Intune for Admins

Yext (formerly Hearsay) for Intune combines the Yext Mobile app with the Microsoft Intune device management platform. It allows users to communicate with their contacts in a protected and secure BYOD environment with mobile application management (MAM). Using Yext for Intune provides an extra layer of protection for your organization's data. 

To learn more about your user’s experience when using Intune for the first time, see Logging into Yext for Intune. 

Application policies 

Before using Intune, you will need to create protection policies that are unique to your organization via Microsoft. See the following articles to get started:

Most protection policy settings are supported out of the box when including the Intune SDK in the app. However, a handful of settings require explicit app participation. Here are some details about how to configure certain policy settings for the Yext for Intune app:

iOS policies that require application participation

  • shouldFileProviderEncryptFiles - Yext does not use FileProvider and doesn’t require support for it.
  • notificationPolicy - The setting behavior is as follows:
    • Block OR block org data -  All notifications say “You have a new notification.”
    • Allow - all notifications appear as usual with no configuration changes.
  • isFileEncryptionRequired - The Intune SDK handles most encryption by default. Additionally, all files in Yext are encrypted with or without this policy turned on.

Android policies that require application participation

  • Org Data Notifications - Android fully handles notification restriction app policies.
    • Block - No notification alert is shown.
    • Block org data - All notifications say “You have a new notification.”
    • Allow - All notifications appear as usual with no configuration changes.
  • Contact Sync - If the app policy has contact sync disabled, we prevent all write access to the device’s local contacts from Yext. The only place we use write access is for the local “Yext” contact used for Caller ID purposes. Support for this comes out of the box on iOS, and we’ve added the custom handling on Android too.
    • Note: If your organization has Contact Sync off, Caller ID will not work for Yext voice calls.
  • Send Org Data to other apps - This is an app policy setting that affects whether the Yext for Intune app can speak to non-Intune managed apps. If this setting is configured to anything other than “All Apps”, the Real-Caller ID feature will not work. The Real-Caller ID feature relies on sharing data from Yext to the Android dialer application and is only leveraged for organizations not using VoIP calling.

Granting permissions as an admin 

Our Intune applications require access to a Microsoft Resource for reading/writing Intune related information. This resource access requires admin approval. Normally, this should already be granted in an organization that leverages other publicly available Intune apps. Otherwise, users may see this screen when logging in:

To grant these permissions, do the following while logged in as an admin:  

  1. Construct and access the URL for granting tenant-wide admin consent:
    • https://login.microsoftonline.com/{tenant-id}/adminconsent?client_id={client-id}
      • tenant-id is their organization's tenant ID within Intune
      • client-id is our application id registered with Intune, which is "b8e65bec-d86b-448a-8617-b3a2ba7992b6"
  2. Apply permissions as follows:
    • DeviceManagementManagedApps.ReadWrite
      • Scope or Role Claim Value:
        • wip.mam.manage.microsoft.us//DeviceManagementManagedApps.ReadWrite
      • Resource application:
        • Microsoft Mobile Application Management
      • Admin consent display name:
        • Read and Write the User's App Management data
      • Admin consent description:
        • Allows the Application to read and write the user's data pertaining to itself in the Intune Mobile Application Management service
    • User.Read
      • Scope or Role Claim Value:
        • User.Read
      • Resource application:
        • Microsoft Graph
      • Permission display name:
        • Sign in and read user profile
      • Permission description:
        • Allows users to sign-in to the app, and allows the app to read the profile of signed-in users.

Application bundle/package IDs for Intune apps

iOS  - public.hearsaysocial.hearsay-messages-for-microsoft

Android - com.hearsaysocial.messages.intune

SDK versioning

iOS

Android

Was this article helpful?
0 out of 0 found this helpful

We're sorry to hear that.

Articles in this section

See more