I am looking for some information regarding how to appropriatley deploy an In House Enterprise App on a Web Server and still stay within apple developer license guidlines.
According to the XCode help guide on this issue, you can:
"Note: If you don’t distribute your app using a MDM system, users can install your app using the iOS App (IPA) file but then they will need to manually trust your organization to launch the app."
Continuing from that link, apple provides a nicehelp doc on how to "Distrubite in-house apps from a web server":
From my understanding, you can create a manifest.plist that contains a url to your .ipa file. From there, the user downloads the manifest and the device takes over to read the manifest and download the .ipa.
However, according to theApple Enterprise License Agreement, section 2.1:
"You may permit Your Permitted Entity to deploy Your Internal Use Applications to Permitted Users on Your behalf, provided that such deployment is at least as restrictive and protective of Apple as the terms of this Agreement (e.g., posting the App on a public website or non-authenticated server would be prohibited)."
Obviously, you can easily put the download to the manifest behind an authenticated web server; however if you try and put the .ipa file behind some form of authentication, the "internal mechanism" of the device that reads the manifest and downloads the .ipa doesn't know about any authentication method to your server and will be rejected, causing the install to fail.
It seems then, the .ipa download would have to be public, at least from the device's perspective.
What are the appropriate steps to deploy an internal app in this manner, while not being in direct conflict with the enterprise agreement?