Unable to Install "app name", This app cannot be installed because its integrity could not be verified

[NityaSantosh26]

Describe the bug: I have wrapped the ipa and uploaded it to intune as LOB. The app is assigned and also is available in the enrolled device in company portal. But when tried to install, it fails with "Unable to Install "app name", This app cannot be installed because its integrity could not be verified"

To Reproduce Steps to reproduce the behavior:

1. Wrap the ipa using the latest wrapping tool (used 18.0.1 and 18.2.0)
2. I am using regular production provisioning profile.
3. Deploy the app to intune
4. Install the wrapped application through company portal from an enrolled device
5. App starts to download and fails at installation with the above error message.

Smartphone (please complete the following information):

• Device: iPhone 13, iPhone 14
• OS: iOS 16.6, iOS 17.0

Intune app wrapping tool (please complete the following information):

• What version of the wrapper are you using? Are you using the latest version? Yes the latest version.
• What platform is your app based in (Java, Xamarin based, Cordova, etc)? Cordova
• For pre-wrapping errors, does the app build without being wrapped? Yes app is successfully installed without wrapping
• For post-wrapping errors, does the app launch without being wrapped? Yes
• Who is the customer?
• Do you see a trend with it only being reproduced on a specific device?

Additional context: The problem is I have also published the wrapped app to test flight and I could install it from there but only fails when trying to install through the company portal. YES, I am using a production provisioning profile. And there are no errors while wrapping the ipa.

Is there any other setting or a configuration that needs to be made in the Intune Admin Center?

I also have verified if the app is signed using codesign -dvvv --verbose=4 myApp.ipa And it is.

[gastaffo]

Hi there, that is usually an app signing or provisioning profile issue. You should be able to reproduce by installing the app using ios-deploy (install) to install right after wrapping. ios-deploy also usually gives slightly better error messages than installing via xcode in my expirence.

Could you try using ios-deploy to see if we get a better error messgae? Also could you send the command you used to wrap the app? It could be the wrong certificate was used to sign it, the provisioning profile doesn't match, or the entitlements were not signed correctly.

[NityaSantosh26]

Hello, Thanks for your response. After a lot of digging into the issues, I found that only enterprise provisioning profile must be used for distributing apps via intune. But not the regular apple production provisioning profile. https://learn.microsoft.com/en-us/mem/intune/developer/app-wrapper-prepare-ios#:~:text=under%20Production.-,Note,-If%20do%20not I looked this and I could install the app when development profile is used.

Can you confirm which provisioning profile needs to be used?

[gastaffo]

Yes you need to use your enterprise distribution profile to install via Intune.