Integrate your organization with Apple Business Manager
Apple Business Manager is a simple, web-based portal for IT administrators that provides a fast, streamlined way for you to deploy Apple devices that your organization has purchased directly from Apple or from a participating Apple Authorized Reseller or carrier. You can automatically enroll devices in your mobile device management (MDM) solution without having to physically touch or prepare the devices before users get them.
Using your MDM, you can simplify the setup process for users, configure device settings, and distribute apps and books you purchase in Apple Business Manager.
So you can quickly create accounts, Apple Business Manager also integrates with your existing environment. You can integrate with Microsoft Azure Active Directory (Azure AD) using federated authentication or using System for Cross-domain Identity Management (SCIM), enabling users to sign in to Apple services with their existing Azure AD credentials.
To view the certifications that Apple maintains in compliance with the ISO 27001 and 27018 standards for Apple Business Manager, see the Apple support article Apple Internet Services Certifications.
Note: To learn whether Apple Business Manager is available in your country or region, see the Apple Support article Availability of Apple programs for education and business.
Federated authentication
You use federated authentication to link Apple Business Manager to your instance of Microsoft Azure Active Directory (Azure AD).
System for Cross-domain Identity Management (SCIM)
SCIM allows organizations to merge Apple Business Manager properties (such as roles) over account data imported from Azure AD.
For more information on federated authentication and SCIM, see Integrating with Azure AD.
Assign devices to your MDM solution
After you enroll in Apple Business Manager, you can add manager accounts for users who are authorized to access the web-based portal. From the website, you’ll establish one or more servers for your MDM solution. You can add servers any time.
You assign eligible Apple devices to your MDM solution by order number or by serial number. Devices must meet the following criteria to be eligible for assignment:
The device must have been ordered after March 1, 2011, whether it was purchased directly from Apple or from a participating Apple Authorized Reseller or carrier.
If the device was purchased directly from Apple, the purchaser must have used an enrolled and verified Apple customer number.
If the device was purchased directly from a participating Apple Authorized Reseller or carrier, the device must be linked to that reseller’s Reseller ID. The actual date of eligibility is determined by the participating Apple Authorized Reseller or carrier sales history. The Reseller ID must be added to your list of approved suppliers.
For more information, see Intro to device management in the Apple Business Manager User Guide.
Purchase apps and books in bulk
Because Apple Business Manager and your MDM solution work together, your organization can buy content in volume, assign them to devices or users, and then install and update them wirelessly, even if the App Store is disabled.
You can also revoke and reassign apps to different devices and users, so your organization retains full ownership and control of purchased apps. You can assign the apps you buy through Apple Business Manager to any devices or users in any country where the app is available from the App Store in that country. For more information, see Apps and books overview in the Apple Business Manager User Guide.