Yearly Apple-Bravas integration
On the first use of Bravas and then every year, you will be required by Apple to exchange multiple authentication token between your Bravas tenant and Apple Business or School Manager to allow Bravas to manage your Apple ecosystem.
It is critical to do that process before each access token expiration date of you do not want to lose your management capabilities.
For the following procedure, you need both an admin access to Apple Business or School Manager and admin access to Bravas.
If you do not have Apple Business or School Manager yet, please refer to our documentation related to the creation of your Apple Business or School Manager access.
Push Notification Service
The Apple Push Notification Service (APNS) is used by Bravas to send call-home commands to each of your managed devices. This is usually done when a configuration has changed or an inventory update is requested. The notification will be sent to the endpoint via the Apple servers and contain nothing but a trigger for the endpoint to call the active MDM.
To register Bravas with Apple Push Notification Services, you need both an admin access to Bravas and a dedicated Apple ID for that use.
It is strictly mandatory that this Apple ID is not linked to any physical person, and that both password and second factor are known to your IT team as a yearly access will be needed.
We highly recommend that you create a Managed Apple ID in your Apple Business or School Manager using the yourcorp.appleid.com domain with a really explicit name like BRAVAS as first name and DO NOT DELETE as a last name.
Having this Apple ID being a managed one means that you will be able to reset its password or second factor by your own in the future. If you use a normal Apple ID for that purpose, you may have an issue of some Apple team not understanding why you use it and closing it for no regular access or will not be able to reset your password.
To start the configuration process, please go to Bravas in the Configuration tab, and in the left menu under the Hardware section click on Apple.
From here, click on the button configure integration with Apple Push Notification Services and follow the documentation directly available in the Bravas console.
On the first configuration, you will create a new certificate on the Apple Identity portal, and then it is imperative to use the renew feature.
If you create a new certificate instead of renewing the existing one, you will lose management capabilities for all existing devices.
Automated Enrollment
In the Bravas admin console, go in the Configuration tab, and in the left menu under the Hardware section click on Apple.
From here, click on the button configure integration with Apple Business Manager and follow the documentation directly available in the Bravas console.
The automated enrollment feature will be suspended by Apple if you have some contracts awaiting to be signed. This is usually the case when Apple releases a major update for iOS, macOS, tvOS or visionOS.
Even if you do not use some of those operating system, you need to sign the related agreement to keep using the automated deployment system on other platforms.
App deployment
To allow Bravas to deploy your Apps & Books from the different Apple virtual store, please go to Bravas admin console in the Configuration tab, and in the left menu under the Hardware section click on Apple.
From here, click on the button configure integration with the Apps & Books and follow the documentation directly available in the Bravas console.