eSIM (Embedded SIM) lets you assign a cellular plan to a device over the air – no physical SIM swap needed. It doesn’t feel like an earth shattering evolution, but, it has been pointed out to me that things like plastic waste, accessibility and even security issues exist when dealing with physical SIM cards. Not to mention that in the US devices such as the iPhone haven’t shipped with physical SIM trays since iPhone 14… and then on this side of the pond, look at the iPhone Air, which too, is SIM tray free.

We can clearly see where Apple is heading with this. And where Apple goes, everyone follows.

In this article, I show you how you can leverage Microsoft Intune to make the deployment and assignment of eSIM (“phone lines”) scalable for enterprise iOS fleets – useful for large device rollouts, or device replacements – but equally, the process could be used as part of an onboarding workflow for a new user (for example).

Prerequisites

• iOS 13.0+ (or iPadOS 13.0+) device with eSIM hardware support
• Device enrolled in Intune (Supervised mode recommended essential, honestly, if it isn’t supervised, we shouldn’t be interested – in my opinion!)
• A Carrier supporting the use of eSIM activation codes (SM-DP+ server URL issuance)
• Intune administrator role/specific role with access to perform the eSIM registration

Before you begin, you must ensure your carrier is capable of supporting you on this journey, that means they must be able to manage your estate and provide you with URLs that can be leveraged via MDM solutions – most large carriers in the UK have this capability. If you don’t already have this eSIM agreement with your carrier, start by contacting your carrier and explaining your goal. Explaining what you’re trying to achieve (bulk enrolment via MDM etc) will often get you to the right place, and result in getting you what you need. Ultimately, you’ll likely find yourself with an admin portal on the carrier side that allows you to manage and handle subscriber lines, and most probably, generate SM-DP+ URLs that can be assigned to your devices via MDM. The issued codes should contain a SM-DP+ server address, which will almost certainly include a unique ID containing the subscriber/line details. Keep these codes secure – from experience, each code is often single-use.

How to

Start by signing in to Intune.

Navigate to Devices > iOS/iPadOS > Your device.

Note: At the time of writing, this is a preview feature.

Click on the ellipses (three dots!)

In the additional menu that opens up, click on Update cellular data plan (preview)

Now enter the carrier activation URL you have for the device/subscriber line in question, and click Update Cellular Plan.

After clicking to Update the cellular plan, the phone will reach out to the carriers SM-DP+ server, download the eSIM and begin to activate the cellular subscription on the device. Fairly primitive, but functional.