I recommend giving instructions for users to download the apps from the apple app store(for iOS devices) when possible. I am not a huge fan of the App Catalog/WS1 App Store for the simple reason that apps downloaded from there will be removed from users devices if: 1. They download apps from the App Catalog/WS1 App Store, then 2. You ever remove that app from the App Catalog/WS1 App Store. An example of this is Jones Pulse VPN changing to Pulse Secure. If users had previously installed Junos Pulse from the App Catalog/WS1 App Store, then we dleted the app from the App Catalog/WS1 App Store, then it got removed from user's devices. I prefer to have more control, so that I could remove Junos Pulse from the App Catalog/WS1 App Store, but not remove it from user's devices, then have the new Pulse Secure available in the app store, and then choose how/what timeframe to migrate users off of the old app. That said, there are scenarios that require the app to be in the app store. For example, if you wanted to use Boxer with specific settings/custom key values, then I believe you have to list it in the App Catalog/WS1 App Store. You can still get away with people downloading it from the Apple App Store, but I think it still needs to be listed in the App Catalog/WS1 App Store. Another scenario is if you only wanted to whitelist apps(probably would not want to do this in a BYO situation), then you would be forced to use the App Catalog/WS1 App Store anyway. I am not sure if the same limitations I mentioned apply to android as well or not. Also, everything I mentioned I apply to BYO and Corporate owned devices. TLDR only put apps in the App Catalog/WS1 App Store if you have to for specific configurations. Hope that helps in some way and I did not misunderstand your question!