two ways that you can establish trust for a custom enterprise app:
How to Trust an iPhone App
You can install apps manually. These apps don’t automatically establish trust. You must manually establish trust on your device to use the app.
- Download and install the app on your iPhone
- You will see a message that the app is not trusted. Tap on cancel (You can’t open the app right now)
- Go to Settings and tap General.
- Now look for Profiles & Device Management and tap on it.
- Under the “Enterprise App” setting, tap on the “profile name” of the developer.
- Tap Trust [Developer] and verify the app.
Once an organization has selected its apps and created device profiles, the process of distributing the app is straightforward. iOS devices synchronize with the MDM server and a new app installation is triggered. After installation is complete, the MDM server notifies the Mobile Device Management Extension (MDM). The MDM installer prompts for trust acceptance (as if they were installed by the App Store) and installs the profile.
Many organizations want to distribute their own custom app to users that use an iPhone. Users of the iPhone can make use of custom apps that are developed for their organisation. However, there is a risk of them installing malicious or otherwise inappropriate apps.
All Enterprise apps are downloaded manually. You can’t search for them and they aren’t added when you first install the App Store app. You can only find them in the App Store application by visiting a specific URL that’s used to distribute apps internally within an organization (called an MDM link).
Related: How to close all apps on iPhone 11
The reason that after you open an enterprise app you see a message about it not being trusted on your device is that iOS devices are secure by default. If you’re an enterprise-deploying organization, the concept of non-trusted apps on your built-for-enterprise platform might seem surprising and even contrary to the whole point of the technology.
However, there’s plenty of good reasons why this security measure is there, and how it keeps your devices safer.
Apple strongly recommends that organizations use a Mobile Device Management (MDM) solution to deploy their apps to iOS devices. Using an MDM solution is secure and doesn’t require users to take any action, so this is the most secure method for your organisation to distribute its custom apps.