+

Search Tips | Advanced Search

For up-to-date product documentation, see the IBM MobileFirst Foundation Developer Center.


Remotely disabling application access to protected resources

Learn how to remotely disable an application and deny it access to protected resources due to phase-out policy or identified security issues.

Use MobileFirst Operations Console (the console) to disable user access to a specific version of an application on a specific mobile operating system, and provide a custom message to the user.


Procedure

  1. Select your application version from the Applications section of the console's navigation sidebar, and then select the application Management tab.
  2. Change the status to Access Disabled.
  3. In the URL of latest version field, optionally provide a URL for a newer version of the application (usually in the appropriate public or private app store). For some environments, the Application Center provides a URL to access the Details view of an application version directly. See Application properties.
  4. In the Default notification message field, add the custom notification message to display when the user attempts to access the application. The following sample message directs users to upgrade to the latest version:

      This version is no longer supported. Please upgrade to the latest version.

  5. In the Supported locales section, we can optionally provide the notification message in other languages. See the detailed instructions in Defining administrator messages in multiple languages.
  6. Select Save to apply your changes.


Results

When a user runs an application that was remotely disabled, a dialog window with your custom message is displayed. The message is displayed on any application interaction that requires access to a protected resource, or when the application tries to obtain an access token. If you provided a version-upgrade URL, the dialog has a Get new version button for upgrading to a newer version, in addition to the default Close button. If the user closes the dialog window without upgrading the version, they can continue to work with the parts of the application that do not require access to protected resources. However, any application interaction that requires access to a protected resource causes the dialog window to be displayed again, and the application is not granted access to the resource.

Note: For cross-platform applications, we can customize the default remote-disable behavior: provide an upgrade URL for our application, as outlined in Step 3, and set the showCloseOnRemoteDisableDenial attribute in your application's initOptions.js file to false. If the attribute is not defined, define it. When an application-upgrade URL is provided and the value of showCloseOnRemoteDisableDenial is false, the Close button is omitted from the remote-disable dialog window, leaving only the Get new version button. This forces the user to upgrade the application. When no upgrade URL is provided, the showCloseOnRemoteDisableDenial configuration has no effect, and a single Close button is displayed.

Parent topic: Mobile-application management