Zap365: Your Windows 365 Cloud PC Admin Center in Your Pocket

In today’s hybrid work environment, IT administrators need to be agile, responsive, and empowered to manage their organization’s digital workspace from anywhere. Windows 365 Cloud PCs have revolutionized how businesses deliver secure, scalable desktops to users. But what if you could carry the entire Windows 365 Admin Center in your pocket?

What is Zap365?

Zap365 is an innovative iOS app that transforms the Windows 365 Cloud PC Admin Center into a powerful iOS app, bringing comprehensive cloud PC management capabilities to IT administrators on the go. In this in-depth blog post, we’ll explore how this app revolutionizes the way administrators interact with and manage their organization’s cloud PC infrastructure.

Why Zap365? The Need for Mobile Cloud PC Management

The Challenge:

Managing Windows 365 Cloud PCs requires access to the Intune Admin Center via a desktop browser. This can be limiting for IT admins who are often on the move, responding to urgent requests, or supporting users outside regular office hours. The lack of a dedicated mobile experience means slower response times and less flexibility.

The Solution:

Zap365 bridges this gap by delivering a native iOS experience tailored for Windows 365 Cloud PC management. With Zap365, you can:

• Enjoy a user interface designed for speed, clarity, and mobile ergonomics.
• Instantly view the health and status of all Cloud PCs in their organization.
• Perform critical actions (restart, reprovision, sign out users) from anywhere.
• Receive real-time alerts and notifications about Cloud PC issues.
• Access security features like LAPS password on the go.

Key Benefits:

• Mobility: Manage Cloud PCs from anywhere, anytime.
• Speed: Respond to incidents and user requests instantly.
• Security: All actions are authenticated via Microsoft Entra ID, ensuring enterprise-grade security.
• Simplicity: No need to navigate complex web portals on a small screen— Zap365 is built for mobile from the ground up.

Feature Walkthrough – Managing Windows 365 Cloud PCs with Zap365

Zap365 is designed to make every aspect of Windows 365 Cloud PC management accessible and intuitive on iOS. Here’s a detailed look at the app’s core features and how they empower IT administrators:

Cloud PC Overview Dashboard:

Upon logging in, admins are greeted with a comprehensive dashboard that summarizes the state of all Cloud PCs in the organization. Key metrics and visual indicators make it easy to spot issues at a glance.

• Health Status: Instantly see which Cloud PCs are healthy, need attention, or are offline.
• User Assignments: View which users are assigned to each Cloud PC.
• Resource Utilization: Monitor CPU, RAM, and storage usage for each Cloud PC (where available).
• Search & Filter: Quickly find specific Cloud PCs by user, device name, or status.

Detailed Cloud PC Information:

Tapping on any Cloud PC brings up a detailed view with all relevant information:

• Device Specifications: OS version, hardware specs, provisioning policy, and more.
• Compliance & Security: See compliance status, BitLocker encryption state, and recent security events.
• Activity Timeline: Review recent actions, sign-ins, and system alerts for the selected Cloud PC.

---

Powerful Administrative Actions at Your Fingertips

Zap365 isn’t just about monitoring—it empowers IT admins to take decisive action, right from their iOS device. Here’s how the app brings the full suite of Windows 365 Cloud PC management tools to your pocket:

Remote Actions:

From the Cloud PC detail view, admins can perform essential management tasks with a single tap:

• Restart Cloud PC: Remotely reboot a Cloud PC to resolve issues or apply updates.
• Reprovision Cloud PC: Quickly reset a Cloud PC to its original state, ideal for troubleshooting persistent problems or preparing a device for a new user.

All actions are executed securely via Microsoft’s Graph API, ensuring compliance with your organization’s security policies.

Security & Recovery Tools:

Security is at the heart of Zap365. The app provides direct access to critical recovery features:

• BitLocker Key Recovery: Instantly retrieve BitLocker recovery keys for Cloud PCs, enabling rapid response to lockouts or security incidents.
• Compliance Status: View and act on compliance issues, such as non-compliant configurations 
• LAPS Password Recovery: View the LAPS password securely

---

Proactive Notifications, Recommendations, and User Experience

Zap365 goes beyond basic management by helping IT admins stay ahead of issues and optimize their Cloud PC environment.

**Real-Time Notifications (Upcoming feature)

Stay informed with push notifications and in-app alerts for critical events, such as:

• Cloud PC health changes (e.g., offline, degraded performance)
• Security incidents (e.g., compliance violations, BitLocker issues)
• User requests or provisioning status updates

These notifications ensure admins can respond to problems the moment they arise, even when away from their desk.

Intelligent Recommendations:

Zap365 analyzes your Cloud PC deployment and provides actionable insights, such as:

• Resource Optimization: Suggestions for resizing Cloud PCs based on usage patterns.
• Cost Efficiency: Identifying underutilized Cloud PCs that could be deprovisioned or reassigned.
• Security Improvements: Recommendations for addressing compliance gaps or enabling additional protections.

These recommendations help organizations maximize their investment in Windows 365 while maintaining a secure, high-performing environment.

User-Centric Design:

Zap365 is built with a modern, intuitive interface that feels right at home on iOS:

• Dark Mode Support: Seamless experience in both light and dark themes.
• Quick Actions: Contextual menus and swipe actions for rapid management.
• Accessibility: Designed to be usable by all admins, with support for VoiceOver and dynamic text.

---

Enterprise-Grade Security, Authentication, and Privacy

Security is paramount when managing enterprise resources, and Zap365 is engineered to meet the highest standards for authentication, data protection, and privacy.

Secure Authentication with Microsoft Entra ID:

Zap365 uses Microsoft Entra ID (formerly Azure Active Directory) for authentication, ensuring that only authorized IT administrators can access and manage Cloud PCs. The app supports:

• Single Sign-On (SSO): Seamless login experience using your organization’s credentials.
• Multi-Factor Authentication (MFA): Enforced according to your organization’s security policies.
• Token Management: Secure handling and storage of authentication tokens, with automatic refresh and expiration handling.

Data Privacy and Protection:

Zap365 is designed with privacy in mind:

• No Local Data Storage: Sensitive device and user data is never stored on the device. All information is fetched securely and displayed in real time.
• End-to-End Encryption: All communication with Microsoft Graph API is encrypted using industry-standard protocols.
• Compliance: The app adheres to enterprise security standards and best practices, ensuring your organization’s data remains protected.

Role-Based Access Control:

Zap365 respects the permissions and roles defined in your Microsoft 365 environment. Admins only see and manage the Cloud PCs they are authorized to access, mirroring the security model of the Windows 365 Admin Center.

---

Getting Started, Demo Mode, and Onboarding Experience

Zap365 is designed to be easy to adopt, whether you’re a seasoned Windows 365 admin or exploring Cloud PC management for the first time.

Seamless Onboarding:

The onboarding process guides new users through:

• Initial Authentication: Secure sign-in with Microsoft Entra ID.
• Permissions Grant: Explanation of required permissions and consent.
• Feature Tour: Optional walkthrough of key features and navigation tips.

This ensures admins are up and running in minutes, with confidence in the app’s security and capabilities.

Demo Mode for Exploration:

Zap365 includes a robust demo mode, allowing users to explore all features without connecting to a live Windows 365 environment. In demo mode, you can:

• Access mock Cloud PC data
• Test management actions (simulated, no real changes)
• Explore the full interface risk-free

This is ideal for training, evaluation, or showcasing the app to stakeholders.

---

Getting Started Checklist

To enable secure authentication and API access, you must register Zap365 as an application in your Azure AD tenant. This step is essential for both VPP and App Store deployments.

1. Register an Application with the Microsoft Identity Platform

Follow these steps to create the app registration:

• Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
• Switch Tenants (if needed):
  If you have access to multiple tenants, use the Settings icon in the top menu to switch to the tenant in which you want to register the application via the Directories + subscriptions menu.
• Navigate to App Registrations:
  Browse to Identity > Applications > App registrations and select New registration.The app has to be registered as Multi-Tenant App:

• Enter a Display Name:
  • Provide a display name for your application.
  • This name might be seen by users during sign-in.
  • You can change the display name at any time, and multiple app registrations can share the same name.
  • Note: The automatically generated Application (client) ID uniquely identifies your app, not its display name. Copy the App ID, we will need it later during Intune configuration.
• Leave Redirect URI (optional) alone for now; you’ll configure it in the next section.
• Complete Registration:
  Select Register to complete the initial app registration.
• Review the Overview Pane:
  Once registration is complete, the Microsoft Entra admin center displays the app registration’s Overview pane, which shows the Application (client) ID (client ID) that uniquely identifies your application.

• Add a Redirect URI: A redirect URI is where the Microsoft identity platform sends security tokens after authentication.

Bundle ID = com.irl.Zap365 Redirect URI = msauth.com.irl.Zap365://auth

• Add a Application ID URI:
  • Add the application ID URI as below:
  • Click Application ID URI from the right hand pane
  • Add App ID URI
  • Verify that application ID URI is automatatically updated

---

2. In the Manage section, click API permissions

• Click Add a permission.
• The Request API permissions page appears.

• In the Microsoft APIs section, click Microsoft Graph.

• Select Delegated permissions as the type of permissions and below permissions:

• Add permissions for Windows365 also-

• Navigate back to Manage & click Grant Admin Consent:

---

3. Intune Configuration

Use app configuration policies in Microsoft Intune to provide custom configuration settings for the app so that it can read the App ID you just created in previous step.

Follow these steps to create a managed devices configuration profile:

• Sign in to the Microsoft Intune admin center.
• Navigate to Apps > Configuration > Create > Managed devices.

• On the Basics page, set the following details:
  • Name: The name of the profile that appears in the Microsoft Intune admin center.
  • Description: The description of the profile that appears in the Microsoft Intune admin center.
  • Device enrollment type: This should be set to Managed devices.
• Select iOS/iPadOS as the Platform.
• Click Select app next to Targeted app.
  The Associated app pane is displayed.
• In the Targeted app pane, choose the Zap365 app to associate with the configuration policy, and click OK.

• Click Next to display the Settings page.
• In the dropdown box, select the Configuration settings format and choose the Enter XML data option.
• Paste the following XML data:
• Assign the profile to all users

<dict>
    <key>PayloadDescription</key>
    <string>Fleetly Configuration Profile</string>
    <key>PayloadDisplayName</key>
    <string>Zap365 Configuration</string>
    <key>PayloadIdentifier</key>
    <string>com.irl.Zap365.config1</string>
    <key>PayloadRemovalDisallowed</key>
    <false/>
    <key>PayloadType</key>
    <string>Configuration</string>
    <key>PayloadUUID</key>
    <string>3C03929C-D6CA-41F9-9E4E-3C2227868E11</string>
    <key>PayloadVersion</key>
    <integer>1</integer>
    <key>PayloadContent</key>
    <array>
        <dict>
            <key>PayloadType</key>
            <string>com.apple.app.managed</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
            <key>PayloadIdentifier</key>
            <string>com.irl.Zap365.managedapp</string>
            <key>PayloadUUID</key>
            <string>CFD75594-390E-47F7-A7E1-F992DEBFF45A</string>
            <key>PayloadEnabled</key>
            <true/>
            <key>PayloadDisplayName</key>
            <string>Zap365 Managed App Config</string>
            <key>BundleIdentifier</key>
            <string>com.irl.Zap365</string>
            <key>Configuration</key>
            <dict>
                <key>AzureADClientID</key>
                <string>replace with your app id</string>
            </dict>
        </dict>
    </array>
</dict>

---

Recommended: VPP Distribution via Apple Business/School Manager:

For organizations, the best practice is to deploy Zap365 using Apple’s Volume Purchase Program (VPP) through Apple Business Manager or Apple School Manager. This ensures secure, scalable, and policy-driven distribution.Steps:

1. Purchase Zap365 through Apple Business Manager or Apple School Manager.
2. Distribute the app to users via your organization’s MDM (Mobile Device Management) solution.
3. Configure required MDM settings to enable authentication and app functionality.

   <key>com.apple.configuration.managed</key>
   <dict>
       <key>AzureADClientID</key>
       <string>YOUR_CLIENT_ID</string>
   </dict>

Replace YOUR_CLIENT_ID with your organization’s Azure AD Application Client ID.

Alternative: App Store Installation (for Individual Admins or Small Teams):

If VPP is not available, Zap365 can be installed directly from the App Store. However, MDM configuration is still required for full functionality.Steps:

1. Download Zap365 from the App Store.

https://apps.apple.com/nl/app/zap365/id6745205948?l=en-GB

2. Deploy a configuration profile through your MDM with the following:

   <key>com.apple.configuration.managed</key>
   <dict>
       <key>AzureADClientID</key>
       <string>YOUR_CLIENT_ID</string>
   </dict>

Replace YOUR_CLIENT_ID with your organization’s Azure AD Application Client ID.

Note: Zap365 requires MDM configuration to function fully. Installing the app without the proper MDM profile will result in limited or restricted functionality.

If the MDM configuration is missing, the app will display a clear error screen, prompting the user to contact their IT administrator and complete the MDM setup.

---

Conclusion & Call to Action

Zap365 reimagines the Windows 365 Cloud PC Admin Center for the modern, mobile-first IT administrator. By bringing powerful management, monitoring, and security features to iOS, Zap365 empowers IT teams to stay responsive, secure, and efficient—no matter where they are.Key Takeaways:

• Manage and monitor all your organization’s Windows 365 Cloud PCs from your iPhone or iPad
• Take immediate action on issues with remote commands and security tools
• Receive real-time notifications and intelligent recommendations to stay ahead of problems
• Enjoy enterprise-grade security, privacy, and compliance with seamless Microsoft Entra ID integration
• Deploy at scale with MDM and VPP, or get started individually with App Store installation (with MDM configuration)

---

Ready to Transform Your Cloud PC Management?

Get started with Zap365 today:

• Download from the App Store
• View deployment and registration documentation

Experience the freedom and power of true mobile Windows 365 Cloud PC management—wherever your work takes you.

---