| Parameter | Type | Description |
|---|---|---|
| name | String | The name of the profile. |
| payloads | List of Payloads | Refer to Available Payloads section |
Available Payloads:
| DNS Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "dns". |
| domains | List of DNS Object | Refer to DNS Object |
| DNS Object | ||
|---|---|---|
| Parameter | Type | Description |
| ip | String | IP address where the domain points to. Default value is 127.0.0.1 |
| domain | String | Name of the domain to block |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "dns",
"domains":[{
"ip": "127.0.0.1",
"domain": "www.twitter.com"
}]
}]
}'| Users Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "users" |
| users | List of User Object | Refer to User Object |
| User Object | ||
|---|---|---|
| Parameter | Type | Description |
| username | String | The username for the local user account. This should be all lowercase and be easy to remember. |
| full_name | String | The full name of the user. This should be the first and last name of the person. |
| password | String | The password for the local account. |
| is_admin | Boolean | Whether the user account has admin privileges. A value of false will indicate regular user privileges. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "users",
"users":[{
"username": "sampleuser",
"full_name": "Sample User",
"password": "S@mpl39@$sw0rd",
"is_admin": true
}]
}]
}'| Firewall Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "firewall" |
| firewall_on | Boolean | Default value is true. |
| block_all | Boolean | Block all incoming connections except those required for basic Internet services, such as DHCP, Bonjour, and IPSec. Default value is false. |
| stealth_mode | Boolean | Don't respond to or acknowledge attempts to access the computer from the network by test applications using ICMP, such as Ping. Default value is false. |
| allow_signed | Boolean | Allow software signed by a valid certificate authority to provide services accessed from the network. Default value is true. |
| trusted | List of Strings | List of trusted applications paths. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "firewall",
"firewall_on": true,
"block_all": false,
"stealth_mode": false,
"allow_signed": true,
"trusted": [
"/Applications/App Store.app"
]
}]
}'| Energy Saver Payload | ||||
|---|---|---|---|---|
| Parameter | Type | Description | ||
| payload_type | String | This field's value should always be "com.apple.MCX" | ||
| power_adapter_options | Energy Saver Options Object | Laptops(Plugged In) | ||
| desktop_options | Energy Saver Options Object | Desktop devices | ||
| battery_options | Energy Saver Options Object | Laptops(On Battery) | ||
| Energy Saver Options Object | ||
|---|---|---|
| display_sleep_timer | Number | Put the display(s) to sleep after a period of inactivity (in minutes). Default=5. |
| wake_on_lan | Boolean | Wake for Ethernet network administrator access. Default=true. |
| disk_sleep_timer_boolean | Boolean | Put the hard disk(s) to sleep whenever possible. Default=true. |
| automatic_restart_on_power_loss | Boolean | Start up automatically after a power failure. Default=false. |
| system_sleep_timer | Number | Put the computer to sleep after a period of inactivity (in minutes). Default=10. |
| sleep_on_power_button | Boolean | Allow power button to sleep the computer. Use for desktop_options on Energy Saver Payload. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.MCX",
"power_adapter_options" : {
"sleep_on_power_button" : false,
"display_sleep_timer" : 0,
"wake_on_lan" : true,
"disk_sleep_timer_boolean" : true,
"automatic_restart_on_power_loss" : false,
"system_sleep_timer" : 0
},
"desktop_options" : {
"sleep_on_power_button" : true,
"display_sleep_timer" : 5,
"wake_on_lan" : true,
"disk_sleep_timer_boolean" : true,
"automatic_restart_on_power_loss" : false,
"system_sleep_timer" : 10
},
"battery_options" : {
"sleep_on_power_button" : false,
"display_sleep_timer" : 5,
"wake_on_lan" : true,
"disk_sleep_timer_boolean" : true,
"automatic_restart_on_power_loss" : false,
"system_sleep_timer" : 10
}
}]
}'| Login Window Payload | ||
|---|---|---|
Parameter | Type | Description |
| payload_type | String | This field's value should always be "com.apple.loginwindow" |
| login_window_text | String | A message displayed above the login prompt. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.loginwindow",
"login_window_text": "Welcome, hope you are having a great day!"
}]
}'| GateKeeper Override Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "com.apple.systempolicy.managed" |
| disable_override | Boolean | Prevents the user from temporarily overriding the Gatekeeper setting by control-clicking to install any app. Default=false. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.systempolicy.managed",
"disable_override": true
}]
}'| Gatekeeper Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "com.apple.systempolicy.control" |
| allow_identified_developers | Boolean | Option 1 - Allow apps downloaded from Mac App Store allow_identified_developers=false enable_assessment=true Option 2 - Allow apps downloaded from Mac Apps Store and identified developers allow_identified_developers=true enable_assessment=true Option 3 - Allow apps downloaded from anywhere allow_identified_developers=false enable_assessment=false |
| enable_assessment | Boolean | |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.systempolicy.control",
"allow_identified_developers": false,
"enable_assessment": true
}]
}'| Allow Password Change Payload | ||
|---|---|---|
Parameter | Type | Description |
| payload_type | String | This field's value should always be "com.apple.preference.security" |
| allow_password_reset_ui | Boolean | Allow user to change password. Default=true. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_id}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.preference.security",
"allow_password_reset_ui": false
}]
}'| Screen Saver Password Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "com.apple.screensaver" |
| ask_for_password | Boolean | Require password after the device has gone to sleep or screen saver. Default=true. |
| ask_for_password_delay | Number | Require password after the following number of seconds. Default=5. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.screensaver",
"ask_for_password": true,
"ask_for_password_delay": 10
}]
}'| Time Machine Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "com.apple.MCX.TimeMachine" |
| backup_dest_url | String | URL of the backup destination (e.g. afp://server.example.com/backups/) |
| backup_all_volumes | Boolean | Only startup volume is backed up by default. Default=false. |
| backup_skip_sys | Boolean | Do not backup system files and folders. Default=true. |
| auto_backup | Boolean | Automatically backup at regular intervals. Default=false. |
| backup_size_mb | Number | Backup size limit in MB. Set to 0 for unlimited. Default=0. |
| skip_paths | List of Strings | List of the paths to skip from startup volume. |
| mobile_backups | Boolean. | Creates local backup snapshots when not connected to network. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.MCX.TimeMachine",
"backup_dest_url": "afp://server.example.com/backups/",
"backup_all_volumes": true,
"backup_skip_sys": false,
"auto_backup": true,
"backup_size_mb": 102400,
"skip_paths": [
"/tmp/"
],
"mobile_backups": true
}]
}'| Printing Payload | |||||
|---|---|---|---|---|---|
| Parameter | Type | Description | |||
| payload_type | String | This field's value should always be "com.apple.mcxprinting" | |||
| print_footer | Boolean | Print page footer (user name and date). Default=false. | |||
| require_admin_to_add_printer | Boolean | Blocks users from modifying the printer list. Default=false. | |||
| allow_local_printers | Boolean | Allow printers that connect directly to user's computer. Default=true. | |||
| show_only_managed_printers | Boolean | Only show managed printers. Default=false. | |||
| require_admin_to_print_locally | Boolean | Require an administrator password. Default=false. | |||
| print_mac_address | Boolean | Include MAC address in page footer. Default=false. Use if print_footer is set to true. | |||
| footer_font_size | Number | Footer font size. Default=7. Use if print_footer is set to true. | |||
| footer_font_name | String | Footer font name. Use if print_footer is set to true. Possible values are: "Helvetica", "Courier", "Lucida Grande", "Times". | |||
| user_printer_list | List of Printer Object | Refer to Printer Object | |||
| default_printer | Printer Object | Refer to Printer Object | |||
| Printer Object | ||
|---|---|---|
Parameter | Type | Description |
| location | String | If you mouse-hover over the printer name, this will be displayed for it’s location. |
| display_name | String | This is the name that is displayed to the user and what shows up in the print dialog. |
| ppd_url | String | Url of the PPD file. |
| model | String | This must exactly match the PPD information. 99% of the time it is the model of the printer as shown in the Print & Fax System Preferences dialog. If that name doesn’t work, you’ll have to open up the PPD and take a look. |
| printer_locked | String | This printer requires administrator password. Default=false |
| device_uri | Boolean | This is the URL that is used to connect to the print server for that printer. |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.mcxprinting",
"print_footer": true,
"require_admin_to_add_printer": true,
"allow_local_printers": false,
"show_only_managed_printers": true,
"require_admin_to_print_locally": true,
"print_mac_address": true,
"footer_font_size": 8,
"footer_font_name": "Times",
"user_printer_list": [{
"location": "office",
"display_name": "Office Printer",
"ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
"model": "DCP-7065DN CUPS",
"printer_locked": true,
"device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
}],
"default_printer":{
"location": "office",
"display_name": "Office Printer",
"ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
"model": "DCP-7065DN CUPS",
"printer_locked": true,
"device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
}
}]
}'| Wifi Payload | ||
|---|---|---|
| Parameter | Type | Description |
| payload_type | String | This field's value should always be "com.apple.wifi.managed" |
| ssid_str | String | SSID of the Wi-Fi network to be used. |
| encryption_type | String | The possible values are WEP, WPA,Any, and None. WPA corresponds to WPA and WPA2 and applies to both encryption types. Make sure that these values exactly match the capabilities of the network access point. If you're unsure about the encryption type, or would prefer that it apply to all encryption types, use the value Any. |
| password | String | Optional. The absence of a password does not prevent a network from being added to the list of known networks. The user is eventually prompted to provide the password when connecting to that network. |
| mcc_and_mncs | List of Strings | Optional. List of Mobile Country Code (MCC)/Mobile Network Code (MNC) pairs used for Wi-Fi Hotspot 2.0 negotiation. Each string must contain exactly six digits. |
| auto_join | Boolean | If true, the network is auto-joined. If false, the user has to tap the network name to join it. Default=true |
| proxy_port | Number | The proxy server's port. Use if proxy_type="Manual" or if proxy_type="Auto". |
| proxy_pac_fallback_allowed | Boolean | Optional. If false, prevents the device from connecting directly to the destination if the PAC file is unreachable.Use if proxy_type="Manual" or if proxy_type="Auto". Default=-1. |
| proxy_password | String | Optional. The username used to authenticate to the proxy server. Use if proxy_type="Manual" or if proxy_type="Auto". Default=false |
| nai_realm_names | List of Strings | Optional. List of Roaming Consortium Organization Identifiers used for Wi-Fi Hotspot 2.0 negotiation. |
| proxy_username | String | Optional. The username used to authenticate to the proxy server. Use if proxy_type="Manual" or if proxy_type="Auto". |
| is_hotspot | Boolean | If true, the network is treated as a hotspot. Default=false |
| proxy_type | String | Valid values are None, Manual, and Auto. |
| roaming_consortium_ois | List of Strings | Optional. List of Roaming Consortium Organization Identifiers used for Wi-Fi Hotspot 2.0 negotiation. |
| service_provider_roaming_enabled | Boolean | If true, allows connection to roaming service providers. Default=true |
| proxy_server | String | The proxy server's network address. Use if proxy_type="Manual" or if proxy_type="Auto". |
| hidden_network | Boolean | Besides SSID, the device uses information such as broadcast type and encryption type to differentiate a network. By default (false), it is assumed that all configured networks are open or broadcast. To specify a hidden network, must be true. Default=false |
| proxy_pac_url | String | Optional. The URL of the PAC file that defines the proxy configuration.Use if proxy_type="Manual" or if proxy_type="Auto". |
Example:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "com.apple.wifi.managed",
"ssid_str": "Office Wifi 5G",
"encryption_type":"WPA",
"password": "$u9er$Ecre79@$s30rd",
"auto_join": false,
"proxy_port": 80,
"proxy_pac_fallback_allowed": true,
"proxy_password": "07h3r$u9er$Ecre79@$s30rd",
"proxy_username": "johndoe",
"is_hotspot": true,
"proxy_type": "Manual",
"service_provider_roaming_enabled": false,
"proxy_server": "proxy.server.com",
"hidden_network": true
}]
}'Example with multiple payloads:
curl -X POST \
'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
-H 'content-type: application/json' \
-d '{
"name": "Sample Profile",
"payloads": [{
"payload_type": "dns",
"domains":[{
"ip": "127.0.0.1",
"domain": "www.twitter.com"
}]
},{
"payload_type": "users",
"users":[{
"username": "sampleuser",
"full_name": "Sample User",
"password": "S@mpl39@$sw0rd",
"is_admin": true
}]
},{
"payload_type": "firewall",
"firewall_on": true,
"block_all": false,
"stealth_mode": false,
"allow_signed": true,
"trusted": [
"/Applications/App Store.app"
]
},{
"payload_type": "com.apple.MCX",
"power_adapter_options" : {
"sleep_on_power_button" : false,
"display_sleep_timer" : 0,
"wake_on_lan" : true,
"disk_sleep_timer_boolean" : true,
"automatic_restart_on_power_loss" : false,
"system_sleep_timer" : 0
},
"desktop_options" : {
"sleep_on_power_button" : true,
"display_sleep_timer" : 5,
"wake_on_lan" : true,
"disk_sleep_timer_boolean" : true,
"automatic_restart_on_power_loss" : false,
"system_sleep_timer" : 10
},
"battery_options" : {
"sleep_on_power_button" : false,
"display_sleep_timer" : 5,
"wake_on_lan" : true,
"disk_sleep_timer_boolean" : true,
"automatic_restart_on_power_loss" : false,
"system_sleep_timer" : 10
}
},{
"payload_type": "com.apple.loginwindow",
"login_window_text": "Welcome, hope you are having a great day!"
},{
"payload_type": "com.apple.systempolicy.managed",
"disable_override": true
},{
"payload_type": "com.apple.systempolicy.control",
"allow_identified_developers": false,
"enable_assessment": true
},{
"payload_type": "com.apple.preference.security",
"allow_password_reset_ui": false
},{
"payload_type": "com.apple.screensaver",
"ask_for_password": true,
"ask_for_password_delay": 10
},{
"payload_type": "com.apple.MCX.TimeMachine",
"backup_dest_url": "afp://server.example.com/backups/",
"backup_all_volumes": true,
"backup_skip_sys": false,
"auto_backup": true,
"backup_size_mb": 102400,
"skip_paths": [
"/tmp/"
],
"mobile_backups": true
},{
"payload_type": "com.apple.mcxprinting",
"print_footer": true,
"require_admin_to_add_printer": true,
"allow_local_printers": false,
"show_only_managed_printers": true,
"require_admin_to_print_locally": true,
"print_mac_address": true,
"footer_font_size": 8,
"footer_font_name": "Times",
"user_printer_list": [{
"location": "office",
"display_name": "Office Printer",
"ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
"model": "DCP-7065DN CUPS",
"printer_locked": true,
"device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
}],
"default_printer":{
"location": "office",
"display_name": "Office Printer",
"ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
"model": "DCP-7065DN CUPS",
"printer_locked": true,
"device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
}
},{
"payload_type": "com.apple.wifi.managed",
"ssid_str": "Office Wifi 5G",
"encryption_type":"WPA",
"password": "$u9er$Ecre79@$s30rd",
"auto_join": false,
"proxy_port": 80,
"proxy_pac_fallback_allowed": true,
"proxy_password": "07h3r$u9er$Ecre79@$s30rd",
"proxy_username": "johndoe",
"is_hotspot": true,
"proxy_type": "Manual",
"service_provider_roaming_enabled": false,
"proxy_server": "proxy.server.com",
"hidden_network": true
}]
}'