diff --git a/memdocs/intune/apps/app-protection-policy-settings-ios.md b/memdocs/intune/apps/app-protection-policy-settings-ios.md
index cb9d5c63d24..fd1594a0a37 100644
--- a/memdocs/intune/apps/app-protection-policy-settings-ios.md
+++ b/memdocs/intune/apps/app-protection-policy-settings-ios.md
@@ -175,7 +175,7 @@ By default, several settings are provided with pre-configured values and actions
| Setting | How to use |
|---------|------------|
| **Max OS version** | Specify a maximum iOS/iPadOS operating system to use this app.*Actions* include:
- **Warn** - The user will see a notification if the iOS/iPadOS version on the device doesn't meet the requirement. This notification can be dismissed.
- **Block access** - The user will be blocked from access if the iOS/iPadOS version on the device doesn't meet this requirement.
- **Wipe data** - The user account that is associated with the application is wiped from the device.
This entry can appear multiple times, with each instance supporting a different action.
This policy setting format supports either major.minor, major.minor.build, major.minor.build.revision.
**Note:** *Requires app to have Intune SDK version 14.4.0 or above.* |
-| **Min OS version** | Specify a minimum iOS/iPadOS operating system to use this app.*Actions* include:
- **Warn** - The user will see a notification if the iOS/iPadOS version on the device doesn't meet the requirement. This notification can be dismissed.
- **Block access** - The user will be blocked from access if the iOS/iPadOS version on the device doesn't meet this requirement.
- **Wipe data** - The user account that is associated with the application is wiped from the device.
This entry can appear multiple times, with each instance supporting a different action.
This policy setting format supports either major.minor, major.minor.build, major.minor.build.revision.
**Note:** *Requires app to have Intune SDK version 7.0.1 or above.* |
+| **Min OS version** | Specify a minimum iOS/iPadOS operating system to use this app.*Actions* include:
- **Warn** - The user will see a notification if the iOS/iPadOS version on the device doesn't meet the requirement. This notification can be dismissed. Note: If you specify version 16.0 as example, devices with 16.0 will not be warned but any device with version upto 15.9.9 will be warned.
- **Block access** - The user will be blocked from access if the iOS/iPadOS version on the device doesn't meet this requirement.
- **Wipe data** - The user account that is associated with the application is wiped from the device.
This entry can appear multiple times, with each instance supporting a different action.
This policy setting format supports either major.minor, major.minor.build, major.minor.build.revision.
**Note:** *Requires app to have Intune SDK version 7.0.1 or above.* |
| **Max PIN attempts** | Specify the number of tries the user has to successfully enter their PIN before the configured action is taken. If the user fails to successfully enter their PIN after the maximum PIN attempts, the user must reset their pin after successfully logging into their account and completing a multi-factor authentication (MFA) challenge if required. This policy setting format supports a positive whole number.*Actions* include:
- **Reset PIN** - The user must reset their PIN.
- **Wipe data** - The user account that is associated with the application is wiped from the device.
Default value = **5** |
| **Offline grace period** | The number of minutes that policy-managed apps can run offline. Specify the time (in minutes) before the access requirements for the app are rechecked.*Actions* include:
- **Block access (minutes)** - The number of minutes that policy-managed apps can run offline. Specify the time (in minutes) before the access requirements for the app are rechecked. After the configured period expires, the app blocks access to work or school data until network access is available. The Offline grace period timer for blocking data access is calculated individually for each app based on last check-in with the Intune service. This policy-setting format supports a positive whole number.
Default value = **1440** minutes (24 hours)
Note: Configuring the Offline grace period timer for blocking access to be less than the default value may result in more frequent user interruptions as policy is refreshed. Choosing a value of less than 30 mins isn't recommended as it may result in user interruptions at each application launch or resume.
**Note:** Stopping the Offline grace period policy refresh, including closing or suspending the application, will result in user interruption at the next app launch or resume. - **Wipe data (days)** - After this many days (defined by the admin) of running offline, the app will require the user to connect to the network and reauthenticate. If the user successfully authenticates, they can continue to access their data and the offline interval will reset. If the user fails to authenticate, the app will perform a selective wipe of the users' account and data. See [How to wipe only corporate data from Intune-managed apps](apps-selective-wipe.md) for more information on what data is removed with a selective wipe. The Offline grace period timer for wiping data is calculated individually for each app based on last check-in with the Intune service. This policy setting format supports a positive whole number.
Default value = **90 days**
This entry can appear multiple times, with each instance supporting a different action. |
| **Jailbroken/rooted devices** | There is no value to set for this setting.*Actions* include:
- **Block access** - Prevent this app from running on jailbroken or rooted devices. The user continues to be able to use this app for personal tasks, but must use a different device to access work or school data in this app.
- **Wipe data** - The user account that is associated with the application is wiped from the device.
|