Supervise device without erasing data?

Hello!

I made an iOS app for a research study that blocks network connections with certain websites. I need to block around 2000 web domains. To achieve this, I had two options:

  1. Use Screentime API
  2. Use Network Extension

Screentime API has a limitation that limits the number of websites it can block to 50 (https://developer.apple.com/documentation/managedsettings/webcontentsettings/blockedbyfilter-swift.property).

The Network Extension on the other hand requires my device to be in supervised mode, which as I understand it, involves erasing the data on the phone and resetting it.

Hence, I am here to ask if there is a way to do this without erasing user data when setting the device into supervised mode.

Also, I am open to hearing any other alternatives I could pursue. Thanks!!

Up vote post of stilakid Down vote post of stilakid
407 views
Posted by
stilakid
Reply
Add a Comment

Replies

I can’t answer your supervised device questions, because device management isn’t really my field [1]. However, I can speak to the NE side of this. You wrote:

I made an iOS app for a research study that blocks network connections with certain websites.

What’s your audience for this study? If it’s very limited, you may be able to use development signing. Non-supervised devices allow development-signed apps to enable an NE content filter.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] My understanding is that this isn’t possible, but you really need someone who knows more about this to confirm.

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo

  • Unfortunately, we mean to have ~2000 participants so we won't be able to do this with the developer account.

    Could you perhaps clarify one thing for me: do we need the device to be supervised if we use the dns proxy capability of network extension instead of the content filter capability?

    You have been immensely resourceful btw. :) Thanks!

    stilakid

  • @eskimo any update on this? Sorry, should have '@' you in the first comment.

    stilakid
Add a Comment

Supervising a device requires erasing the device.

Supervising the personal devices of research subjects would be inappropriate. Supervision grants to the organization the highest level of device management capabilities to an administrator. Some of those capabilities reveal data to the organization. This is fine for organization-owned data, but a grave privacy issue for personal data. Erasing a device when supervising it ensures that there is no personal data on the device.

Posted by
Systems Engineer
Post not yet marked as solved Up vote reply of Systems Engineer Down vote reply of Systems Engineer

  • Oh I see. Thank you for the clarification!! I think what we want is a simple dns filter of sorts but used the content filter capability thinking it was the same thing.

    stilakid
Add a Comment