This page describes what is new in the most recent releases of EASE.
July 12, 2017
User API Tokens
Administrators can now create API tokens for any user in the system. Tokens are especially useful for automated tasks or processes, but can replace user authentication credentials (username and password) for any API call.
Apperian recommends using this method of authentication to integrate with the Apperian API for repetitive automated tasks.
A new Settings > API Tokens page in EASE allows you to create, view, and revoke tokens. Tokens can also be created and revoked via the Organizations API.
For more information, see Manage API Tokens.
Faster App Signing in EASE
This release includes many behind the scenes improvements to the EASE signing server, but the primary benefit for customers is that signing apps in EASE is now much faster.
You must now use the signing package to sign apps that include watchOS apps. Apps that include watchOS components can no longer be signed with the EASE signing server. For more information, see App Extensions and Entitlements.
June 28, 2017
App Catalog Updates
We are excited to officially release the App Catalog updates we’ve previewed over the past few releases. This is the first step in a total App Catalog redesign which will roll out gradually over the upcoming months.
These updates are automatically available to all customers as of this release; there is no need to upload new native App Catalog application files.
App Catalog UI Enhancements
This release introduces a number of updates and enhancements to the App Catalog user interface (UI), including:
- iOS and Android App Catalogs now have improved navigation bars and other minor UI changes which take inspiration from the App Store and Google Play.
- The Windows App Catalog UI is not affected.
- The web App Catalog UI has been completely overhauled, and now dynamically adjusts to resemble the native App Catalog for the device it's running on.
- On Apple or Windows devices, the web App Catalog resembles the native iOS App Catalog; on Android and Blackberry devices it resembles the native Android App Catalog.
- Branding options are now standardized across web and native App Catalogs. All of your existing branding assets will work automatically with the new UI updates. For more information, see Branding App Catalogs.
The following screenshots provide a look at the updated UI:
Web App Catalog Vanity Domain
All organizations now have access to a vanity domain name—a unique URL which is automatically created based on the organization name. For example,
To avoid potential confusion, contact Apperian Support to change the domain name before you invite any new users into the organization.
Existing links to the web App Catalog now redirect to a generic Apperian branded login page where users can use their credentials to access your organization’s App Catalog.
32-bit Identification for iOS Apps
Apple has announced end of support for 32-bit apps as of iOS 11. To prepare for this, we’ve added a message that warns administrators when you add or edit a 32-bit iOS app. The warning does not prevent admins from adding a 32-bit app.
Administrators also now have new options for reviewing their existing apps to determine whether they use a 32-bit or 64-bit architecture:
- A new column called Architecture is available in the Version History table on an app’s Details tab.
- Bonus: The Version History table is now sorted by date in reverse, so the most recent version always appears at the top of the list.
- A new report called App Information provides basic details about every app version in the system, including App Name, Platform, Minimum Supported OS Version, Version, and Architecture. The Architecture column indicates whether an app is 32-bit, 64-bit, or both, and is only populated for the most recent app version.
The following enhancements have been made to EASE reports:
- The Reports page now lists reports alphabetically.
- The Download Activity report now tracks anonymous download activity (users who download an app but have not yet authenticated). Anonymous downloads are represented in the User ID column by
<IP address>@<org ID>
- For example,
- For example,
- The App Usage report now automatically shows data from the previous 7 days.
June 14, 2017
User Enabled Touch ID Authentication
In a previous release we added the ability for administrators to enable Touch ID authentication on iOS devices. We’ve improved upon that functionality by now allowing users to choose whether or not they want to use Touch ID for apps on their own device.
Now, when Touch ID authentication is enabled on the Settings page (or when enabled for SSO by Apperian Support), a new bar appears at the bottom of the login screen for the iOS App Catalog or any iOS apps that use policies that require authentication.
A Refresh link appears (on the app catalog only) when Touch ID is enabled for SSO authentication, and is used to clear username and password values on the login screen.
To take advantage of this enhancement, you must:
- Update to the latest version of the iOS app catalog. To do so, contact Apperian Support.
- Reapply any policies that require authentication (for example, Enterprise SSO or Self Updating App), re-sign the app, and deploy the updates to your users. For instructions, see Rewrap an Application.
Check Location Services Policy Enhancements
The Check Location Services policy now provides multiple options for displaying an alert on a user’s device:
- Mandatory: The alert appears every time a user opens the app, and users can't use the app until they enable location services on their device.
- Voluntary: The alert appears, but users can continue using the app without enabling location services. You can set the number of minutes that should elapse before displaying the alert again after a user dismisses it.
- No Alert: The alert never appears, but location services data is recorded for the Location Services Status report.
The alert message now varies depending on whether it is mandatory or voluntary.
After upgrading, the Check Location Services policy is set to Voluntary and 5 minutes by default for any apps already using the policy.
For more information, see Application Policies.
This update does not require that you reapply the Check Location Services policy or re-sign any apps. However, if you choose not to reapply and re-sign, the messages will differ slightly from those shown above.
May 31, 2017
Account Security Enhancements
This release adds new options for securing user accounts on the Settings > Password Requirements page. For more information, see Set Password Requirements.
The new Password History settings, available for both users and administrators, allow you to prevent users from entering new passwords repeatedly in an attempt to reuse an old password right away.
Enforce password history sets the number of unique new passwords that must be associated with a user before an old password can be reused. Set to 1 by default, with a maximum of 30.
Minimum password age sets the amount of time (in hours) that must pass before users can create a new password. Set to 0 by default, which effectively disables the setting until a positive value is entered.
Administrators can change a user's password at any time, regardless of how these settings are configured.
The new Account Lockout setting, also available for both users and administrators, allows you to set the number of times a user can enter an incorrect password before their account is disabled (locked out). Once a user’s account is disabled in this way, the user is prevented from logging in again until an administrator manually enables the user's account. Administrators can enable users at any time, but can’t unlock their own account.
Account lockout threshold is set to 0 by default, which effectively disables the setting.
Older versions of the Android app catalog incorrectly count each invalid login attempt twice. To avoid this issue, customers are encouraged to upgrade to the latest version of the Android app catalog.
May 17, 2017
End of Support for BlackBerry Apps
As of June 2017, Apperian will no longer support the delivery of native BlackBerry applications. This decision is based on customer feedback and an overall decline in BlackBerry app usage in the marketplace.
Customers currently using the Web Catalog to deliver BlackBerry apps should notify their users as soon as possible.
This is NOT end of support for BlackBerry devices. Customers with BlackBerry 10 devices can use the Web Catalog or the Android App Catalog (on BlackBerry 10.3 or higher) to deliver Android apps. For more information about BlackBerry support, see Supported Platforms.
May 5, 2017
Touch ID Support for iOS for App Catalogs and Policies
You can now enable Touch ID Authentication when using Single Sign-On (SSO) authentication for iOS devices. Previously, Touch ID was only available for EASE Authentication.
When enabled, Touch ID support now also extends to any app with policies that require authentication (for example, Enterprise SSO or Self Updating App).
To enable this feature for EASE Authentication, you need to update your App Catalog and re-apply policies to any apps which use the Enterprise SSO or Self Updating App policies. For more on enabling Touch ID with standard EASE Authentication, see Specify the User Authentication Method.
To enable this feature for Single Sign-On authentication, contact firstname.lastname@example.org.
March 22, 2017
Touch ID Authentication with the iOS App Catalog
If your organization is configured for standard EASE Authentication (the EASE built-in authentication mechanism), you can now enable users to log in to the iOS App Catalog using Touch ID, as long as Touch ID is set up on their devices.
By default, Touch ID is not enabled for an EASE organization; to enable it, go to Settings->Authentication in the EASE Portal. Once Touch ID is enabled, users will need to log in one time using username and password; on subsequent logins, they will be prompted to authenticate with Touch ID instead.
Note: To get this feature, update to the latest iOS App Catalog and distribute it to your iOS users. To obtain the latest catalog, contact email@example.com.
Touch ID is also supported with SSO authentication using certain SSO providers. If your organization is using SSO authentication and you are interested in enabling Touch ID, contact firstname.lastname@example.org for more information.
For more on enabling Touch ID with standard EASE Authentication, see Specify the User Authentication Method.
March 8, 2017
Application Metadata Stored for Each Version
Prior to this release, EASE stored application metadata at the application level. This meant that when users viewed details about an app in the App Catalog, they saw metadata associated with the latest version of the application, regardless of which version(s) they had access to in the catalog. Now EASE stores the metadata for each version of an application so that users can view the unique data associated the versions they are accessing.
The example to the right shows the details page in the App Catalog for two versions of the Benefits app: V2.0 and V2.2 (the latest). Each version has a different name, icon, version note, and short and long description.
EASE now stores the following metadata at the version level:
- Version Number and Notes
- Short and Long Description
- Form Factor
- Minimum OS Version
- Custom Metadata
In upcoming releases, EASE will store additional data at the version level, such as screenshots and application reviews.
Application metadata will be stored at the version level for any app that you add or edit from this release forward. It does not apply to metadata associated with older versions of apps created prior to this release.
To learn more about managing multiple versions of your applications in EASE, see Application Versions.
With new web services endpoints, this enhancement is also available to customers and partners who interface with Apperian APIs. For more detail, see New V2 API Endpoints.
New V2 API Endpoints
Storing application metadata at the version level rather than the application level is an architectural change to the EASE data model. Therefore, Apperian has created new versions of several API endpoints in order to offer this new functionality while continuing to support customer applications that interface with the original v1 endpoints.
List All Applications
List Data for a Specific Application
Get Inspection Report for Latest Version of Application
List Version Information for an Application
List App Catalog Data
List Applications for a Specific User
List Applications for the Authenticated User’s Device
List Data for a Specific Application
List Downloaded Applications
List Featured Apps
List Applications with Mandatory Updates
List Apps in Order of Popularity (# of Downloads)
List Applications with Updates
List Data for a Specific Version of an Application
This is a new endpoint.
List Apps in a Specific Category
GET /v1/catalog/categories/(string: category_id)/applications/
Search Application Data
Install All Native Applications
Install All Mandatory Applications
Install All Application Updates
List Applications in Group
List Groups Associated with a Specific Application
For a list of all v1 and v2 endpoints, see the HTTP Routing Table.
Note the following considerations when assessing the impact of these API changes:
Not all Apperian API endpoints have been versioned; endpoints not listed below have not changed and are still listed as v1.
The v1 versions of the endpoints listed below will be deprecated in Q3 of 2017. At that time, Apperian will no longer support code that interfaces with those endpoints. Apperian will provide further information, including a more specific timeline, before any endpoints are deprecated.
Code that interfaces with the v1 endpoints listed below will continue to work for now, but you should modify it to work with the v2 versions of the endpoints before Q3 of 2017. If you have any questions or concerns about this timeline, please contact email@example.com.
All new code that interfaces with Apperian APIs should point to the latest version of each endpoint.
February 22, 2017
"Last Active Date" in Device Details Report
The Device Details report now includes a “Last Active Date” column. This column, which already displays in the Devices table on a user’s details page, identifies the date when the user last interacted with EASE from the device. Interaction includes any type of communication between the device and EASE.
For more information on running the Device Details report and other reports, see Running Reports.
Search and Other Enhancements on the Groups Page
To improve the user experience and provide more information for EASE administrators—especially those working with large numbers of groups—the Groups page in the EASE Portal includes multiple enhancements:
- A Search field lets you search on group name and description to filter the list.
- Pagination controls allow you to page through large lists of groups and adjust the number of groups displayed per page.
- New Applications and Users columns display the number of apps and users currently assigned to the group so you can gather that information at a glance without having to view group details.
For more information on managing groups, see Managing Groups.
Screenshots in the Windows Phone/Mobile App Catalog
App Catalog users on Windows Phone/Mobile devices can now view screenshots on an app’s details page if screenshots were uploaded for the app via the EASE Portal.
February 8, 2017
Disassociate a Device from a User
When a user first logs in to the App Catalog from a device, EASE creates an association between that device and the user. These associations are listed in a Devices table on the user’s Details page in the EASE Portal. Over time, the table may become outdated, listing devices the user no longer uses. EASE now lets you remove a device from the Devices table to disassociate it from the user. Once you remove a device, it is no longer listed in the user’s Devices table, nor is it listed in “real-time” reports, such as the Device Details report.
Disassociating a device from a user does not impact any other associations between that device and other users. Also, if you disassociate a device from a user and the user logs in to EASE from that same device again in the future, EASE reassociates the device to the user.
For instructions on removing a device, and more detail on what happens when you do, see Disassociate a Device from a User.
Easily Identify Assigned Users When Editing a Group
When editing a group in the EASE Portal, you can now click a Show Assigned link to list only the users currently assigned to the group. This is very helpful when managing large numbers of users.
For more information, see Edit a Group.
January 25, 2017
Server Certificates Application Policy
The Server Certificates policy lets you upload one or more trusted SSL (X.509) certificates that a wrapped app can use when establishing an SSL connection with the servers it needs to access. Similar to how browsers have a pre-installed list of trusted SSL certificates, this policy lets you pre-install a list of certificates on a per-app basis.
The Server Certificates policy uses Blue Cedar Networks Mobile App Protection (MAP) and is not part of the base EASE product. If MAP policies are currently disabled for your organization and you are interested in using this policy or any other MAP policies, contact Apperian Customer Support.
For more information, see Application Policies.
Hybrid App Enhancement: Open Files in Other Apps
Prior to this release, if a user tapped on a file link in a hybrid app, EASE would attempt to open the file directly in the app’s webview. This presented a limitation with hybrid Android apps because the webview could not open PDF files.
Now when you add or edit a hybrid app, you can select an option to allow the app to open files in other apps. When users tap on a file link in a hybrid app built with this new option, a menu will display from which the user can select an application to use to open the file.
With hybrid iOS apps, this feature supports any file type. With hybrid Android apps, this feature currently supports PDF files only; EASE will attempt to open other file types in the webview. Apperian is continually enhancing EASE functionality; if you have other file types you want to support with your hybrid Android apps, let us know by contacting firstname.lastname@example.org.
The following illustration shows the user's experience opening a file in an iOS hybrid app.
For instructions on adding a hybrid app and setting this new option, see Add an Application. To support this option with one of your existing hybrid apps, you will need to edit and rebuild the app and then sign and redistribute the update. For instructions on rebuilding a hybrid app, see Edit or Update an Application.
App Catalog Version Number Displayed
When you are troubleshooting an issue with one of your App Catalog users, it is helpful to know which version of the catalog the user is running. If you know the user’s version, you can ensure it is the latest and greatest by comparing it with the version of the catalog currently uploaded to your EASE organization. You can also provide the version number to Apperian Customer Support so they can better assist you when needed.
The App Catalog now lists its version number in the side menu next to organization name.
January 11, 2017
Identify Inactive Devices
Many of your users install the App Catalog on multiple mobile devices and upgrade to new devices fairly regularly. On the user details page in the EASE Portal, EASE now helps you identify unused or underused devices that might be sitting idle in a desk drawer or forgotten in an employee’s backpack. The Devices table, which lists all the mobile devices on which the user has logged in to the App Catalog, includes a new Last Active Date column that identifies when the user last interacted with EASE from each device. Interaction includes any type of communication between the device and EASE, such as listing apps in the App Catalog and updating an app.
For instructions on viewing details about an EASE user, see View User Details.
Feature Apps in the Windows Phone App Catalog
At the top of the Popular apps page in the Windows Phone App Catalog, users can now browse a collection of featured applications curated by an EASE Administrator. Featured apps display in an auto-scrolling carousel, with a quote listed under the app name. This feature—already available with iOS and Android App Catalogs—is a great way to promote applications and drive their adoption within your organization.
Selecting the apps you want to feature in a catalog is a simple drag-and-drop process through the EASE Portal. For instructions, see Select Featured Apps for the App Catalog.
December 14, 2016
Improved iOS App Catalog User Experience (App Button Behavior)
To provide iOS App Catalog users with a more consistent user experience, we have modified the button behavior for native applications that were previously installed on the device. Once a user installs a native app, the button now changes from INSTALL to a Cloud Download image button.
Prior to this release, the INSTALL button was designed to change to OPEN once an app was installed, but due to restrictions with the iOS operating system, that behavior was not always consistent; sometimes the button changed to INSTALLED instead of OPEN, or remained OPEN even if the user deleted the app. Now, as long as the app was previously installed, the Cloud Download button displays and the user can tap it to download and install the app—regardless of whether the app is still installed on the device.
This is the only change to the application buttons in the iOS App Catalog. Other buttons (RUN, UPDATE, and APP STORE) are unchanged.
There are no changes to buttons in the Android, Windows Phone, and Windows 8/10 App Catalogs. In those catalogs, the INSTALL button still changes to OPEN after the app is installed.
For more detail on the application button behavior for all types of apps with each App Catalog platform, see Application Buttons.
New Blue Cedar Networks MAP Application Policies
Apperian EASE now supports Mobile App Protection (MAP) 3.12.2, the latest version of Blue Cedar Networks MAP. This version includes enhancements to all MAP application policies, as well as the new Client Certificates policy. Additionally, MAP 3.12.2 supports multidex Android apps and 64-bit iOS apps. Support for 64-bit apps means you can now apply MAP policies to any of your iOS apps, including iOS hybrid apps (which EASE builds as 64-bit apps).
The following table lists the old and new policy names, and describes the new Client Certificates policy. For details on these policies as well as Apperian application policies, see Application Policies.
|Old Policy||New Policy|
This policy requires that you have the Blue Cedar Networks Atlas Platform.
Local App AuthenticationIn addition to functionality provided with the Require Passphrase policy, this new policy also supports fingerprint authentication
|Encrypted DAR (Data at Rest)||Encrypted Data at Rest|
Data SharingThe old Copy-Paste Protection policy could not be used in conjunction with Apperian policies. That is no longer a restriction with the Data Sharing policy.
New Policy! Client Certificates
This policy requires that you have the Blue Cedar Networks Atlas Platform.
This policy works with the Blue Cedar Networks Atlas Platform to provide a client certificate from your Atlas Gateway server and store it on the user’s device. The application can then present this certificate to sites it needs to access, thereby allowing the user to skip additional logins and have a smoother mobile experience. You can configure the policy so that the client certificate is presented only to a defined “white list” of URLs.
With the old MAP policies, some policies needed to be applied in certain combinations. This is no longer the case; you can apply MAP policies individually or in any combination.
Blue Cedar Networks MAP policies are disabled by default in EASE. If you are interested in applying them, contact Apperian Customer Support at email@example.com.
Apps that are currently wrapped with Blue Cedar Networks policies will continue to work, but Apperian encourages you to reapply policies to those apps as soon as possible in order to take advantage of all policy enhancements. After you reapply policies, you will need to re-sign the apps and deploy the updates to your users. For instructions, see Rewrap an Application.
For more on application policies, see Managing Application Policies.
Ability to Upload Images in Hybrid Apps
To enable users to take fuller advantage of an application’s functionality, hybrid apps created through EASE now let users:
- Add existing photos from Gallery (Android hybrid apps). iOS hybrid apps already supported the ability to add images from Photos.
Add new photos taken with the device camera (Android and iOS hybrid apps).
To get this enhancement for an existing hybrid app, you need to rebuild and re-sign it and then deploy the update to your users. For instructions, see Update an Application.
November 30, 2016
Data Filtering with the Reports API
To improve the efficiency of the Reports API, you can now filter on the value of one or more report columns to limit the data returned. Which columns are filterable varies for each report. For example, with the App Usage report, you can filter on user_id, device_id, and app_id.
Use the new column filters alone or in conjunction with Start and End date URL parameters.
For details on using the Reports AOI, including a table listing filterable columns for each reports, see the Reports API documentation.
Location Services Status Report
If you are using the Check Location Services policy to encourage users to enable location services for certain apps, you can now monitor the location services status for users/devices running those apps. The new Location Services Status report lists each check performed by the Check Location Services policy whenever the status is different than the previous status.
An "Enabled" status indicates that all necessary location settings are enabled and the user can take advantage of GPS features built into the app; a "Disabled" status indicates that Location Services are disabled on the device and/or the app is not set to allow location access.
To start seeing status in this report for any apps that already use the Check Location Services policy, you will need to reapply the policy, re-sign the app, and deploy the update to your users. For instructions, see Rewrap an Application.
November 16, 2016
App Catalog Sign On with OAuth Authorization
EASE now supports the OAuth 2.0 protocol for authorization of EASE App Catalog users, providing you with an alternative to SAML 2.0 authentication. (Note that Apperian also continues to support authentication through SAML 2.0.)
OAuth 2.0 is an open standard for authorization that is commonly used as a way for Internet users to authorize websites or applications to act on their behalf without sharing their password. If your company uses OAuth to secure access to its authorization resources, Apperian can configure your App Catalog to route user authorization through OAuth. Rather than provide EASE with secret identity attributes, such as the user's password, the OAuth flow will instead provide EASE will an access token that EASE can use to authorize the user.
If you are interested in enabling your App Catalog to authorize users through OAuth, contact Apperian Customer Support at firstname.lastname@example.org. Setup is simple and straightforward. You will need to provide some information on your OAuth provider configuration, and then Apperian will do the rest.
For more on authorizing users with OAuth and the information you will need to provide to Apperian about your OAuth provider, see Single Sign-On with EASE.
Enhanced User Experience with Check Location Services Policy
If an iOS app is wrapped with the Check Location Services policy and EASE detects that "Location Services" for the device is set to Off and/or "Location Access" for the app is set to Never, then EASE will display a popup message prompting the user to activate both of those settings.
To improve the user’s experience, the popup now provides a Settings button that the user can tap to automatically open the Settings app. The exact page that opens in the Settings app depends on what is currently disabled on the device as well as the operating system version.
Users can optionally tap a Later button to continue using the app without enabling location services and location access, but they will be prompted again when relaunching the app if five or more minutes have elapsed since the message last displayed.
For more on the Check Locations Services policy, and to understand the behavior of the Settings button on different iOS versions, see Check Location Services.
October 19, 2016
User Interface Improvements on the Applications Page
In the EASE Portal, the Applications page is the first place you land when you log in, and your “command center” for a variety of application management tasks. This release presents a redesigned Applications page with several user interface changes to optimize and enhance your user experience:
A Show/hide columns menu lets you select which columns to display in the list so you see only the data you care about. EASE will remember your selection the next time you log in (unless you clear your browser’s cookies).
A Search field at the top of the page lets you quickly find the app or apps you need. When you start typing a string, EASE searches on application name, short description, and long description. It will search the data in a column even when that column is hidden.
App Catalogs are now organized in a row at the top of the page, separate from the list of applications.
Status tags under the application name inform you “at a glance” and help you stay on top of what needs your attention. These tags identify if an application has policies applied to it, and whether it is disabled, expired, due to expire, or pending signing.
Pagination controls let you page through large lists of applications, and adjust the number of applications displayed per page.
New Sign and Policies action links under the application name take you, in one click, to the page for signing or applying policies to the app.
In addition to the features listed above, the page offers improved performance—especially noticeable in organizations with a large number of applications.
Accessibility Support in the App Catalog
With this release, Apperian is proud to deliver an App Catalog that follows Web Content Accessibility Guidelines (WCAG) 2.0 to make catalog content accessible to a wider range of people with disabilities, including people with blindness and low vision. Enhancements include, but are not limited to:
Improved navigation when VoiceOver/Talkback is enabled.
Larger buttons that are easy to click.
More readable font sizes.
Notification of updates via VoiceOver/Talkback.
Identification of categories via VoiceOver/Talkback.
These enhancements are implemented on the EASE server and do not require you to deploy a new version of the App Catalog.
Improved Default User Invitation
When you add a new user to EASE, you can request that the system automatically send an email invitation message that provides instructions for activating the user’s account and downloading the App Catalog. EASE provides a default template for this message that you can optionally modify on the Settings page.
Apperian has modified the default invitation template to better organize its content and improve a new App Catalog user’s first experience with EASE. This change is to the default template only and will not impact any customizations you may have made to the invitation for your organization. If you want to use this new default template with your organization, you need to explicitly choose to do so by clicking Revert to Default in the Email Templates->User Invitation section on the Settings page.
To see an example of the new user invitation template, and for instructions on editing the template or reverting to the default template, see Edit the User Invitation.
- No labels