Merge pull request #16499 from Erikre/erikre-docs-24083431

erikre-docs-24083431
MicrosoftDocs · Nov 19, 2024 · 1aa2722 · 1aa2722
2 parents 1d181c4 + d269931
commit 1aa2722
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 3 deletions.
diff --git a/memdocs/intune/developer/app-sdk-ios-phase6.md b/memdocs/intune/developer/app-sdk-ios-phase6.md
@@ -7,7 +7,7 @@ keywords:
 author: Erikre
 ms.author: erikre
 manager: dougeby
-ms.date: 11/18/2024
+ms.date: 11/19/2024
 ms.topic: reference
 ms.service: microsoft-intune
 ms.subservice: developer
@@ -55,6 +55,10 @@ In addition to the Intune SDK, you need these two components to enable App Prote
 
 :::image type="content" alt-text="Diagram of MAM-CA remediation flow." source="./media/app-sdk-ios/app-ca-flow.png" lightbox="./media/app-sdk-ios/app-ca-flow.png":::
 
+### MAM compliance process flow
+
+:::image type="content" alt-text="Diagram of MAM compliance process flow." source="./media/app-sdk-ios/mam-compliance-flow.png" lightbox="./media/app-sdk-ios/mam-compliance-flow.png":::
+
 ### New APIs
 Most of the new APIs can be found in the IntuneMAMComplianceManager.h. The app needs to be aware of three differences in behavior explained below.
 
@@ -157,6 +161,7 @@ guard let authorityURL = URL(string: kAuthority) else {
         self.applicationContext = try MSALPublicClientApplication(configuration: msalConfiguration)
 
 ```
+
 To fetch the Microsoft Entra object ID for the accountId parameter of the MAM SDK compliance remediation APIs, you need to do the following steps:
 - First get the homeAccountId from userInfo[MSALHomeAccountIdKey] within MSALError object sent back by MSAL when it reports ERROR_SERVER_PROTECTION_POLICY_REQUIRED to the app.
 - This homeAccountId is in the format ObjectId.TenantId. Extract the ObjectId value by splitting the string on the '.' and then use that value for the accountId parameter in remediation API remediateComplianceForAccountId.
@@ -182,11 +187,11 @@ Test Case	| How to test	|	Expected Outcome	|
 --	| --	| --	|
 MAM-CA always applied		| Ensure the user is targeted for both App Protection CA and MAM policy before enrolling in your app.|  Verify that your app handles the remediation cases described above and the app can get an access token.	|
 MAM-CA applied after user enrolled	| The user should be logged into the app already, but not targeted for App Protection CA.	| Target the user for App Protection CA in the console and verify that you correctly handle MAM remediation	|
-MAM-CA noncompliance	| Set up an App Protection CA policy, but don't assign a MAM policy.	| The user shouldn't be able to acquire an access token. This is useful for testing how your app handles IntuneMAMComplianceStatus error cases.	|
+MAM-CA noncompliance	| Setup an App Protection CA policy, but don't assign a MAM policy.	| The user shouldn't be able to acquire an access token. This is useful for testing how your app handles IntuneMAMComplianceStatus error cases.	|
 
 ## Next Steps
 
-After you've completed all the [Exit Criteria] above, your app is now successfully integrated with App Protection CA support. The subsequent section, [Stage 7: Web-view features], may or may not be required, depending on your app's desired app protection policy support.
+After you've completed all the [Exit Criteria] above, your app is now successfully integrated with App Protection CA support. The subsequent section, [Stage 7: Web-view features] may or may not be required, depending on your app's desired app protection policy support.
 
 <!-- Stage 6 links -->
 [Exit Criteria]:#exit-criteria

diff --git a/memdocs/intune/developer/media/app-sdk-ios/app-ca-flow.png b/memdocs/intune/developer/media/app-sdk-ios/app-ca-flow.png
diff --git a/memdocs/intune/developer/media/app-sdk-ios/mam-compliance-flow.png b/memdocs/intune/developer/media/app-sdk-ios/mam-compliance-flow.png