Enable Microsoft Intune on Managed iOS Devices

The Emburse Enterprise mobile app supports Microsoft Intune for Mobile Application Management (MAM) on iOS devices. This integration enables your organization to apply Microsoft Intune app protection and compliance policies when the app runs on company-managed devices, helping protect corporate data while maintaining a seamless user experience.

Users: Enroll Your Managed iOS Device in Intune

Your organization’s IT team uses Microsoft Intune to manage certain aspects of the Emburse Enterprise mobile app to help protect company data. You do not need to configure anything manually—setup is handled by your IT administrator.

However, the first time you open the Emburse Enterprise mobile app on a managed device, you will be prompted to follow these steps to enroll the app under your organization’s Intune policies.

1. Open the Emburse Enterprise app on a managed iOS device that has your company portal app installed.
2. Sign in with your Microsoft Entra ID account to enroll your device in Intune.
3. Close the app.
4. Reopen the Emburse Enterprise app and sign in.

What Intune Does

Your company’s Intune policies may automatically:

• Prevent copying or pasting sensitive data outside the app.
• Encrypt or securely store company data on your device.
• Require company-managed authentication for access.

Policies vary by organization and are controlled by your company's IT team.

Need Help?

If you experience issues signing in or see such messages as “Admin approval required” or “This app must be managed by your organization,” contact your company’s IT department for assistance.

IT Administrators: Configure Intune Integration for Managed iOS Devices

Below are the basic steps for setting up your organization’s Intune integration. For detailed instructions on each step, see the Microsoft Intune Help Center.

1. Add the Emburse Enterprise Mobile App to Intune

1. Open the Microsoft Intune Admin Center and select Apps in the menu on the left.
2. Under Manage Apps By Platform, select iOS/iPadOS > Create.
3. Search for and select Emburse Enterprise Mobile.
4. Confirm the Bundle ID is com.emburse.mobile.
5. Assign Emburse Enterprise to the appropriate user or device groups.

2. Grant Admin Consent for the Emburse Enterprise Mobile App

Use this link to automatically grant admin consent for the required permissions described below.

Required Microsoft Permissions

3. Add an App Configuration Policy for Managed Devices

1. Open the Microsoft Intune Admin Center and select Apps in the menu on the left.
2. Navigate to App Configuration Policies > Add Policy > Managed Devices.

3. Under Configuration Settings, add the following key/value pair:

   Key	Value Type	Value
   IntuneMAMUPN	String	{{userprincipalname}}

4. Associate the policy with Bundle ID com.emburse.mobile.
5. Assign the policy to the same user or device groups assigned in Step 1.

4. Add an App Protection Policy

1. Open the Microsoft Intune Admin Center and select Apps in the menu on the left.
2. Navigate to App Protection Policies > Add policy (iOS/iPadOS).
3. Define your organization’s protection settings (e.g., encryption, cut/copy/paste restrictions).
4. Assign the policy to the same user or device groups assigned in Step 1.

Validation Checklist

• Admin consent granted in Microsoft Entra ID
• IntuneMAMUPN = {{userprincipalname}} configured
• App protection policy applied and verified
• App and policies assigned to the correct groups
• Users complete Emburse login successfully

Admin Troubleshooting