Enterprise ready apps

Discussion in 'Ideas' started by Sopock, Nov 15, 2017.

Enterprise ready apps 5 5 4votes
5/5, 4 votes

  1. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    448
    Likes Received:
    20
    Hi!

    Enterprise edition should get extra mobility features. One of those will allow enterprise users to distribute mobile app outside public stores and even without a need for QR code provisioning!
    This can give you idea what is needed to accomplish something similar.

    Your business customers can use third-party Mobile Device Management (MDM) solutions to help manage and distribute their apps.

    3CX should also join to the AppConfig
    EDIT:
    [​IMG]
    Single Sign-On
    Use Case
    Organizations want to allow users to log into an application using their existing work credentials, as well as customize the security around the login experience to require various factors of authentication. Once a user has logged into one application successfully, that login process should automatically translate to other applications so users do not have to enter their credentials multiple times.
    Your idea would be next step towards SSO via SAML or JWT. It is important to note that MDM solution can be used even on small scale of just 10 managed devices with web client credentials.


    The following document describes the technical capabilities and deployment the native mobile 3CX app to devices based on the best practices documented by the AppConfig Community.

    Using this capability, the 3CX app that is in the public app store can be installed automatically or via a self-service catalog with EMM platforms participating in AppConfig Community. Alternatively, some customers may choose to build a custom app built using the Force.com[?] development platform. In this case, the resulting app will likely be deployed as an internal or in-house app.
    • App developers builds in support for SAML (or equivalent) standard for identity federation into the mobile app and the mobile app’s backend service
    • iOS 7+ device enrolled with Apple’s mobile device management protocol(initial release 4 years ago!)
      • Android 5.0+ with Android for Work enrolled device
    • App’s backend SaaS authorization service must support identity federation to an organization’s identity provider (IDP) via a standard such as SAML or OpenID Connect
    • The Security Assertion Markup Language (SAML) is an XML-based federation technology used in some enterprise and academic use cases. OpenID Connect can satisfy these same use cases but with a simpler, JSON/REST based protocol. OpenID Connect was designed to also support native apps and mobile applications, whereas SAML was designed only for Web-based applications. SAML and OpenID Connect will likely coexist for quite some time, with each being deployed in situations where they make sense.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 Sopock, Nov 15, 2017
    Last edited: Nov 24, 2017
  2. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    448
    Likes Received:
    20
    I know it sounds unbelievable, but still it is not good enough for end users. Maybe because some study shows smartphone makes you stupid? User should get new type of Welcome mail which will just inform that app is ready to use. No any download, no scan...:cool:
    We rather prefer handsfree approach:
    If the Push Mode is set to Auto, the user won't have to do anything and the app should be updated.

    Having employees install apps themselves as well as provide their own Apple ID brings with it several problems:
    • Not every employee will succeed in installing the app.
    • Some won’t have the time to do so and therefore won't ever install/use the app at all.
    • They may not want to use their personal Apple ID to download the app even if the app is free.
    In short: It's a big hassle!
    An advantage of using MDM to enroll personal devices is that it allows corporate resources and data to 

    be managed in a way that is secure, yet also respectful of the user’s personal privacy, data, and apps. IT 

    can enforce settings, monitor corporate compliance, and remove corporate data and apps, while leaving
    personal data and apps on each user’s device intact.
    https://www.apple.com/business/resources/docs/iOS_Deployment_Overview_Business.pdf

    New custom app uniquely named for each enterprise customer? You don't need to submit an enterprise app to the app store for review.
    [​IMG]
    Clients like @Lewis Burgess should consider few factors:
    What types of devices do you have? (iOS, Android, Windows, macOS, Chrome OS)
    Here we can see how important is to have UWindowsP/Mac store app. It is also important to note that there are free education-centric MDM for iOS like Mosyle Manager.

    Systems Manager can not only deploy apps to devices but also preconfigure any app that is part of the AppConfig community, for example by pushing down email settings for users during install. Check with your app developers if they support managed app settings.

    So you could also choose to send the license to a user. The advantage of this would be that one license could be active on multiple devices owned by the same employee. But User Assignment, of course, also means giving the app license to the user with all the Apple ID-related problems described above. So we thoroughly recommend sending licences to devices instead of users.

    MDM can also be used for apps in public store. Let's assume that app received server name. App should assume that port 5001 is used if not specified. Now app will try to retrieve business logo which will be located at https://FQDN-IP-3CX/webclient/path/to/staticbusinesslogo.png which should be uploaded/converted in console mgmt.
    Now you have welcome screen on which user can first time log in using same webclient credentials.
    Welcome to iosstaticbusinesslogo.png powered by 3CXlogo.png
    After that, app should receive other required settings.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Sopock, Nov 22, 2017
    Last edited: Nov 22, 2017
    Lewis Burgess likes this.
  3. Silly English Kniggit

    Joined:
    Sep 13, 2017
    Messages:
    215
    Likes Received:
    76
    Enterprise should also automate the management of 3CXPhone - configure from AD IPPhone field, set virtually any option that currently requires hacking the XML file (such as force BLF bar open).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    Brad Allison and accentlogic like this.
  4. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    448
    Likes Received:
    20
    Any company should use at least Profile Manager which is least expensive MDM on the market to manage Apple devices. In supported countries it is possible to take advantage of device enrollment program and install 3CXphone app immediately after first device activation!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...