Advanced settings for Secure Mail (WorkPlace Persona policy)

Use the Advanced settings to configure additional settings for Secure Mail accounts.

The following table describes the Secure Mail configurations that you can set up on MaaS360® enrolled devices:

Table 1. Email advanced settings
Policy setting Description Supported devices
Configure additional secure mail accounts Enable this setting to configure additional Secure Mail accounts on the MaaS360 enrolled device. iOS 3.3+, Android App 5.75+
Mail server The host name of the mail server that ensures devices are automatically approved. Choose from the following mail servers:
  • Exchange
  • Office 365
  • IBM Traveler and IBM Connections Cloud
  • Gmail
  • Others
The automatic approval feature is supported for Exchange, Office 365, IBM® Traveler, and IBM Connections™ Cloud.
iOS 3.3+, Android App 5.75+
Hostname of the ActiveSync server Provide the URL for the ActiveSync server.  
Use SSL Select this option to configure a secure connection. SSL certificates provide secure, encrypted communication between the mail URL and the browser on the device. Enable the Exchange server to use SSL for authentication.  
Enable SSO Select this option to enable SSO and to configure the app client ID and the Office 365 endpoint URL. iOS 3.4+, Android App 6.10+
App client ID: Enter the app client ID that is generated when you register the app in the Azure AD tenant.  
Office 365 endpoint URL: Enter the default or configured Office 365 endpoint URL to access 365 API invocations for the account. The default endpoint URL for Office 365 is
Note: You can change the default endpoint URL to a different endpoint URL.
iOS 3.95+, Android App 6.70+
Domain name Enter the domain name or leave this field blank or use %domain% to use the user's domain as the domain name.  
Account username Leave this field blank to use the user name in the system as the account user name. Use %email% if the account user name is the same as the email address such as Office 365 or IBM Traveler.  
Display name Enter the name to represent the account on the device.  
Email address Leave the field blank to use the user's email address in the system.  
Authentication type Choose the type of authentication method:
  • corporate password credentials
  • certificate-based authentication
Use exchange web services If this setting is enabled, Secure Mail supports advanced features (for example, calendar attachments and contact groups on Exchange 2010 SP2+) that are available for Exchange Web Services (EWS). This setting is supported on Exchange and Office 365 only. Make sure that you enable Exchange Web Services (EWS) on your mail server for devices.  
Use auto-discovery: The user provides their email address and password to configure their mailbox. This information is the minimum information that is required to set up Exchange Web Services (EWS).  
Exchange web services URL: The URL of the Exchange Web Services for the mailbox.  
Enable delegation and shared mailbox access: A user can add other users as delegates or add a shared mailbox. A shared mailbox is shared by multiple users who can read and send email messages, and also use a common calendar. For delegation, the delegated user can view email messages, contacts, and the calendar of the user who provided delegation. The delegated user can also act on behalf of the user who delegated access.