Before you start setting up your MDM for using the PlayerLync ABM App, you'll need to give PlayerLync your ABM account details (here).  This is critical for us to be able to push/allow you access to our ABM Apps.

Jamf - Helpful Setup Items

If you are looking to setup Jamf to grab Apps from ABM (Apple Business Manager), the following are some important steps to getting that complete.  

Jamf - Setting up Volume Purchasing

You can also view here:https://docs.jamf.com/jamf-now/documentation/Setting_Up_Volume_Purchasing.html

1. In Apple School Manager or Apple Business Manager, follow these steps:
   1. Click on your account name in the lower-left corner, and then choose Preferences from the pop-up menu.
   2. Click Payments and Billing.
   3. Under the Apps and Books tab, click on the correct server location token.

      The token downloads to the Downloads folder on your computer.

2. Log in to Jamf Now.
3. Go to Settings (Gear top right) > Click Volume Purchasing.
4. Select your selected program and click Next.
5. Drag and drop or click browse to select the token you downloaded in step one, and then click Next.
6. Enter the Apple ID you use to sign in to your selected program.
   Note: 

   The server token expires in a year, and you will need the same Apple ID to renew it. By entering your Apple ID now, we can help you retrieve your ID next year.

7. Click Save.

You may need to do the following as well, but typically you should be able to push ABM Apps with just the above 'Setting up Volume Purchasing'

Downloading a Public Key from Jamf Pro

You can download a public key (.pem) from Jamf Pro to obtain a server token file from Apple Business Manager or Apple School Manager.

1. Log in to Jamf Pro.

2. In the top-right corner of the page, click Settings  .

3. Click Global Management.

4. Click Device Enrollment Program  .

5. Click Public Key.

   The public key (.pem) is downloaded immediately.

Obtaining the Server Token File

You can obtain the server token file from Apple Business Manager or Apple School Manager by uploading the public key (.pem) certificate file from Jamf Pro. Apple Business Manager and Apple School Manager also allow you to select which devices you want Jamf Pro to manage.

Apple Business Manager

1. Sign in to Apple Business Manager:
   https://business.apple.com

2. Click Settings.

3. Select the Device Management Settings payload and click Add MDM Server.

4. Enter a name for the server.

5. Upload the public key (.pem) you downloaded from Jamf Pro.

6. Click Save.

7. Select the Jamf Pro server you just added.

8. Click Edit.

9. In the Default Server settings, select the checkboxes next to the devices you want Jamf Pro to manage.
   Note: It is important that you do this step before adding devices to Apple Business Manager.

10. Click Download Token, this is your sToken.

Airwatch - Helpful Setup Items

In order to leverage VPP (volume purchase program apps) the recommend your devices be in the business.apple.com

Configure the Apple Business Manager Portal 

To configure the Apple Business Manager Portal, begin integrating with the Apple DEP program by creating a virtual MDM server for devices that links to your own MDM servers, so you can manage devices directly in the UEM console. Workspace ONE UEM does not encourage using Internet Explorer to complete this process. 

Prerequisites 

You must download the public key (.pem) that allows Workspace ONE UEM and Apple to mutually authenticate with each other to sync devices. This key is uploaded to the Apple portal later. 

1. Log into the UEM console and navigate to Groups & Settings > All Settings > Devices & Users > Apple > Device Enrollment Program and select Configure. A Device Enrollment Program window appears. 

2. Download the public key by selecting the MDM_DEP_PublicKey.pem file. 

3. Save the public key in a convenient location. This is used to complete the DEP setup process. Using the public key you have downloaded, you must next enable and configure the Apple Business Manager Portal so that you can manage your DEP-enrolled devices in the Workspace ONE UEM console.Obtaining the Server Token File

You can obtain the server token file from Apple Business Manager or Apple School Manager by uploading the public key (.pem) certificate file from Jamf Pro. Apple Business Manager and Apple School Manager also allow you to select which devices you want Jamf Pro to manage.

Apple Business Manager

1. Sign in to Apple Business Manager:
   https://business.apple.com

2. Click Settings.

3. Select the Device Management Settings payload and click Add MDM Server.

4. Enter a name for the server.

5. Upload the public key (.pem) you downloaded from Airwatch.

6. Click Save.

7. Select the server you just added.

8. Click Edit.

9. In the Default Server settings, select the checkboxes next to the devices you want Airwatch to manage.
   Note: It is important that you do this step before adding devices to Apple Business Manager.

10. Click Download Token, this is your sToken.

Upload VPP sTokens to Retrieve Managed Distribution Licenses and Content 

Apple uses Web services to manage license codes. The Workspace ONE UEM console accesses Apple's Web services with the service token, or sToken, you upload to the console. Workspace ONE UEM retrieves your VPP content with the license data on the sToken. You can upload an sToken at the top Customer level and below. The Workspace ONE UEM system prompts you to register your sToken, so thatWorkspace ONE UEM can detect if the sToken is used in other environments.

Procedure

1. Navigate to Groups & Settings > All Settings > Devices & Users > Apple > VPP Managed Distribution.
2. Configure the following settings:

   Setting	Description
   Description	Enter your VPP Account ID.  Using your VPP Account ID as the description has several advantages.  If you use multiple sTokens, it identifies the correct account.  Reminds you the correct account when you renew the sToken.  Identifies the correct account to others in your organization who assume management of the VPP account.
   sToken Upload	Select Upload to navigate to the sToken on your network. VPP accounts in Apple School Manager and Apple Business Manager can now be associated to locations to allow moving licenses from one VPP account to another. If an sToken that is associated to a location is uploaded, the location name is displayed in the console.
   Automatically Send Invites	Send invitations to all the users immediately after you save the token. The invitation request users to join and register with Apple's VPP. Registration gives users access to the terms of use to participate in the program.  Use the Message Preview option to review the invitation.  If your environment includes VPP applications set to the Assignment Type, Auto, then Workspace ONE UEM sends invitations no matter how you configure this option. This behavior facilitates quick access to applications upon enrollment.  Workspace ONE UEM automatically sends users of Apple iOS v7.0.3+ and macOS 10.9+ (if supported) an invite command when you enable this option. It does not send them an email message.  You do not have to enable this option immediately. You can leave it disabled and still upload your token. Return and enable this feature to send invitations to all the enrolled devices whose users have not yet accepted to join the VPP.  For Device-Based VPP, disable this check box for the device-based VPP system because invitations are not necessary. If you assign a devicebased VPP device to a regular VPP app (a user-based VPP app), devices still receive invitations.
   Message Template	Select an email template for an email message invitation for Apple iOS devices on Apple iOS v7.0.0 through v7.0.2.

3. Save the sToken and confirm the addition of the token.

Tasks For Managed Distribution by Apple IDs

For successful distribution of VPP content to end users, perform all steps of the deployment process. In return, end users must complete all steps on their devices to receive VPP content. Users that have multiple Apple iOS devices must select and apply a single Apple ID to all the devices. If admins make content available on demand, then users can accept the invitation and join and register with the VPP. They install the content from the catalog to any of their devices.

Procedure

1. Admins send VPP content to end users.
   1. Purchase content and download your sToken from the Apple iTunes Store.
   2. Upload the sToken to Workspace ONE UEM. You can use multiple sTokens within your Workspace ONE UEM hierarchy but you can only have one sToken in each organization group.
   3. Sync licenses to display the content in the console.
   4. Add the bundle IDs for custom applications. This action activates management. This step is unnecessary for non-B2B applications and books.
   5. Allocate licenses and assign licenses to smart groups, and enable eligible applications for device-based assignment, if applicable. Then publish managed distribution content with the flexible deployment feature. Publishing content triggers invitations to end users whose content is tied to their Apple IDs.
2. End-Users accept invitations and receive content.
   1. Accept the invitation and register with the Apple VPP. This step is not necessary for device-based use. This step ensures that they have the terms of agreement for participating in the program.
   2. Obtain the license from Workspace ONE UEM. This step occurs automatically when admins publish content.
   3. Install content from the catalog.

For additional detailed Airwatch information, please see VMWare's Integration with Apple Business Manager, here.