For providing a workspace on private iOS devices, Apple has provided user enrollment. With User Enrollment there is a clear separation of the workspace from the privately used area on the device. This enrollment method is therefore recommended when embedding private iOS devices (privately-owned) that will be provided with a managed workspace (BYOD – Bring Your Own Device). Users can manage the workspace themselves using the Cortado app.
As the administrator, you only have access to the workspace and have the option to delete it from the device (Partial Wipe). The user´s private data can be neither viewed nor deleted.
Note! Create up to four additional administrator accounts to configure Cortado MDM.
Note! Cortado Server users do not need a user password. They use their domain password instead.
Note! Users imported from Microsoft Entra ID use the credentials of your Microsoft account.
To enroll the devices with Cortado MDM, local users need their email address and a password. Users must generate the password themselves with the help of the invitation email. You can find more information about the invitation mail here.
Creating a managed Apple ID
The employment of User Enrollment, requires the creation of managed Apple IDs.
Open the Apple Business Manager. for this. Then create a separate, managed Apple ID for each user under Accounts (left arrow in illus.).
Proceed with that as described in the Apple user guide. The users will subsequently receive an email from Apple with the managed Apple ID and a temporary password.
Enter the managed Apple ID for each user under Administration→ Users→ Settings→ Edit in the Administration Portal.
Note for Cortado Server! Illustrations may vary slightly.
Registering mobile devices
The user can configure the device themselves. Users can find out how this works in our help article Enroll private iOS devices.
Alternatively, you can configure the work profile together with the user, in the Administration Portal.
- Select the user in the Administration Portal under Administration→ Users (left arrow in illus.) and then click on Enroll Device (middle arrow in illus.). Then click on iOS/iPadOS (right arrow in illus.).
- Then click on User Enrollment (arrow in illus.).
You will then be redirected to our registration pages. Now continue as described here.
Note! Alternatively, you can also integrate the devices via Administration→ Devices, by clicking on the plus button (left arrow in illus.). There you also first select the desired user(s) (right arrow in illus.) and then Enroll Device (lower arrow in illus.). Then you can select the platform and the method as above.