(110) Microsoft Intune - App Configuration Policies (iOS)

App configuration policies can help you eliminate app setup problems by letting you assign configuration settings to a policy that is assigned to end-users before they run the app. The settings are then supplied automatically when the app is configured on the end-users device, and end-users don't need to take action. The configuration settings are unique for each app.

If your environment is using VPP (Volume Purchased Programs) setup and using Microsoft Defender, you can set up the following to automate the deployment progress.

Requirements:

Ensure 'Connect iOS/iPadOS devices version 13.0 and above to Microsoft Defender for Endpoint' is enabled.

Ensure VPP App: Microsoft Defender: Security (iOS) is deployed to the iOS devices.

Instructions:

Navigate to https://intune.microsoft.com/ > Apps > App Configuration Policies > Add > Managed devices.

Then enter the following:

Name: iOS - Enable Defender for Endpoint Supervised (VPP)

Device enrolment type: Managed devices

Platform: iOS/iPadoS

Targeted app: Microsoft Defender: Security

Under Settings:

Configuration settings format: Use configuration designer

XML Propery lists:

Configuration key: issupervised

Value type: String

Configuration value: issupervised

Configuration key: DefenderNetworkProtectionEnable

Value type: String

Configuration value: true

What does DefenderNetworkProtectionEnable do? Find out more here.

Once done, select save and deploy the setting.

For other applications to autologin with the enrolled UPN to the iOS device, follow the same process. Navigate to https://intune.microsoft.com/ > Apps > App Configuration Policies > Add > Managed devices.