Loading

Salesforce Mobile App: MDM and EMM Support

Дата публикации: Nov 12, 2025
Описание

Notes on Salesforce MDM Support 

  • We do not provide instructions on how to configure your MDM systems, this includes Microsoft Intune/EntraID(formerly Azure AD).  Please discuss specific implementation or setup steps with your specific MDM vendor.

  • We do not support a wrapper or container app that tries to run the Salesforce App within it.  
  • We do not provide .ipa files at this time. 
  • We cannot provide complete troubleshooting assistance when issues require insight into the MDM setup. When Salesforce System Administrators observe new issues with MDM implementation, we recommend working with your company's security teams & MDM providers to first review the inter operational requirements below.
  • iOS certificate authentication support defers to Safari for authentication while the Android application will remain within the Android Webview.
  • Note: Deferring to native browser for iOS does subject the user to a iOS-controlled cached session within the Safari webview which can allow the session to remain active for up to 1 hour even after a user logs out of the Salesforce App. 


If you're looking for additional level of security compliance, Salesforce for iOS and Android will provide inter-operation with the most popular MDM (Mobile Device Management) suites and support application containerization.

Customers can integrate the v8.0+ Salesforce for Android and v10.0+ Salesforce for iOS with enhanced functionality provided by MDM systems for distribution and control over the device.

Below are resources and tips to consider when researching MDM solutions.

Решение

Supported MDM/EMM providers

See Mobile Application Security Documentation 

  • See the 'Mobile Device Management (MDM)' section
  • Detailed topics covered include:
  • Available Keys Passable in Configuration Settings
  • Certificate-based authentication
  • Automatic custom host provisioning
  • Prerequisites to implement enhanced security for Salesforce for Android  

Features available with Salesforce App v8.0+ hybrid clients

  • Android for Work is primarily utilized to expose APIs that enterprise mobility management (EMM) providers and enterprise application developers can use to deliver secure data transmission.
  • Android customers can choose any compliant Enterprise Mobility provider.  

Per-App VPN

  • Unlike bulky device-wide VPNs, Salesforce App can automatically route data through a lightweight VPN connection


Restricting an App To Managed Devices

  • The MDM / IDP would need to be configured to allow authentication only if it includes unique conditions on the device that are provided by the MDM.
  • For example, Certificate-based authentication.  
 

ACE (Application Configuration for Enterprise)

  • This page discusses the new standard-based aspects of MDM and EMM around mobile devices and offers technical details around the following capabilities:
  • App Configuration
  • App Tunnel
  • Single Sign-On
  • Access Control
  • Security Policies
 
  • Please review these resources or work with your MDM provider's support:
 

IP Traffic Management

Номер статьи базы знаний

000387997

 
Загрузка
Salesforce Help | Article