In macOS Catalina (10.15), Apple introduces a new method of Secure Token enablement called Bootstrap Token. This is a new MDM-based feature that automatically provides a Secure Token on all mobile accounts. Addigy MDM solution supports the Bootstrap Token and can provide SecureToken to a mobile user account. This is a seamless process with a small subset of requirements outlined below. The Bootstrap Token does not require additional MDM Configurations to be deployed.
In order to check if the Bootstrap Token was escrowed, check out our article on How to Verify the macOS Bootstrap Token Was Escrowed
Note: In macOS 11 or later, the Bootstrap Token can grant a secure token to any user logging into a macOS device, including local user accounts.
- macOS Catalina 10.15+
- If macOS Catalina, it has to be enrolled via Automated Device Enrollment. If macOS Big Sur 11+, all MDM Enrollment methods (except BYOD) will grant Bootstrap Token.
- Must be bound to a directory service like Active Directory.
- A Managed Administrator account must be created.
Note: In macOS Catalina 10.15.4 or later, any user created during the Automated Device Enrollment process can escrow the bootstrap token.
While there are no additional configurations needed on the Addigy platform, outside of Automated Device Enrollment, there are some additional considerations on the device that need to be considered.