You can create, import, and export configuration payloads in Addigy to enforce consistent settings across your macOS, iPadOS, iOS, and tvOS devices. These workflows help you standardize security, networking, and application behavior while keeping management centralized in the Addigy Catalog.
Overview
Device Settings in Addigy are configuration payloads that apply Apple platform settings over the air to enrolled devices. You can either build payloads directly in Addigy or import existing .mobileconfig files and then deploy them to individual devices or at scale via policies. For more information, see Device Settings: Overview
Prerequisites
Before you can create, import, or export Device Settings, make sure you have:
- Devices enrolled in Addigy MDM (Device Settings can only be deployed to MDM-enrolled devices).
- Access to the Addigy Catalog with permission to manage Device Settings.
- Any existing
.mobileconfigfiles you plan to import (for the Import workflow).
How to Create a Device Setting
Use this workflow when you want to build a new payload directly in Addigy (for example, a Wi‑Fi, Notifications, or Restrictions Device Setting).
- Navigate to the Catalog page in Addigy.
- Select the Device Settings tab.
- Click New near the top right of the Device Settings pane.
- In the payload selection modal, choose the desired Device Setting (for example, Notifications, Wi-Fi, or Restrictions).
- Configure the settings within the Device Setting according to your requirements.
- Save the Device Setting to your Catalog.
ex: Notifications Device Setting
Once created, the Device Setting appears under Catalog > Device Settings and can be deployed to an individual device using GoLive or added to a policy for bulk deployment. We always suggest deploying the Device Setting to a test device before pushing it out to an entire policy to verify expected behavior.
Note: After adding the Device Setting to a policy, it will deploy on the next policy deployment cycle; you can also use Deploy Now on the policy to push changes immediately.
How to Work with Modular Device Settings
Device Settings in Addigy are modular, meaning you can include, disable, or completely omit specific settings within a given payload.
- Included and enabled keys enforce a setting on the device and prevent user changes.
- Included but disabled keys explicitly turn off a setting.
- Omitted keys are left unmanaged, allowing end users to modify those settings on their devices.
For example, within a Restrictions payload, you might allow iCloud Drive, disable iCloud Keychain, and omit iCloud Photos so users can decide how to use that specific service.
How to Import a Profile
Use the import workflow when you already have a .mobileconfig file (for example, created with Apple Configurator or another profile editor) and want to manage and deploy it through Addigy.
- Navigate to the Catalog page.
- Select the Device Settings tab.
- Click Import to open the Import interface.
- Drag and drop your
.mobileconfigfile into the Import UI, or click the upload icon to select the file from your computer. - Review the table that appears under the import button to confirm which payloads are detected and will be imported.
- Click Import to complete the import process.
After import, the profile is added to Catalog > Device Settings, where you can assign it to policies or deploy it to individual devices.
Note: If your payload is not supported for import (Invalid Status), you can upload it as a Custom Profile instead - How To: Configure and Deploy a Custom Profile
Supported Payload Types for Import
Addigy’s import function supports a wide range of common Apple configuration payloads. For any payload types not listed below, use the Custom Profile option and upload the profile as a generic configuration.
| Profile | Payload Identifier |
|---|---|
| ACME | m.apple.security.acme |
| AirPlay | com.apple.airplay |
| App Store | com.apple.appstore |
| Associated Domains | com.apple.associated-domains |
| Certificates | com.apple.security.pem |
| Content Caching | com.apple.AssetCache.managed |
| DNS Settings | com.apple.dnsSettings.managed |
| Dock | com.apple.dock |
| Energy Savings | com.apple.MCX |
| Extensible SSO | com.apple.extensiblesso |
| Finder | com.apple.finder |
| Kernel Extensions | com.apple.syspolicy.kernel-extension-policy |
| Lock Screen Message | com.apple.shareddeviceconfiguration |
| Login Items | com.apple.loginitems.managed |
| Login Window | com.apple.loginwindow |
| Networking (Wi‑Fi) | com.apple.wifi.managed |
| Network Usage | com.apple.networkusagerules |
| Notifications | com.apple.notificationsettings |
| Passcode | com.apple.mobiledevice.passwordpolicy |
| PPPC | com.apple.TCC.configuration-profile-policy |
| Printing | com.apple.mcxprinting |
| Relay | com.apple.relay.managed |
| Restrictions | com.apple.applicationaccess |
| SCEP | com.apple.security.scep |
| Screen Saver | com.apple.screensaver |
| Screen Saver (User) | com.apple.screensaver.user |
| Security and Privacy | com.apple.preference.security |
| Service Management | com.apple.servicemanagement |
| Single App Lock | com.apple.app.lock |
| Software Update | com.apple.softwareupdate |
| System Extensions | com.apple.system-extension-policy |
| System Preferences | com.apple.systempreferences |
| Time Machine | com.apple.MCX.TimeMachine |
| VPN | com.apple.vpn.managed |
| Web Clip | com.apple.webClip.managed |
| Web Content Filter | com.apple.webcontent-filter |
How to Export a Device Setting
Use the export workflow when you want to download a copy of an existing payload, either for backup, review, or use in another MDM or tool.
- Navigate to the Catalog page.
- Select the Device Settings tab.
- Find the Device Setting you want to export.
- Click the Actions (…) menu next to that Device Setting.
- Select the desired download option from the menu: Signed or Unsigned.
Your browser will download the selected Device Setting as a .mobileconfig file, which you can then store or reuse as needed.
Frequently Asked Questions
How do I remove an Device Setting from a device?
If a Device Setting has been deployed via a policy, un-assign it from the policy and it will be removed from devices during their next regular policy deployment.
If a Device Setting has been deployed via GoLive, it can be removed from the GoLive page > Device Settings > Installed Device Settings tab by selecting the trash can icon in the Remove column.
Can I deploy imported profiles to individual devices?
Yes, once imported into the Catalog, you can deploy profiles to single devices from GoLive or assign them to policies for deployment to multiple devices.