15.1.0

What's New

• Performance improvements.
• Jailbreak detection improvements.
• Changes to internal behavior for isSaveToAllowedForLocation:withAccount: and isOpenFromAllowedForLocation:withAccount:. A nil account will no longer be treated as the current account for the LocalDrive/LocalStorage locations. Passing in a nil account with those locations will have it treated as an unmanaged account. Because app's can control how they handle their sandbox storage, an identity can and should be associated with those locations. A nil account will also no longer be treated as the current account for single-identity apps. Passing in a nil account in a single-identity app will now be treated exactly the same as if it was passed into a multi-identity app. If you are developing a single-identity app, please use the IntuneMAMPolicy's primaryUser to refer to the current account if managed and nil to refer to the current account if unmanaged.
• Added a canReceiveSharedItemProvider: method for checking if an NSItemProvider shared through a share extension can be received by an account. Instead of using isOpenFromAllowedForLocation:withAccount: to check if incoming share extension data can be received, apps can use this helper method on the NSItemProvider itself.
• Added canReceiveSharedFile: method for checking if an incoming file can be received by an account.
• Added IntuneMAMWipeDidCompleteNotification which is posted after an account wipe is completed.
• Added an IntuneMAMOpenLocationPhotos location for isOpenFromAllowedForLocation:withAccount: calls. Similar to IntuneMAMOpenLocationCamera, only a nil account should be passed in as the location owner. The IntuneMAMOpenLocationPhotos location represents the iOS Photo Library.

Bug Fixes

• Fixed issue where applications would apply old policy after an application reinstall without the application enrolling.
• Fixed issue where sending logs through Powerlift displayed an error.
• Fixed issue where search web in look up operation would be blocked for policy managed apps even if Edge is set as the managed browser.
• Fixed bug where unmanaged users cannot save files to their OneDrive files location.
• Fixed issue where getIdentityForCurrentActivity returned the current thread identity rather than sender identity of current openURL request.
• Fixed issue where an enrollment followed by an immediate MAM-CA remediate compliance call could result in a failed MAM-CA remediation.
• Fixed issue where apps can hang on launch after a backup/restore to the same device.

14.7.1

What's New

• Performance improvements.
• This release is only for apps that are still using Xcode12. If you have migrated to Xcode13 then please use version 15.0.0.

Bug Fixes

• Fixed bug where users could save native mail attachments into a personal Files location.
• Fixed issue where applications would apply old policy after an application reinstall without the application enrolling.

15.0.0

What's New

• Performance improvements.
• This update is required for apps built with Xcode 13.
• Added new Swift API IntuneMAMSwiftContextManager.getScopedIdentity().
• Added new Swift APIs IntuneMAMSwiftContextManager.setIdentity(_, forScope:).
• Added new API [IntuneMAMPolicyManager setCurrentThreadIdentity:forScope:].
• Breaking Change: Removed [IntuneMAMPolicyManager setCurrentThreadIdentity:] from being callable from Swift.
• Breaking Change: Deprecated [IntuneMAMPolicyManager setCurrentThreadIdentity:], switch to using [IntuneMAMPolicyManager setCurrentThreadIdentity:forScope:] instead.
• Added support to block new iOS15 Group Activities functionality.
• Added support to block sharing with the translate edit action which is new to iOS 15.

Bug Fixes

• Fixed bug where users could save native mail attachments into a personal Files location.
• Fixed issue where applications would apply old policy after an application reinstall without the application enrolling.

14.7.0

What's New

• Performance improvements.
• Added support to allow apps to send Intune logs with PowerLift.
• Added support for ADAL 5.0.0.
• Added property valuesToScrubFromLogging to IntuneMAMSettings that allows applications to scrub specified values from the logs.
• Added new [IntuneMAMPolicy isURLAllowed:isKnownManagedAppScheme:] API to help reduce LSApplicationQueriesSchemes entries as Apple added a limit of 50 in iOS15. This helps remove "scheme-intunemam" for known managed app scheme. Use this API instead of canOpenURL:
• Improved the performance of the IntuneMAMPolicyManager.instance.primaryUser() API when the application is managed.

Bug Fixes

• Fixed wipe loop that occurs after incorrectly inputing the PIN max number of times.
• Fixed bug where incorrect range of accepted OS versions would show on Conditional Launch OS Version Warning Prompt.
• Fixed a crash in iOS 15 caused by using both ADAL and ARKit. Please take this update if you are using both these in your application, please note that the ADAL 5.0 update is optional for this fix.
• Fixed issue where application UITextViewDelegate textView:shouldInteractWithURL:inRange: delegate method would not get called when managed.
• Fixed issue where some application blocking policy strings are truncated in the alert view.

14.6.2

What's New

• Performance improvements

Bug Fixes

• Fixed pasteboard issue where nothing would be pasted after copying a URL object.

14.6.0

What's New

• Provide users of wrapped applications and apps which have configured AutoEnrollOnLaunch/MAMPolicyRequired with an option to remove the auto-enrolled account when the user is blocked from using the app due to policy not being targeted for the account.

Bug Fixes

• Removed itms url strings which prevented apps from submitting to the App Store.
• Reduced retry interval for enrollment failing due to tenant migration.

14.5.0

What's New

• Performance improvements.
• Added new set of data protection APIs (protect, unprotect, protectString, unprotectString) that include error reporting. These APIs mimic the existing data protection APIs with the addition of providing error details as an NSError object.
• Allow use of MFMailComposeViewController or MFMessageComposeViewController when "mailto" or "sms" protocol is exempted from outgoing data transfer policy, respectively.

Bug Fixes

• Fixed issue where the SDK might not successfully block action sheets shown in webviews when user long-presses a link.
• Fixed issue where the SDK would fail to load local files in QuickLook views.
• Fixed issue where a potential infinite loop occurs if auto-enroll is started during identity switch.
• Fixed accessibility issue in the diagnostic console UI.
• Fixed issue where SDK would block OS versions that were equal to the set maximum OS version.
• Fixed issue where MAM-CA enrollment information isn't always persisted to disk.
• Fixed issue where the app is permanently stuck on the "Checking your organization's data access requirements for this app" screen following a required sign in.
• Fixed issue where pasteboard doesn't get refreshed for share extensions.
• Fixed issue where app could crash if it tries to add a nil action to UIGestureRecognizer.
• Fixed issue in apps which integrate MSAL and pass a UPN to loginAndEnrollAccount where the MSAL prompt was not pre-populated with the UPN.
• Fixed a potential crash that could occur if the application attempts to delete items from the keychain using a query which has a NSData object specified for the kSecAttrService key.
• Fixed issue where the conditional access delegate didn't get called if second remediation is triggered from the delegate call of a previous remediation flow.
• Fixed issue where files could be incorrectly tagged as managed when attempting to import them in single identity apps.
• Fixed issue where NSItemProvider loadObjectOfClass would sometimes return an error when loading NSURL objects.
• Fixed issue where sharing to the Files app could be allowed when it should have been blocked by policy.

14.4.1

What's New

• Added support for new MAM policy settings to warn and wipe based on maximum OS version requirement.
• Added a setWebViewPolicy:forWebViewer: method. This method can be used to dynamically treat specific web views as managed or unmanaged.
• Added logging support for file provider extensions.
• Jailbreak detection improvements.

Bug Fixes

• Fixed issue where extra forward slashes were added to some dialer URLs.
• Fixed issue where users weren't continuously blocked for user-level wipes.
• Fixed issue where a failed compliance update causes a crash.
• Fixed issue where address links were not able to open in Maps when the "maps" URL scheme was configured as a data transfer exemption in policy.
• Fixed accessibility issue where voiceover wasn't focusing on the correct element after pressing done to return to the main diagnostic console view.
• Fixed issue where UI first responder wasn't being set correctly after conditional launch was dismissed.
• Fixed issue where on app launch, openURL could get called on the application while the PIN screen is displayed if the application sets the identity in will/didFinishLaunchingWithOptions and the url came from an unmanaged application.
• Added missing system library imports to some of the SDK's public headers.
• Fixed issue where the user wasn't prompted for credentials while blocked by MTD compliance.
• Fixed accessibility issue where voiceover would be able to jump outside of the 'Forgot PIN' alert view on the PIN screen.
• Fixed accessibility issue where voiceover wasn't working for username and password safari view controller wrapper.

14.3.5

What's New

• Jailbreak detection improvements.
• Fixed a crash on iOS 12.

14.3.3

What's New

• Jailbreak detection improvements.
• Fixed issue where device name was not being sent to MAM service.
• Fixed issue where a managed file could be opened after auto-enroll succeeded but the application failed to add the managed account.