Use the Compliance sub-step to ensure device attributes are met before a secured app can launch or to open an End User License Agreement. You can specify the minimum device version of the mobile operating system, require a PIN, password, or pattern be set to run the app, or prevent the app from starting on a jailbroken or rooted device.


Prerequisites


StageApp Enhancement
StepBlue Cedar Enforce


Using this sub-step in a workflow

In the workflow builder for your app:

  • Add the App Enhancement stage
  • Add the Blue Cedar Enforce step to the workflow.
  • Add the Compliance sub-step to the Blue Cedar Enforce step.

Click on the options gear icon next to Compliance in the workflow outline. Configure the options:

Device Posture

Field

Description

Block jailbroken devices at app startupIf checked, the app cannot run if the device has been compromised via jailbreaking or rooting.
Require device screen lock

If checked, the app requires a device-level PIN, password, or pattern to be configured on the device.

Require minimum-allowed Android version

Specifies the minimum-allowed version of Android that end users must have on their devices. The default value is Android 6.0, "Marshmallow."

Require minimum-allowed iOS versionSpecifies the minimum-allowed version of iOS that end users must have on their devices. Blue Cedar Enforce is supported for iOS 9 and later.

End User License Agreement

Policy option

Description

Actions

Each uploaded agreement file is listed in the table by language and region.

  • Click View Details to see the contents of a file.
  • Click Delete to remove the file from the profile.
License Agreements

Upload new EULA: Upload the license agreement text file. The license agreement file should be a text file (UTF-8 to handle non-ASCII characters), one file per locale. You must configure at least one valid file and locale.

Prompt Timing

Choose when the user must accept the user agreement before using the app:

  • Prompt again after first launch every x months and y days. Specify the number of months (0–12) and days (0–31).

  • If both month and days are set to 0, the user must accept the agreement the first time they launch the app or group of apps.


Locale: Specify the language and region codes for each file after uploading it. By default, the fields are English (US), en-US. A profile can have as many locales as needed, but only one file per locale.

  • If the device language doesn't match any of the locales associated with an uploaded EULA, the policy defaults to US English (en-US).
  • If the device language doesn't match any of the locales associated with an uploaded EULA and if an EULA for en-US is not included, the app will not run.