Query structured spec data via REST or MCP. Get exactly what your agent needs.
https://console.jumpcloud.com/api/v2
/applemdms/{id}
Updates an Apple MDM configuration. This endpoint is used to supply JumpCloud with a signed certificate from Apple in order to finalize the setup and allow JumpCloud to manage your devices. It may also be used to update the DEP Settings.
curl -X PUT https://console.jumpcloud.com/api/v2/applemdms/{ID} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"name": "MDM name",
"appleSignedCert": "{CERTIFICATE}",
"encryptedDepServerToken": "{SERVER_TOKEN}",
"dep": {
"welcomeScreen": {
"title": "Welcome",
"paragraph": "In just a few steps, you will be working securely from your Mac.",
"button": "continue",
},
},
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
apple-mdm-patch
| Property | Type | Required |
|---|---|---|
| dep | object | optional |
| └ welcomeScreen | object | optional |
| └ title | string | optional |
| └ button | string | optional |
| └ paragraph | string | optional |
| └ setupAssistantOptions | array | optional |
| └ option | string | optional |
| └ enableZeroTouchEnrollment | boolean | optional |
| ades | object | optional |
| └ ios | object | optional |
| └ setupOptions | array | optional |
| └ welcomeScreen | object | optional |
| └ title | string | optional |
| └ button | string | optional |
| └ paragraph | string | optional |
| └ setupAssistantOptions | array | optional |
| └ option | string | optional |
| └ enableZeroTouchEnrollment | boolean | optional |
| └ defaultDeviceGroupObjectIds | array | optional |
| └ macos | object | optional |
| └ setupOptions | array | optional |
| └ welcomeScreen | object | optional |
| └ title | string | optional |
| └ button | string | optional |
| └ paragraph | string | optional |
| └ setupAssistantOptions | array | optional |
| └ option | string | optional |
| └ enableZeroTouchEnrollment | boolean | optional |
| └ defaultDeviceGroupObjectIds | array | optional |
| name | string | optional |
| appleSignedCert | string | optional |
| defaultSystemGroupID | string | optional |
| appleCertCreatorAppleID | string | optional |
| encryptedDepServerToken | string | optional |
| allowMobileUserEnrollment | boolean | optional |
| defaultIosUserEnrollmentDeviceGroupID | string | optional |
PUT /applemdms/{id}
/customemails/{custom_email_type}
Update the custom email configuration for the specified custom email type.
This action is only available to paying customers.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| custom_email_type | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
CustomEmail
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| body | string | optional |
| type | string | required |
| title | string | optional |
| button | string | optional |
| header | string | optional |
| subject | string | required |
| nextStepContactInfo | string | optional |
OK
PUT /customemails/{custom_email_type}
/duo/accounts/{account_id}/applications/{application_id}
Updates the specified Duo application.
curl -X PUT https://console.jumpcloud.com/api/v2/duo/accounts/{ACCOUNT_ID}/applications/{APPLICATION_ID} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"name": "Application Name",
"apiHost": "api-1234.duosecurity.com",
"integrationKey": "1234",
"secretKey": "5678"
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| account_id | path | required | string | — |
| application_id | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
DuoApplicationUpdateReq
| Property | Type | Required |
|---|---|---|
| name | string | required |
| apiHost | string | required |
| secretKey | string | optional |
| integrationKey | string | required |
PUT /duo/accounts/{account_id}/applications/{application_id}
/iplists/{id}
Replace a specific IP list.
curl -X PUT https://console.jumpcloud.com/api/v2/iplists/{id} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"name": "Sample IP List",
"ips": [
"192.168.10.10"
]
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
IPListRequest
| Property | Type | Required |
|---|---|---|
| ips | array | optional |
| name | string | optional |
| description | string | optional |
OK
PUT /iplists/{id}
/policies/{id}
This endpoint allows you to update a policy. Given the amount of configurable parameters required to update a Policy, we suggest you use the JumpCloud Admin Console to create new policies.
curl -X PUT https://console.jumpcloud.com/api/v2/policies/59fced45c9118022172547ff \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
{Policy_Parameters}
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | ObjectID of the Policy object. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
PolicyUpdateRequest
| Property | Type | Required |
|---|---|---|
| name | string | required |
| notes | string | optional |
| values | array | optional |
| └ value | string | optional |
| └ sensitive | boolean | optional |
| └ configFieldID | string | optional |
OK
PUT /policies/{id}
/policygroups/{id}
This endpoint allows you to do a full update of the Policy Group.
curl -X PUT https://console.jumpcloud.com/api/v2/policygroups/{Group_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"name": "group_update"
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | ObjectID of the Policy Group. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
PolicyGroupData
| Property | Type | Required |
|---|---|---|
| name | string | required |
OK
PUT /policygroups/{id}
/providers/{provider_id}/integrations/autotask/alerts/{alert_UUID}/configuration
Update an Autotask ticketing alert’s configuration
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| provider_id | path | required | string | — |
| alert_UUID | path | required | string | — |
application/json
AutotaskTicketingAlertConfigurationRequest
| Property | Type | Required |
|---|---|---|
| queue | object | optional |
| └ id | integer | optional |
| └ name | string | optional |
| source | object | optional |
| └ id | integer | optional |
| └ name | string | optional |
| status | object | required |
| └ id | integer | optional |
| └ name | string | optional |
| dueDays | integer | required |
| priority | object | required |
| └ id | integer | optional |
| └ name | string | optional |
| resource | object | optional |
| └ id | integer | optional |
| └ name | string | optional |
| └ role | object | optional |
| └ id | integer | optional |
| └ name | string | optional |
| destination | string | required |
| shouldCreateTickets | boolean | required |
OK
PUT /providers/{provider_id}/integrations/autotask/alerts/{alert_UUID}/configuration
/providers/{provider_id}/integrations/connectwise/alerts/{alert_UUID}/configuration
Update a ConnectWise ticketing alert’s configuration.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| provider_id | path | required | string | — |
| alert_UUID | path | required | string | — |
application/json
ConnectWiseTicketingAlertConfigurationRequest
| Property | Type | Required |
|---|---|---|
| source | object | optional |
| └ id | integer | optional |
| └ name | string | optional |
| dueDays | integer | optional |
| priority | object | optional |
| └ id | integer | optional |
| └ name | string | optional |
| shouldCreateTickets | boolean | required |
OK
PUT /providers/{provider_id}/integrations/connectwise/alerts/{alert_UUID}/configuration
/providers/{provider_id}/integrations/syncro/alerts/{alert_UUID}/configuration
Update a Syncro ticketing alert’s configuration
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| provider_id | path | required | string | — |
| alert_UUID | path | required | string | — |
application/json
SyncroTicketingAlertConfigurationRequest
| Property | Type | Required |
|---|---|---|
| status | string | optional |
| userId | number | optional |
| dueDays | integer | optional |
| priority | string | optional |
| username | string | optional |
| problemType | string | required |
| shouldCreateTickets | boolean | required |
OK
PUT /providers/{provider_id}/integrations/syncro/alerts/{alert_UUID}/configuration
/providers/{provider_id}/organizations/{id}
This endpoint updates a provider’s organization
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| provider_id | path | required | string | — |
| id | path | required | string | — |
application/json
Organization
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| name | string | optional |
| maxSystemUsers | integer | optional |
OK
PUT /providers/{provider_id}/organizations/{id}
/ldapservers/{ldapserver_id}/sambadomains/{id}
This endpoint allows you to update the samba domain information for an LDAP server.
curl -X PUT https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID}/sambadomains/{SAMBA_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"sid":"{SID_ID}",
"name":"{WORKGROUP_NAME}"
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| ldapserver_id | path | required | string | Unique identifier of the LDAP server. |
| id | path | required | string | Unique identifier of the samba domain. |
application/json
samba-domain
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| sid | string | required |
| name | string | required |
PUT /ldapservers/{ldapserver_id}/sambadomains/{id}
/softwareapps/{id}
This endpoint updates a specific Software Application configuration for the organization.
displayName can be changed alone if no settings are provided.
If a setting is provided, it should include all its information since this endpoint will update all the settings’ fields.
The optional isConfigEnabled and appConfiguration apple_vpp attributes are not included in the response.
curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"displayName": "My Software App"
}'
curl -X PUT https://console.jumpcloud.com/api/v2/softwareapps/{id} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"displayName": "My Software App",
"settings": [
{
"packageId": "123456",
"autoUpdate": false,
"allowUpdateDelay": false,
"packageManager": "APPLE_VPP",
"locationObjectId": "123456789012123456789012",
"location": "123456",
"desiredState": "Install",
"appleVpp": {
"appConfiguration": "<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE plist PUBLIC \"-//Apple//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\"><plist version=\"1.0\"><dict><key>MyKey</key><string>My String</string></dict></plist>",
"assignedLicenses": 20,
"availableLicenses": 10,
"details": {},
"isConfigEnabled": true,
"supportedDeviceFamilies": [
"IPAD",
"MAC"
],
"totalLicenses": 30
},
"packageSubtitle": "My package subtitle",
"packageVersion": "1.2.3",
"packageKind": "software-package",
"assetKind": "software",
"assetSha256Size": 256,
"assetSha256Strings": [
"a123b123c123d123"
],
"description": "My app description"
}
]
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
software-app
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| settings | array | optional |
| └ appleVpp | object | optional |
| └ details | object | optional |
| └ totalLicenses | integer | optional |
| └ isConfigEnabled | boolean | optional |
| └ appConfiguration | string | optional |
| └ assignedLicenses | integer | optional |
| └ availableLicenses | integer | optional |
| └ supportedDeviceFamilies | array | optional |
| └ location | string | optional |
| └ assetKind | string | optional |
| └ packageId | string | optional |
| └ autoUpdate | boolean | optional |
| └ description | string | optional |
| └ packageKind | string | optional |
| └ desiredState | string | optional |
| └ googleAndroid | object | optional |
| └ name | string | optional |
| └ type | string | optional |
| └ author | string | optional |
| └ iconUrl | string | optional |
| └ category | string | optional |
| └ startUrl | string | optional |
| └ appPricing | string | optional |
| └ appVersion | string | optional |
| └ updateTime | string | optional |
| └ displayMode | string | optional |
| └ installType | string | optional |
| └ versionCode | integer | optional |
| └ contentRating | string | optional |
| └ minSdkVersion | integer | optional |
| └ autoUpdateMode | string | optional |
| └ androidFeatures | array | optional |
| └ fullDescription | string | optional |
| └ permissionGrants | array | optional |
| └ id | string | optional |
| └ policy | string | optional |
| └ managedProperties | boolean | optional |
| └ runtimePermission | string | optional |
| └ …2 more | object | optional |
| └ storedPackage | object | optional |
| └ objectId | string | optional |
| └ versions | array | optional |
| └ name | string | optional |
| └ size | integer | optional |
| └ status | string | optional |
| └ version | integer | optional |
| └ metadata | object | optional |
| └ sha256sum | string | optional |
| └ rejectedReason | string | optional |
| └ microsoftStore | object | optional |
| └ doNotUpdate | boolean | optional |
| └ nonRemovable | boolean | optional |
| └ packageFamilyName | string | optional |
| └ packageManager | string | optional |
| └ packageVersion | string | optional |
| └ assetSha256Size | integer | optional |
| └ packageSubtitle | string | optional |
| └ allowUpdateDelay | boolean | optional |
| └ locationObjectId | string | optional |
| └ assetSha256Strings | array | optional |
| └ enterpriseObjectId | string | optional |
| └ commandLineArguments | string | optional |
| └ …1 more | object | optional |
| displayName | string | optional |
OK
PUT /softwareapps/{id}
/systemgroups/{id}
This endpoint allows you to do a full update of the System Group.
See the Dynamic Group Configuration KB article for more details on maintaining a Dynamic Group.
curl -X PUT https://console.jumpcloud.com/api/v2/systemgroups/{Group_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"name": "Name_Update"
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | ObjectID of the System Group. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
SystemGroupPut
| Property | Type | Required |
|---|---|---|
| name | string | required |
| string | optional | |
| attributes | object | optional |
| description | string | optional |
| memberQuery | object | optional |
| └ queryType | string | required |
| └ filters | array | optional |
| membershipMethod | string | optional |
| memberQueryExemptions | array | optional |
| └ id | string | required |
| └ type | string | required |
| └ attributes | object | optional |
| memberSuggestionsNotify | boolean | optional |
OK
PUT /systemgroups/{id}
/accessrequests/{accessId}
Endpoint for updating access request by id
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| accessId | path | required | string | — |
application/json
AccessRequestApiUpdateAccessRequestRequest
| Property | Type | Required |
|---|---|---|
| expiry | string | optional |
| remarks | string | optional |
| additionalAttributes | object | optional |
| organizationObjectId | string | optional |
An unexpected error response.
A successful response.
PUT /accessrequests/{accessId}
/devices/settings/defaultpasswordsync
Sets the Default Password Sync Setting for an Organization.
application/json
devices.SetDefaultPasswordSyncSettingsRequest
| Property | Type | Required |
|---|---|---|
| enabled | boolean | optional |
| organizationObjectId | string | optional |
An unexpected error response.
A successful response.
Setting successfully changed.
Bad Request
Unauthorized
Forbidden
Not Found
Internal Server Error
PUT /devices/settings/defaultpasswordsync
/devices/settings/signinwithjumpcloud
Sets the Sign In with JumpCloud Settings for an Organization.
curl -X PUT https://console.jumpcloud.com/api/v2/devices/settings/signinwithjumpcloud \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key:{API_KEY}' \
-d '{"settings":[{"osFamily":"WINDOWS","enabled":true,"defaultPermission":"STANDARD"}]}'
application/json
devices.SetSignInWithJumpCloudSettingsRequest
| Property | Type | Required |
|---|---|---|
| settings | array | optional |
| └ enabled | boolean | optional |
| └ osFamily | string | optional |
| └ defaultPermission | string | optional |
| organizationObjectId | string | optional |
An unexpected error response.
A successful response.
Settings successfully changed.
Bad Request
Unauthorized
Forbidden
Not Found
Internal Server Error
PUT /devices/settings/signinwithjumpcloud
/usergroups/{id}
This endpoint allows you to do a full update of the User Group.
See the Dynamic Group Configuration KB article for more details on maintaining a Dynamic Group.
curl -X PUT https://console.jumpcloud.com/api/v2/usergroups/{Group_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"name": "group_update"
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | ObjectID of the User Group. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
UserGroupPut
| Property | Type | Required |
|---|---|---|
| name | string | required |
| string | optional | |
| attributes | object | optional |
| └ sudo | object | optional |
| └ enabled | boolean | required |
| └ withoutPassword | boolean | required |
| └ ldapGroups | array | optional |
| └ name | string | optional |
| └ posixGroups | array | optional |
| └ id | integer | required |
| └ name | string | required |
| └ radius | object | optional |
| └ reply | array | optional |
| └ name | string | required |
| └ value | string | required |
| └ sambaEnabled | boolean | optional |
| description | string | optional |
| memberQuery | object | optional |
| └ queryType | string | required |
| └ filters | array | optional |
| membershipMethod | string | optional |
| memberQueryExemptions | array | optional |
| └ id | string | required |
| └ type | string | required |
| └ attributes | object | optional |
| memberSuggestionsNotify | boolean | optional |
OK
PUT /usergroups/{id}
/workdays/{id}
This endpoint allows you to update the name and Custom Report URL for a Workday Instance.
Currently, the name can not be changed from the default of Workday Import.
curl -X PUT https://console.jumpcloud.com/api/v2/workdays/{WorkdayID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"reportUrl":"{Report_URL}",
"name":"{Name}"
} '
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
workday-fields
| Property | Type | Required |
|---|---|---|
| name | string | optional |
| reportUrl | string | optional |
PUT /workdays/{id}
ADE
{
"type": "object",
"title": "ADE",
"properties": {
"setupOptions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/SetupAssistantOption"
},
"description": "A list of configured setup options for this enrollment."
},
"welcomeScreen": {
"$ref": "#/components/schemas/DEPWelcomeScreen"
},
"setupAssistantOptions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/DEPSetupAssistantOption"
},
"description": "A Setup Option wrapped as an object",
"x-deprecated": true
},
"enableZeroTouchEnrollment": {
"type": "boolean",
"description": "A toggle to determine if ADE registered devices should go through JumpCloud Zero Touch Enrollment."
},
"defaultDeviceGroupObjectIds": {
"type": "array",
"items": {
"type": "string"
},
"nullable": true,
"description": "An array of ObjectIDs identifying the default device groups for this specific type (based on the OS family) of automated device enrollment. Currently, only a single DeviceGroupID is supported."
}
}
}
ADES
{
"type": "object",
"title": "ADES",
"properties": {
"ios": {
"$ref": "#/components/schemas/ADE"
},
"macos": {
"$ref": "#/components/schemas/ADE"
}
}
}
AccessRequestApiRevokeAccessRequestResponse
{
"type": "object",
"example": {},
"properties": {}
}
AccessRequestApiUpdateAccessRequestRequest
{
"type": "object",
"properties": {
"expiry": {
"type": "string",
"format": "date-time"
},
"remarks": {
"type": "string"
},
"additionalAttributes": {
"type": "object"
},
"organizationObjectId": {
"type": "string",
"format": "byte"
}
}
}
AccessRequestApiUpdateAccessRequestResponse
{
"type": "object",
"example": {},
"properties": {}
}
ActivedirectoriesAgentsListResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/active-directory-agent-list"
}
}
ActivedirectoriesListResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/active-directory"
}
}
Address
{
"type": "object",
"properties": {
"id": {
"type": "string"
},
"type": {
"type": "string",
"maxLength": 1024
},
"poBox": {
"type": "string",
"maxLength": 1024
},
"region": {
"type": "string",
"maxLength": 1024
},
"country": {
"type": "string",
"maxLength": 1024
},
"locality": {
"type": "string",
"maxLength": 1024
},
"postalCode": {
"type": "string",
"maxLength": 1024
},
"streetAddress": {
"type": "string",
"maxLength": 1024
},
"extendedAddress": {
"type": "string",
"maxLength": 1024
}
}
}
Administrator
{
"type": "object",
"title": "Administrator",
"example": {
"id": "0123456789abcdef01234567",
"email": "joe@example.com",
"lastname": "Blough",
"firstname": "Joe",
"registered": false,
"enableMultiFactor": true
},
"properties": {
"id": {
"type": "string"
},
"role": {
"type": "string"
},
"email": {
"type": "string"
},
"lastname": {
"type": "string"
},
"roleName": {
"type": "string"
},
"apiKeySet": {
"type": "boolean"
},
"firstname": {
"type": "string"
},
"suspended": {
"type": "boolean"
},
"registered": {
"type": "boolean"
},
"apiKeyAllowed": {
"type": "boolean"
},
"enableMultiFactor": {
"type": "boolean"
},
"organizationAccessTotal": {
"type": "number"
}
}
}
AdministratorOrganizationLink
{
"type": "object",
"title": "AdministratorOrganizationLink",
"example": {
"organization": "6230a0d26a4e4bc86c6b36f1",
"administrator": "6230a0c233a6cbea7c470398"
},
"properties": {
"organization": {
"type": "string",
"description": "The identifier for an organization"
},
"administrator": {
"type": "string",
"description": "The identifier for an administrator"
}
}
}
AdministratorOrganizationLinkReq
{
"type": "object",
"title": "AdministratorOrganizationLinkReq",
"example": {
"organization": "6230a0d26a4e4bc86c6b36f1"
},
"properties": {
"organization": {
"type": "string",
"description": "The identifier for an organization to link this administrator to."
}
}
}
AdministratorOrganizationsListByAdministratorResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AdministratorOrganizationLink"
}
}
AdministratorOrganizationsListByOrganizationResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AdministratorOrganizationLink"
}
}
AnyValue
{
"description": "Can be any value - string, number, boolean, array or object."
}
AppleMDM
{
"type": "object",
"title": "AppleMDM",
"required": [
"id"
],
"properties": {
"id": {
"type": "string",
"description": "ObjectId uniquely identifying an MDM Enrollment,"
},
"dep": {
"$ref": "#/components/schemas/DEP"
},
"ades": {
"$ref": "#/components/schemas/ADES"
},
"name": {
"type": "string",
"maxLength": 255,
"description": "A friendly name to identify this enrollment. Not required to be unique."
},
"organization": {
"type": "string",
"description": "The identifier for an organization"
},
"apnsPushTopic": {
"type": "string",
"description": "The push topic assigned to this enrollment by Apple after uploading the Signed CSR plist."
},
"apnsCertExpiry": {
"type": "string",
"description": "The expiration date and time for the APNS Certificate."
},
"depServerTokenState": {
"enum": [
"unknown",
"missing",
"valid",
"expired"
],
"type": "string",
"description": "The state of the dep server token, presence and expiry."
},
"defaultSystemGroupID": {
"type": "string",
"description": "ObjectId uniquely identifying the MDM default System Group.",
"x-deprecated": true
},
"depAccessTokenExpiry": {
"type": "string",
"description": "The expiration date and time for the DEP Access Token. This aligns with the DEP Server Token State."
},
"appleCertSerialNumber": {
"type": "string",
"description": "The serial number of the Apple signed certificate associated to the Device Manager."
},
"appleCertCreatorAppleID": {
"type": "string",
"description": "The Apple ID of the admin who created the Apple signed certificate associated to the Device Manager."
},
"allowMobileUserEnrollment": {
"type": "boolean",
"description": "A toggle to allow mobile device enrollment for an organization."
},
"defaultIosUserEnrollmentDeviceGroupID": {
"type": "string",
"description": "ObjectId uniquely identifying the MDM default iOS user enrollment device group."
}
}
}
ApplemdmsDevicesClearActivationLock500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesClearActivationLockResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesOsUpdateStatusResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesRefreshActivationLockInformation500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesRefreshActivationLockInformationResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesScheduleOsUpdateResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceserase500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceseraseRequest
{
"type": "object",
"properties": {
"pin": {
"type": "string",
"example": "123456",
"pattern": "^[0-9]{6}$",
"description": "6-digit PIN, required for MacOS, to erase the device"
}
}
}
ApplemdmsDeviceseraseResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceslistResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/apple-mdm-device"
}
}
ApplemdmsDeviceslock500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceslockRequest
{
"type": "object",
"properties": {
"pin": {
"type": "string",
"example": "123456",
"pattern": "^[0-9]{6}$",
"description": "6-digit PIN, required for MacOS, to lock the device"
}
}
}
ApplemdmsDeviceslockResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesrestart500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesrestartRequest
{
"type": "object",
"properties": {
"kextPaths": {
"type": "array",
"items": {
"type": "string"
},
"description": "The string to pass when doing a restart and performing a RebuildKernelCache."
}
}
}
ApplemdmsDevicesrestartResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesshutdown500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesshutdownResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsEnrollmentprofileslistResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AppleMDM"
}
}
ApplemdmsListResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AppleMDM"
}
}
ApplemdmsRefreshdepdevices500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsRefreshdepdevicesResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplicationsGetResponse
{
"type": "object",
"example": {},
"properties": {}
}
ApplicationsPostLogoRequest
{
"type": "object",
"properties": {
"image": {
"type": "string",
"format": "binary",
"description": "The file to upload."
}
}
}
Apps
{
"type": "array",
"items": {
"type": "object",
"properties": {
"osId": {
"type": "integer",
"format": "int32",
"example": 1
},
"appVersion": {
"type": "string",
"example": "1.1.1"
}
}
}
}
AuthnPolicy
{
"type": "object",
"title": "AuthnPolicy",
"properties": {
"id": {
"type": "string",
"readOnly": true
},
"name": {
"type": "string"
},
"type": {
"$ref": "#/components/schemas/AuthnPolicyType"
},
"effect": {
"$ref": "#/components/schemas/AuthnPolicyEffect"
},
"targets": {
"$ref": "#/components/schemas/AuthnPolicyTargets"
},
"disabled": {
"type": "boolean"
},
"conditions": {
"type": "object",
"description": "Conditions may be added to an authentication policy using the following conditional language:\n\n```\n<conditions> ::= <expression>\n<expression> ::= <deviceEncrypted> | <deviceManaged> | <ipAddressIn> |\n <locationIn> | <notExpression> | <allExpression> |\n <anyExpression>\n<deviceEncrypted> ::= { \"deviceEncrypted\": <boolean> }\n<deviceManaged> ::= { \"deviceManaged\": <boolean> }\n<ipAddressIn> ::= { \"ipAddressIn\": [ <objectId>, ... ] }\n<locationIn> ::= { \"locationIn\": {\n \"countries\": [\n <iso_3166_country_code>, ...\n ]\n }\n }\n<notExpression> ::= { \"not\": <expression> }\n<allExpression> ::= { \"all\": [ <expression>, ... ] }\n<anyExpression> ::= { \"any\": [ <expression>, ... ] }\n```\n\nFor example, to add a condition that applies to IP addresses in a given list, the following condition can be added:\n\n```\n{\"ipAddressIn\": [ <ip_list_object_id> ]}\n```\n\nIf you would rather exclude IP addresses in the given lists, the following condition could be added:\n\n```\n{\n \"not\": {\n \"ipAddressIn\": [ <ip_list_object_id_1>, <ip_list_object_id_2> ]\n }\n}\n```\n\nYou may also include more than one condition and choose whether \"all\" or \"any\" of them must be met for the policy to apply:\n\n```\n{\n \"all\": [\n {\n \"ipAddressIn\": [ <ip_list_object_id>, ... ]\n },\n {\n \"deviceManaged\": true\n },\n {\n \"locationIn\": {\n countries: [ <iso_3166_country_code>, ... ]\n }\n }\n ]\n}\n```"
},
"description": {
"type": "string"
}
},
"description": "This represents an authentication policy. See the details of each field for valid values and restrictions."
}
AuthnPolicyEffect
{
"type": "object",
"title": "AuthnPolicyEffect",
"required": [
"action"
],
"properties": {
"action": {
"enum": [
"allow",
"deny",
"unknown"
],
"type": "string"
},
"obligations": {
"$ref": "#/components/schemas/AuthnPolicyObligations"
}
},
"x-examples": {
"example-deny": {
"action": "deny"
},
"example-allow": {
"action": "allow"
},
"example-allow-with-mfa": {
"action": "allow",
"obligations": {
"mfa": {
"required": true
}
}
}
}
}
AuthnPolicyObligations
{
"type": "object",
"title": "AuthnPolicyObligations",
"properties": {
"mfa": {
"type": "object",
"properties": {
"required": {
"type": "boolean"
}
}
},
"userVerification": {
"type": "object",
"properties": {
"requirement": {
"enum": [
"none",
"optional",
"required"
],
"type": "string"
}
}
}
}
}
AuthnPolicyResourceTarget
{
"type": "object",
"title": "AuthnPolicyResourceTarget",
"required": [
"type"
],
"properties": {
"id": {
"type": "string",
"description": "Object ID of the resource target. If undefined, then all resources of the given type are targeted."
},
"type": {
"enum": [
"user_portal",
"application",
"ldap"
],
"type": "string"
}
}
}
AuthnPolicyTargets
{
"type": "object",
"title": "AuthnPolicyTargets",
"properties": {
"users": {
"$ref": "#/components/schemas/AuthnPolicyUserTarget"
},
"resources": {
"type": "array",
"items": {
"$ref": "#/components/schemas/AuthnPolicyResourceTarget"
}
},
"userGroups": {
"$ref": "#/components/schemas/AuthnPolicyUserGroupTarget"
},
"userAttributes": {
"$ref": "#/components/schemas/AuthnPolicyUserAttributeTarget"
}
}
}
AuthnPolicyType
{
"enum": [
"user_portal",
"application",
"ldap"
],
"type": "string",
"title": "AuthnPolicyType",
"default": "user_portal"
}
AuthnPolicyUserAttributeFilter
{
"type": "object",
"title": "AuthnPolicyUserAttributeFilter",
"properties": {
"field": {
"type": "string",
"description": "The only field that is currently supported is ldap_binding_user"
},
"value": {
"$ref": "#/components/schemas/AnyValue"
},
"operator": {
"enum": [
"EQ"
],
"type": "string"
}
}
}
AuthnPolicyUserAttributeTarget
{
"type": "object",
"title": "AuthnPolicyUserAttributeTarget",
"properties": {
"exclusions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/AuthnPolicyUserAttributeFilter"
}
},
"inclusions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/AuthnPolicyUserAttributeFilter"
}
}
},
"description": "User attribute targets are currently only supported for LDAP policies."
}
AuthnPolicyUserGroupTarget
{
"type": "object",
"title": "AuthnPolicyUserGroupTarget",
"properties": {
"exclusions": {
"type": "array",
"items": {
"type": "string"
}
},
"inclusions": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
AuthnPolicyUserTarget
{
"type": "object",
"title": "AuthnPolicyUserTarget",
"properties": {
"inclusions": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
| Version | Endpoints | Schemas | Ingested | Status |
|---|---|---|---|---|
| 2.0 | 416 | 669 | 2026-05-11 | current |
| 2.0 | 416 | 669 | 2026-04-20 | |
| 2.0 | 416 | 669 | 2026-04-20 | |
| 2.0 | 416 | 669 | 2026-04-16 |