Setting the default Browser on iOS with Workspace ONE

  • Posted on
  • Posted in iOS

With the recent release of Apple iOS 18.2 there are some new functionality in regards to browser. You can now set the Default browser via MDM Commands, In my case I want to show in this Blog how to set it to Omnissa Workspace ONE Web as well restricting the User to change the default browser.

Set Default Browser

To set the default Browser, we can use a Custom Command. This can be done via Intelligence for example . I used a Custom Connector and uploaded the Action.

I have uploaded my Connector on my GitHub repository :
https://github.com/EUCPatrick/Intel-Connector/blob/main/iOS%20Set%20Default%20Browser.json

I use a workflow to set the default browser in Workspace ONE Intelligence like this:

In case of other tool like Postman etc. here the used JSON for the POST API Call to following URL (https://{{baseUrl}}/api/mdm/devices/:deviceId/commands?command=CustomMdmCommand)

{"CommandXML":"<dict><key>RequestType</key><string>Settings</string><key>Settings</key><array><dict><key>Item</key><string>DefaultApplications</string><key>WebBrowser</key><string>com.air-watch.secure.browser</string></dict></array></dict>"}

Restrict the user to Change the default Browser

To restrict the User to not be able to change the Browser there is a new Restriction in iOS 18.2 available. While the Command is there for all MDM Enrolled Devices , the Restrictions is Supervised only.

Create a new Profile with Imperative Type and Device Context :

Add the “Custom Settings” Payload:

Copy paste the following Code to the Profile and block the user from Changing the default Browser: 

<dict>

        <key>allowDefaultBrowserModification</key>

        <false/>

        <key>PayloadDisplayName</key>

        <string>Restrictions</string>

        <key>PayloadDescription</key>

        <string>Default </string>

        <key>PayloadOrganization</key>

        <string></string>

        <key>PayloadType</key>

        <string>com.apple.applicationaccess</string>

        <key>PayloadUUID</key>

        <string>a9f1b84e-6695-4f47-bcfa-e6334228bce3</string>

        <key>PayloadVersion</key>

        <integer>1</integer>

        <key>PayloadIdentifier</key>

 <string>8111d49a-023b-4f70-a3b6-f764d96eb7db.Restrictions</string>

</dict>

Once the Profile is installed the user is not able to change the default Browser.

Device View:

On the Device (if Supervised) the user can now not change the default Browser and also the Browser is set to the App we used in the Command.


Resources :

Apple Document about Commands: https://github.com/apple/device-management/blob/release/mdm/commands/settings.yaml

Apple Document about Restriction: https://github.com/apple/device-management/blob/1fa842739c8f19db5b62f3ac6aed261cc378e5b8/mdm/profiles/com.apple.applicationaccess.yaml

Written by
Website | + posts

vExpert, blogger and VMware & Omnissa champion. Worked 10 years as a Architect for a partner before joining VMware in 2017. Moved to Omnissa in 2024.

Previous Article

Leave a Reply

Your email address will not be published. Required fields are marked *.

*
*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright digitalworkspace.one All right reserved
BCF Shop Theme By aThemeArt.
BACK TO TOP