What’s new for enterprise in iOS 16
Learn about the enterprise content that Apple has released for iOS 16.
iOS 16 updates improve the stability, performance, or compatibility of your device and are recommended for all users. Device administrators can manage software updates using an MDM solution.
For information about general improvements, learn about iOS 16 updates.
For details about the security content of these updates, see Apple security updates.
iOS 16.5
You can now sign in with your managed Apple ID in Software Update to install beta updates. See the documentation on AppleSeed for IT for more information.
Safari now sets network traffic class based on the WebRTC priority property.
Resolves an issue where Verizon users were unable to auto-dial conference room numbers.
The error message “Cannot Send Email” no longer appears when an email sends successfully.
Text message verification codes now work when using federation with Microsoft multifactor authentication.
iOS 16.4
MDM can query the model number of managed devices.
Profile-based Wi-Fi networks are given auto-join priority over manually joined networks by default.
Resolves an issue that caused users with Managed Apple IDs to be prompted to Update Apple ID Settings.
iOS 16.3.1
Resolves an issue that prevented iCloud settings from displaying or setting correctly for users with Managed Apple IDs.
iOS 16.3
Network extensions that provide content filtering will properly filter web browsing.
Users can send MMS messages when Always On VPN is configured.
Exchange Mail notifications are delivered more reliably on sleeping devices.
Mail attachments work more reliably when copied from one message and pasted to another.
Resolves an issue where VPN profiles failed to update.
Improves reliability when using Always On VPN and a Global Proxy.
iOS 16.2
Enrollment single sign-on allows administrators to designate an identity app used to sign in during and after MDM enrollment.
MDM can now restrict and install Rapid Security Responses.
MDM can now specify domains where cross-site tracking is allowed in Safari.
While a user restores from a backup, MDM can now install new apps before all apps included in the backup have been restored.
Resolves an issue that prevented Siri from initiating calls to managed contacts.
Resolves an issue in which devices failed to join 802.1X networks after trusting the server certificate.
iOS 16.1
Resolves an issue in which an assigned eSIM would still be configured when the eSIM Modification restriction was set on a device.
Resolves an issue in which a device could fail to complete Setup Assistant when an MDM-installed app is configured for Single App Mode before Setup Assistant completes.
iOS 16.0.1
Resolves an authentication issue on iPhone 14 and iPhone 14 Pro models when using OAuth-based SSO extensions.
iOS 16
iOS 16 includes new features like Enrollment SSO, Managed Device Attestation, and Declarative Device Management support for all enrollment types.
Device Management
Managed Device Attestation uses the Secure Enclave and cryptographic attestations to secure communications by managed devices when connecting to services such as MDM, VPN, and 802.1X.
Adds support for OAuth 2.0 for User Enrollment.
Per-app DNS proxy and per-app Web Content Filter allow specified managed apps to allow user-related data to remain private.
The Settings MDM command can now configure accessibility settings such as bold text, increase contrast, reduce motion, reduce transparency, text size, touch accommodations, zoom, and Voice Over.
PerApp VPN can now be used with user enrolled devices.
Apple Configurator for iPhone can now be used to add iOS 16 and iPadOS 16 devices to Apple School Manager, Apple Business Manager, or Apple Business Essentials.
Bug fixes and other improvements
Adds support for PIV Smart Cards and CCID-compliant readers.
Device backups can now be performed when connected to an LTE or 5G cellular network.
The managed pasteboard restriction will now be applied to domains specified in the Domains payload.
Exchange accounts and federated managed Apple IDs will now be able to authenticate with the Allow Account Modification restriction enabled.