Apple Business Manager
Apple Business Manager is a simple, web-based portal for IT administrators to deploy iPhone, iPad, iPod touch, Apple TV, and Mac computers all from one place. When you use this portal with your mobile device management (MDM) solution, you can configure device settings and buy and distribute apps and books.
Apple Business Manager requires MDM and some MDM vendors offer enhanced support beyond the basic functionality for Apple Business Manager.
Apple has received certifications of conformance for Apple Business Manager.
Note: To learn whether Apple Business Manager is available in your country or region, see the Apple Support article Availability of Apple programs for education and business.
Federated authentication
You use federated authentication to link Apple Business Manager to your instance of Microsoft Azure Active Directory (AD). As a result, your users can leverage their Microsoft Azure AD user names and passwords as Managed Apple IDs. They can then use their Microsoft Azure AD credentials to sign in to their iPhone, iPad, Mac, and even iCloud on the web.
Microsoft Azure AD is the Identity Provider (IdP), which contains the user names and passwords for the accounts you want to use with Apple Business Manager. Federated authentication uses Security Assertion Markup Language (SAML) to connect Apple Business Manager to Microsoft Azure AD.
Assign devices to your MDM solution
After you enroll in Apple Business Manager, you can add manager accounts for users who are authorized to access the web-based portal. From the website, you’ll establish one or more servers for your MDM solution. You can add servers any time.
You assign eligible iOS, iPadOS, and tvOS devices and Mac computers to your MDM solution by order number or by serial number. Devices must meet the following criteria to be eligible for assignment:
They must have been ordered on or after March 1, 2011, and purchased directly from Apple using your enrolled and verified Apple customer numbers.
They must have been purchased directly from a participating Apple Authorized Reseller or carrier and linked to that reseller’s Reseller ID. The actual date of eligibility is determined by your participating Apple Authorized Reseller or carrier’s sales history, but the date can’t be before March 1, 2011.
Purchase apps and books in bulk
Because Apple Business Manager and your MDM solution work together, your organization can buy content in volume, assign them to devices or users, and then install and update them wirelessly, even if the App Store is disabled.
You can also revoke and reassign apps to different devices and users. In this way, your organization retains full ownership and control of purchased apps. You can assign the apps you buy through Apple Business Manager to any devices or users in any country where the app is available from the App Store in that country.