macOS: only allow VPP purchased apps from App Store

New Contributor

We're just trying to setup Jamf for the first time and have struck a slight issue that I'm wondering if anyone else has tried and can confirm if possible to do or not?
We are looking at blocking the general Apple App Store and only allowing approved apps that we purchase via Apple Business Manager and deploy to the Self Service app.

In the Configuration Profiles settings there is a restrictions setting called:
"Restrict App Store to MDM installed apps and software updates"

I thought this would do what we want and enabled it. But when I purchased an app through our Apple Business Manager store account and deployed to a test device via Self Service, when I tried to install it said that the app store was blocked and to contact the administrator.

Anyone successfully set something like this up. Or is it just not currently possible? If you want any app store apps you have to allow the whole store?