Citrix Endpoint Management

App provisioning and deprovisioning

Application provisioning revolves around mobile app lifecycle management: Preparing, configuring, delivering, and managing mobile apps within the Citrix Endpoint Management environment. Sometimes, developing or modifying application code might also be part of the provisioning process. Citrix Endpoint Management is equipped with various tools and processes that you can use for app provisioning.

Before reading this article on app provisioning, we recommend you read Apps and User communities. When you have finalized the type of apps your organization plans to deliver to users, you can then outline the process for managing the apps throughout their lifecycle.

Consider the following points when defining your app provisioning process:

  • App profiling: Your organization might start with a limited number of apps. However, the number of apps you manage can rapidly increase as user adoption rates increase and your environment grows. Define specific app profiles up front to make app provisioning easy to manage. App profiling helps you categorize apps into logical groups from a nontechnical perspective. For example, you can create app profiles based on the following factors:
    • Version: App version for tracking
    • Instances: Many instances that are deployed for different sets of users, for example, with different levels of access
    • Platform: iOS, Android, or Windows
    • Target Audience: Standard users, departments, C-level executives
    • Ownership: Department that owns the app
    • Type: MDX, Public, Web and SaaS, or Web links
    • Upgrade Cycle: How often the app is upgraded
    • Licensing: Licensing requirements and ownership
    • MAM SDK or MDX policies: To apply MDX capabilities to your mobile apps
    • Network Access: Type of access, such as tunneling HTTP and HTTPS traffic with single sign-on (Tunneled - Web SSO).


Factor Citrix Secure Mail Mail In-House Epic Rover
Version 10.1 10.1 X.x X.x
Instance VIP Physicians Clinical Clinical
Platform iOS iOS iOS iOS
Target Users VIP Users Physicians Clinical Users Clinical Users
Ownership IT IT IT IT
Type MDX MDX Native Public
Upgrade Cycle Quarterly Quarterly Yearly N/A
Licensing N/A N/A N/A Volume Purchase
MDX Policies Yes Yes Yes No
Network Access VPN VPN VPN Public
  • App versioning: Maintaining and tracking app versions is a critical part of the provisioning process. Versioning is typically transparent to users. They only receive notifications when a new version of the app is available for download. From your perspective, reviewing and testing each app version in a non-production capacity is also critical to avoid impacting a production site.

    It is also important to evaluate if a specific upgrade is required. App upgrades are usually of two types: A minor upgrade, such as a fix to a specific bug, or a major release, which introduces significant changes. In either case, carefully review the Release Notes of the app to evaluate if the upgrade is necessary.

  • App development: When you integrate the MAM SDK in the mobile apps that you develop, you apply MDX capabilities to those apps. See MAM SDK overview.

    The MAM SDK replaces the MDX Toolkit, which is scheduled for deprecation in July 2023. For information about app wrapping, see MDX Toolkit. The app provisioning process for a wrapped app differs from the provisioning process for a standard non-wrapped app.

  • App security: You define the security requirements of individual apps or app profiles as part of the provisioning process. You can map security requirements to specific MDM or MAM policies before deploying the apps. That planning simplifies and speeds up app deployment. For example:

    • You might deploy certain apps differently.
    • You might want to make architectural changes to your Citrix Endpoint Management environment. The changes depend on the type of security compliance that the apps require. For example, a particular app might require end-to-end SSL encryption or geofencing.
  • App delivery: Citrix Endpoint Management allows you to deliver apps as MDM apps or as MAM apps. The MDM apps appear in the app store. This store allows you to conveniently deliver public or native apps to users. Other than enforcing device level restrictions, no other app controls are needed. However, delivering apps by using MAM allows full control over app delivery and over the app itself. Delivering the apps through MAM is typically more suitable.
  • Application maintenance:
    • Do an initial audit: Track the app version that is present in your production environment, and the last upgrade cycle. Make note of specific features or bug fixes that required the upgrade to take place.
    • Establish baselines: Maintain a list of the latest stable releases of each app. Be ready to fall back to an earlier app version if unexpected issues occur after an upgrade. Develop a rollback plan. Test app upgrades in a test environment before deploying to production. If possible, deploy the upgrade to a subset of production users first and then to the entire user base.
    • Subscribe to Citrix software update notifications and any third-party software vendor notifications: Keeping up to date with the latest releases of the apps is critical. An Early Access Release (EAR) build might be available for testing ahead of time.
    • Devise a strategy to notify users: Define a strategy to notify users when app upgrades are available. Prepare users with training before deployment. Consider sending multiple notifications before updating the app. Depending on the app, the best notification method might be email notifications or websites.

App lifecycle management involves the complete lifecycle of an app from its initial deployment through retirement. The lifecycle of an app has these phases:

  1. Requirements for specifications: Start with business case and user requirements.
  2. Development: Validate that the app meets business needs.
  3. Testing: Identify test users, issues, and bugs.
  4. Deployment: Deploy the app to production users.
  5. Maintenance: Update app version. Deploy the app in a test environment before updating the app in a production environment.
App provisioning and deprovisioning

In this article