As others have mentioned, there is no way to do manipulate this setting programmatically in iOS. This is not really what you are asking, as you seem to already know the answer to this is "No".
You are asking about the configuration profile, so I am assuming these are managed devices. Unfortunately, there is no configuration profile payload I am aware of that forces the managed devices to disable Wi-Fi Assist.
Your intent, however, is a bit different than what is being asked, I believe. I think you basically have an app that communicates with a resource that is only accessible via the Wi-Fi network (likely a corporate Wi-Fi network). If the app tries to connect to the resource while on cellular, it will not be able to connect. In some cases, when the Wi-Fi signal is weak, the device tries to be helpful and switches to cellular, causing issues with the app. If we could figure out a way to force iOS to not take advantage of Wi-Fi Assist when your app is running, you would be in good shape.
If you can install this app as a managed app, there is a way to identify that the app should only be allowed to run on a Wi-Fi connection. Setting the network usage rules AllowCellularData
to false
should do this (see this for more details). The thing I am not sure of with this solution, is whether this simply causes the connections to fail when Wi-Fi Assist is on and active, or if it makes iOS prefer to not use Wi-Fi assist when the app is running because it cannot connect over cellular. So I think you can tell an app to only connect over WiFi, but it doesn't really give you a better solution to your user experience problem. The only think it really buys you is that your app connection won't ever try to connect when connected to cellular. There is a chance, however, if you change this value to false for your app bundle ID, it will prevent Wi-Fi Assist from enabling when your app is running. I don't have access to MDM to try it out, but you could test and see.
Ultimately, given that this is probably a corporate device situation, I think you are going to have to address this through user training. The good news is that this is a one-time step. Sure, users may have slight degradation of network performance when Wi-Fi signal is weak but cell signal is strong. This does not matter as much if these are corporate devices where the corporate apps will mostly work only on the company's Wi-Fi network.
Another solution is what you mentioned, basically using on-demand VPN to provide a connection to the internal resources. This is additional infrastructure work, and you already mentioned it, so I'm not sure if it is even an option.
Obviously, the other solution would be to expose the network resources through your firewall, which could allow you to access it over cellular. I'm suspecting this is not possible due to security constraints.
Unfortunately, there are not a lot of good options in this space. However, have hope that there is some way to do it, as Sonos appears to have done something to
allow their app to avoid switching to WiFi Assist while streaming to a local network resource: https://sonos.custhelp.com/app/answers/detail/a_id/4257/~/wi-fi-assist-and-sonos
I wonder if you could have your app open a streaming audio connection to a fixed local network resource, which would cause it to use Wi-Fi. It's a pretty crazy hack, but with a low enough bitrate audio file streaming, it might do what you need while not eating up too much of the network throughput.
Per Apple's notes on Wi-Fi Assist:
- Wi-Fi Assist won't automatically switch to cellular if you're data
roaming.
- Wi-Fi Assist only works when you have apps running in the
foreground and doesn't activate with background downloading of
content.
- Wi-Fi Assist doesn’t activate with some third-party apps
that stream audio or video, or download attachments, like an email
app, as they might use large amounts of data.
Of course the other possible solution that you could consider is improving your Wi-Fi coverage to that the signal doesn't get bad enough for Wi-Fi Assist to be needed. I know this may not be feasible, but wanted to put it out there.
Good luck with this!