Appstore App Policy

BigFix Mobile enables you to configure application policies to install applications from the App store on the Android, iOS, and iPadOS devices.

About this task

Before creating the Appstore App policy, ensure the required apps are added in the App Catalog.

Creating an Appstore app policy

To create an appstore app policy, perform these steps:


  1. Log in to BigFix WebUI.
  2. Go to Apps > MCM.
  3. Click Create Policy on the top right corner.
  4. From the list of policy types, select Appstore Apps. The following page appears.

  5. Under the General Settings section, enter Appstore Apps Policy Name and Description.
  6. Select the Operating System.
  7. From the Assign Policy to Site dropdown, select the site.
  8. Configure the operating system specific settings. In the Default Permission Policy field, select the permission type; Prompt, Grant or Deny.
    Default Permission Policy: The permission set here is applicable globally for all the applications that are installed through the policy. Admins can choose from the following options when setting a default runtime permission policy for the managed Android apps.
    • Prompt - prompt the user to grant permission to install apps. This is the default option. Device users can either choose to allow installation of the apps or cancel it.
    • Grant - automatically grant permission to install the managed apps without user intervention
    • Deny - automatically deny permission to prevent unauthorized app installation
    • Manage individual permissions: IT admins can remotely set permissions to prevent applications from gaining access to data or control over a device. For example, the ability to read the user's contacts, external storage or location are runtime permissions. The user has to explicitly grant these permission for the application. However, for managed Google Play applications, administrators can configure and enforce these permissions from WebUI. Select Prompt, Grant, or Deny for individual permissions. For more details on the permissions listed, see the official Android documentation at
    • The permissions configured through this policy are applicable globally to all the apps included in this policy. If you want to configure per-app permissions, you must configure them through a custom policy.
    • Deployment of this Appstore policy removes any previously deployed work profile applications that are not specified in this policy.
  9. Select apps to install: Lists all the available apps specific to Android or iOS/iPadOS. Select the apps as desired.
  10. Click Save.


Appstore app policy is created and is ready to deploy.

When the policy is deployed, the device receives a notification that a set permission or action is being performed on the device by the device manager. The permission manager in the device shows the permission that are applied.

Note: Android:
  • Per-app permissions are not yet available.
  • Policy deployment will remove any past work profile apps not specified in the new policy.