7.8 KiB
Install app store apps
Available in Fleet Premium
In Fleet, you can install Apple App Store apps on your macOS, iOS, and iPadOS hosts, including custom apps.
You can also manage which Google Play Store apps are available for self-service in your end user's Android work profiles. Google only allows free Google Play Store apps. Paid apps aren't supported.
Add an app
Apple (VPP)
Before using Fleet to manage VPP apps, you must first turn on Apple MDM and Apple's Volume Purchasing Program (VPP). Once you've completed that setup, you can follow the directions below for each app.
-
Purchase the relevant app through Apple Business Manager (ABM). You must perform this step even if the app is free, or if it is a custom app you own. Learn how in Apple's documentation.
-
In Fleet, head to the Software page and select a fleet in the fleets dropdown.
-
Select Add software > App store, then select the app you just purchased.
Currently, Fleet only supports Apple App Store apps from the United States (US) region. If the app is listed on the Apple App Store and it has
/usin the URL (e.g. https://apps.apple.com/us/app/slack/id618783545) then it's supported.
Google Play (Android)
Before using Fleet to manage Google Play Store apps, you must first turn on Android MDM. Once you've completed that setup, you can follow the directions below for each app.
-
Head to the Google Play Store, find the app, and copy the ID at the end of the URL (e.g. "com.android.chrome")
-
In Fleet, head to the Software page and select a fleet in the fleets dropdown.
-
Select Add software > App store, choose the Android platform, then enter the application ID.
Install Android web app (web clip)
Before deploying web apps, make sure to add Google Chrome first. This applies to both work profile (BYO) and fully-managed Android devices. If Chrome isn’t installed, the end user will be prompted to install it and redirected to the managed Play Store.
To add an Android web app, first create the web app using the Fleet API. Send a request to the Create Android web app.
The response includes an app_store_id (e.g. com.google.enterprise.webapp.x1c41e22ab611cb98). Use this ID as the application ID in Add software > App store (step 3 above).
Example request
curl -X POST https://<your_fleet_server_url>/api/v1/fleet/software/web_apps \
-H "Authorization: Bearer <your_fleet_api_token>" \
-F 'title=Acme web app' \
-F 'url=https://app.acme.com' \
-F 'icon=@/path/to/app-icon.png'
Edit or delete the app
-
In Fleet, head to the Software page and select a fleet in the fleets dropdown.
-
Search for the app you want to remove and select the app to head to its Software details page.
-
To edit the app icon and display name, select Actions > Edit appearance.
-
To configure the app's self-service categories or change which hosts can install the app, select Actions > Edit software.
-
To remove the app, click the trash can (delete) icon above the table of installed, pending, and failed hosts.
Configure automatic updates for an app (iOS / iPadOS only)
-
In Fleet, head to the Software page and select a fleet in the fleets dropdown.
-
Search for the app you want to configure and select the app to head to its Software details page.
-
Click the Actions button and select Schedule auto updates.
-
In the modal dialog that opens, click Enable auto updates and configure an update window of at least one hour. You may also choose to limit which hosts receive auto-updates using the Target option (this configuration will also affect which end users can install the app themselves via the self-service feature).
Install an app
Apple (VPP)
Apps can be installed manually on each host's Host details page. For macOS apps, apps can also be installed via self-service on the end user's Fleet Desktop > My device page or automatically via policy automation.
If the install fails with
ErrorCode301 and aLocalizedDescriptionof "Invalid Status Code The response has an invalid status code" it may be because the app has a minimum OS version higher than what the targeted host is running.To find the minimum OS version for the app, visit the App Store, find the app, scroll to the bottom, and look for Compatibility under Information.
VPP app installs are automatically attempted up to 4 times (1 initial attempt + 3 retries) to handle intermittent issues.
Currently, Apple App Store (VPP) apps can't be uninstalled via Fleet. If the app is uninstalled by the end user, or when the host is unenrolled, the license won't be revoked. You can revoke the license by running this script.
VPP apps on iOS/iPadOS hosts will be uninstalled when the host has MDM features turned off.
Google Play (Android)
Android apps can be installed via self-service in the end user's managed Google Play Store (work profile).
Configuration
Currently, editing configurations is only supported for Android apps. Only the managedConfiguration and workProfileWidgets options from ApplicationPolicy - Android Management API are currently supported.
managedConfiguration supports any option provided by the app's developer. Each app supports different options. To find the supported options, check the app documentation.
Example (GlobalProtect)
This configuration makes it so the end user won't have to type the portal hostname the first time they open GlobalProtect. It also disables "always on VPN," meaning GlobalProtect won’t automatically connect when the host is online. The end user has to tap Connect.
{
"managedConfiguration": {
"portal": "example.portal.com",
"connect_method": "on-demand"
}
}
Options for GlobalProtect can be found in their documentation.
Example (Google Calendar)
This configuration allows end users to add widgets from the Google Calendar in their work profile to their home screen.
{
"workProfileWidgets": "WORK_PROFILE_WIDGETS_ALLOWED"
}
API and GitOps
Fleet also provides a REST API for managing app store apps programmatically. Learn more in the API reference docs.
To manage App Store apps using Fleet's best practice GitOps, check out the app_store_apps key in the GitOps reference documentation.