Product Documentation

How Mobile Apps Work

Apr 04, 2014

When users log on by using Worx Home from a mobile device, if they are allowed to use a particular mobile app, the mobile app appears in the store.

You can set policies for mobile apps in the App Controller management console. Application policies for Android or iOS apps fall into the following three main categories:

  • Information security. These policies are designed to protect app data and documents. The policies dictate how information can be exchanged between apps. You can configure settings for the app to allow or prevent user access to such operations as printing, email, text messaging, and use of the device camera.
  • Application access. These policies determine the logon requirements users must meet in order to open an app. You can configure authentication methods, settings to prevent apps from running on a jailbroken, or rooted, device, network connection requirements, and conditions for locking or erasing app data.
  • Network. These policies determine the network settings for traffic to and from the app. You can configure the following settings: allow unrestricted access to the internal network, redirect traffic through XenMobile App Edition by using a VPN tunnel specific to each app, or block all traffic from accessing the internal network.

The following list defines the policies that appear in the management console when you configure or edit an Android or iOS app.

Installing Mobile Apps on the Mobile Device

In the store, users tap the app to add it to Worx Home. The app icon appears and then the app starts downloading to the device. The device operating system uses the built-in installer to simultaneously install the app on the home screen of the device.

Next, users receive prompts to install the app. When installation starts, the device switches to the home screen. When installation is complete, users can start the app from the home screen like any other app, or they can start the app from within Worx Home.

Connecting Users on Android or iOS Devices

When users start the app on their Android or iOS device, the Worx Home logon page appears. Worx Home starts and users can enter their user name and password. When their credentials are accepted, the app starts. When users authenticate to the app, users are not asked for their credentials again until the authentication time (set by policy) expires.

When users start Worx Home on their device, Worx Home continues to run in the background for as long as the application policy permits. If users start an app that requires a service from Worx Home and it is not running or in a suspended state, a prompt to authenticate with Worx Home appears. When Worx Home is running again, users can start and use the app.

Updating Mobile Apps on the Device

If you update the app and then upload the new version to XenMobile App Edition, you can define a grace period in the App Controller management console that sets a time limit for users to upgrade the app. The grace period duration gives users a specific amount of time from which they must upgrade the app. If users allow the grace period to expire, the application locks and users must download the new version.

You can disable the app to make changes to the settings. When you are finished changing the settings, you can then enable the app.

When the upgrade is published to the Applications catalog in App Controller, users receive a message about the upgrade when they start the app. Also, users receive a message every time the app starts, prompting them to upgrade. If you publish a critical patch or security update, you can set the grace period to zero, which forces users to update the app before starting the app.

Configuring Mobile App Settings in App Controller

After you upload a mobile app to XenMobile App Edition, the Mobile App Details dialog box appears in the management console. You can then configure the following settings for the app:

On the Details page, the following app details appear. When the app is wrapped, the person wrapping the app defines some settings, some of which you cannot change and others that Citrix recommends you do not change.

  • App name. The name of the app. Citrix recommends that you do not change this field unless you are creating a second instance of the app. In that case, you must give the app a different name.
  • Description. The description of the app. Citrix recommends that you do not change this field.
  • Application type. The platform on which the app can run. You cannot change this field.
  • Application version. The internal version number of the app. You cannot change this field.
  • Minimum OS version. The minimum operating system version on which the app can run. Citrix recommends that you do not change this field.
  • Maximum OS version. The maximum operating system version on which the app can run. Citrix recommends that you do not change this field.
  • Excluded devices. Device types on which the app cannot run. You must define iPhone or iPad and not the specific version of the device, such as iPad 3 or iPhone 4S. For Android devices, you need to specify the manufacturer and phone model, such as Samsung HTC or Motorola Droid Razr M. Separate device names with a comma.
  • Category. Defines where the app is assigned, for example, AllUsers or Finance.
  • Assigned role. The role assigned to the app. The role defines the Active Directory groups from which users are obtained. You must leave the AllUsers default role or select a role.

On the Workflow page, you can either create a new workflow or select a workflow you configured by using the Workflows tab in the management console. If you use an existing workflow, when you click Next, the Policies page appears. If you are creating a new workflow, when you click Next, the Manage Approvals page appears where you can configure the levels of approvers and additional approvers.

On the Policies page, you can select or specify policy settings. Information about configuring MDX policies for iOS and Android apps are in this section.