In this blog post, I will show you the steps to allow screen capture in iOS Intune managed apps. This is blocked by default in apps that have updated to v19.7.6 or later for Xcode 15 and v20.2.1 or later for Xcode 16 of the SDK when Send Org data to other apps setting in the App protection policy is set to a value other than All apps. Below screenshot shows an example App protection policy (APP), where Send Org data to other apps is set to None, thereby blocking screen capture.
I recently tested this setting on Microsoft Outlook and Teams apps. I have launched the apps on a iOS device and tried to capture a screenshot, it resulted in a black screen. Furthermore, I will show you the end user experience from one of my test MAM device.
If you have applied this App protection policy to all Apps, where Send org data to other apps is set to None. That means you cannot take a screenshot from any of the managed applications where the requirements for an application to apply this policy (as discussed in the beginning) are met.
You can override this default behavior and allow capture of screenshots for selected apps by creating an App configuration policy. In the policy, set com.microsoft.intune.mam.screencapturecontrol = Disabled for the apps you want to allow screen capture or to say Unblock screen capture protection on iOS devices.
Create an App Configuration Policy to Allow Screen Capture
Let’s allow screen capture protection for selected apps via an App configuration policy. This policy will override the default action of blocking screen capture when Send org data to other apps is set to None.
- Sign in to Intune admin center > Apps > App configuration policies > Create > Managed apps.
- Basics: Provide Name and Description of the policy and select the apps for which you want to allow screen capture. I have selected Microsoft Teams, Microsoft Outlook and Adobe Acrobat Reader.
- Settings catalog: Click Next.
- Settings: Under General configuration settings, configure Name as com.microsoft.intune.mam.screencapturecontrol, and Value as Disabled.
- Assignments: Click on Add groups and select an Entra security group containing users.
- Review + create: Review the app configuration policy summary and click Create.
End User Experience
Let’s see the end-user experience before and after applying the App configuration policy. For this testing, I used Microsoft Teams app and attempted to capture a screenshot. It resulted in a screenshot with black screen as shown on the Left-hand side. The right-hand side displays a screenshot taken after applying the App configuration policy, successfully allowing screenshot capture in the Teams app.
