Parameter
Type
Description
name
String
The name of the profile.
payloads
List of Payloads
Refer to Available Payloads section



Available Payloads:


DNS Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "dns".   
domains
List of DNS Object
Refer to DNS Object


DNS Object
Parameter
Type
Description
ip
String
IP address where the domain points to. Default value is 127.0.0.1
domain
String
Name of the domain to block


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "dns",
    "domains":[{
            "ip": "127.0.0.1",
            "domain": "www.twitter.com"
    }]
  }]
}'



Users Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "users"
users
List of User Object
Refer to User Object


User Object
Parameter
Type
Description
username
String
The username for the local user account. This should be all lowercase and be easy to remember.
full_name
String
The full name of the user. This should be the first and last name of the person.
password
String
The password for the local account.
is_admin
Boolean
Whether the user account has admin privileges. A value of false will indicate regular user privileges.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "users",
    "users":[{
      "username": "sampleuser",
      "full_name": "Sample User",
      "password": "S@mpl39@$sw0rd",
      "is_admin": true
    }]
  }]
}'



Firewall Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "firewall"
firewall_on
Boolean
Default value is true.
block_all
Boolean
Block all incoming connections except those required for basic Internet services, such as DHCP, Bonjour, and IPSec. Default value is false.
stealth_mode
Boolean
Don't respond to or acknowledge attempts to access the computer from the network by test applications using ICMP, such as Ping. Default value is false.
allow_signed
Boolean
Allow software signed by a valid certificate authority to provide services accessed from the network. Default value is true.
trusted
List of Strings
List of trusted applications paths.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "firewall",
    "firewall_on": true,
    "block_all": false,
    "stealth_mode": false,
    "allow_signed": true,
    "trusted": [
      "/Applications/App Store.app"
    ]
  }]
}'



Energy Saver Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.MCX"
power_adapter_options
Energy Saver Options Object
Laptops(Plugged In)
desktop_options
Energy Saver Options Object
Desktop devices
battery_options
Energy Saver Options Object
Laptops(On Battery)


Energy Saver Options Object
display_sleep_timer
Number
Put the display(s) to sleep after a period of inactivity (in minutes). Default=5.
wake_on_lan
Boolean
Wake for Ethernet network administrator access. Default=true.
disk_sleep_timer_boolean
Boolean
Put the hard disk(s) to sleep whenever possible. Default=true.
automatic_restart_on_power_loss
Boolean
Start up automatically after a power failure. Default=false.
system_sleep_timer
Number
Put the computer to sleep after a period of inactivity (in minutes). Default=10.
sleep_on_power_button
Boolean
Allow power button to sleep the computer. Use for desktop_options on Energy Saver Payload.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.MCX",
    "power_adapter_options" : {
      "sleep_on_power_button" : false,
      "display_sleep_timer" : 0,
      "wake_on_lan" : true,
      "disk_sleep_timer_boolean" : true,
      "automatic_restart_on_power_loss" : false,
      "system_sleep_timer" : 0
    },
    "desktop_options" : {
      "sleep_on_power_button" : true,
      "display_sleep_timer" : 5,
      "wake_on_lan" : true,
      "disk_sleep_timer_boolean" : true,
      "automatic_restart_on_power_loss" : false,
      "system_sleep_timer" : 10
    },
    "battery_options" : {
      "sleep_on_power_button" : false,
      "display_sleep_timer" : 5,
      "wake_on_lan" : true,
      "disk_sleep_timer_boolean" : true,
      "automatic_restart_on_power_loss" : false,
      "system_sleep_timer" : 10
    }
  }]
}'



Login Window Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.loginwindow"
login_window_text
String
A message displayed above the login prompt.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.loginwindow",
    "login_window_text": "Welcome, hope you are having a great day!"
  }]
}'



GateKeeper Override Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.systempolicy.managed"
disable_override
Boolean
Prevents the user from temporarily overriding the Gatekeeper setting by control-clicking to install any app. Default=false.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.systempolicy.managed",
    "disable_override": true
  }]
}'



Gatekeeper Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.systempolicy.control"
allow_identified_developers
Boolean
Option 1 - Allow apps downloaded from Mac App Store
allow_identified_developers=false
enable_assessment=true

Option 2 - Allow apps downloaded from Mac Apps Store and identified developers
allow_identified_developers=true
enable_assessment=true

Option 3 - Allow apps downloaded from anywhere
allow_identified_developers=false
enable_assessment=false
enable_assessment
Boolean


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.systempolicy.control",
    "allow_identified_developers": false,
    "enable_assessment": true
  }]
}'



Allow Password Change Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.preference.security"
allow_password_reset_ui
Boolean
Allow user to change password. Default=true.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_id}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.preference.security",
    "allow_password_reset_ui": false
  }]
}'



Screen Saver Password Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.screensaver"
ask_for_password
Boolean
Require password after the device has gone to sleep or screen saver. Default=true.
ask_for_password_delay
Number
Require password after the following number of seconds. Default=5.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.screensaver",
    "ask_for_password": true,
    "ask_for_password_delay": 10
  }]
}'



Time Machine Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.MCX.TimeMachine"
backup_dest_url
String
URL of the backup destination (e.g. afp://server.example.com/backups/)
backup_all_volumes
Boolean
Only startup volume is backed up by default. Default=false.
backup_skip_sys
Boolean
Do not backup system files and folders. Default=true.
auto_backup
Boolean
Automatically backup at regular intervals. Default=false.
backup_size_mb
Number
Backup size limit in MB. Set to 0 for unlimited. Default=0.
skip_paths
List of Strings
List of the paths to skip from startup volume.
mobile_backups
Boolean.
Creates local backup snapshots when not connected to network.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.MCX.TimeMachine",
    "backup_dest_url": "afp://server.example.com/backups/",
    "backup_all_volumes": true,
    "backup_skip_sys": false,
    "auto_backup": true,
    "backup_size_mb": 102400,
    "skip_paths": [
      "/tmp/"
    ],
    "mobile_backups": true
  }]
}'



Printing Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.mcxprinting"
print_footer
Boolean
Print page footer (user name and date). Default=false.
require_admin_to_add_printer
Boolean
Blocks users from modifying the printer list. Default=false.
allow_local_printers
Boolean
Allow printers that connect directly to user's computer. Default=true.
show_only_managed_printers
Boolean
Only show managed printers. Default=false.
require_admin_to_print_locally
Boolean
Require an administrator password. Default=false.
print_mac_address
Boolean
Include MAC address in page footer. Default=false. Use if print_footer is set to true.
footer_font_size
Number
Footer font size. Default=7. Use if print_footer is set to true.
footer_font_name
String
Footer font name. Use if print_footer is set to true. Possible values are: "Helvetica", "Courier", "Lucida Grande", "Times".
user_printer_list
List of Printer Object
Refer to Printer Object
default_printer
Printer Object
Refer to Printer Object


Printer Object
Parameter
Type
Description
location
String
If you mouse-hover over the printer name, this will be displayed for it’s location.
display_name
String
This is the name that is displayed to the user and what shows up in the print dialog.
ppd_url
String
Url of the PPD file.
model
String
This must exactly match the PPD information. 99% of the time it is the model of the printer as shown in the Print & Fax System Preferences dialog. If that name doesn’t work, you’ll have to open up the PPD and take a look.
printer_locked
String
This printer requires administrator password. Default=false
device_uri
Boolean
This is the URL that is used to connect to the print server for that printer.


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.mcxprinting",
    "print_footer": true,
    "require_admin_to_add_printer": true,
    "allow_local_printers": false,
    "show_only_managed_printers": true,
    "require_admin_to_print_locally": true,
    "print_mac_address": true,
    "footer_font_size": 8,
    "footer_font_name": "Times",
    "user_printer_list": [{
      "location": "office",
      "display_name": "Office Printer",
      "ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
      "model": "DCP-7065DN CUPS",
      "printer_locked": true,
      "device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
    }],
    "default_printer":{
      "location": "office",
      "display_name": "Office Printer",
      "ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
      "model": "DCP-7065DN CUPS",
      "printer_locked": true,
      "device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
    }
  }]
}'



Wifi Payload
Parameter
Type
Description
payload_type
String
This field's value should always be "com.apple.wifi.managed"
ssid_str
String
SSID of the Wi-Fi network to be used.
encryption_type
String
The possible values are WEP, WPA,Any, and None. WPA corresponds to WPA and WPA2 and applies to both encryption types. Make sure that these values exactly match the capabilities of the network access point. If you're unsure about the encryption type, or would prefer that it apply to all encryption types, use the value Any.
password
String
Optional. The absence of a password does not prevent a network from being added to the list of known networks. The user is eventually prompted to provide the password when connecting to that network.
mcc_and_mncs
List of Strings
Optional. List of Mobile Country Code (MCC)/Mobile Network Code (MNC) pairs used for Wi-Fi Hotspot 2.0 negotiation. Each string must contain exactly six digits.
auto_join
Boolean
If true, the network is auto-joined. If false, the user has to tap the network name to join it. Default=true
proxy_port
Number
The proxy server's port. Use if proxy_type="Manual" or if proxy_type="Auto".
proxy_pac_fallback_allowed
Boolean
Optional. If false, prevents the device from connecting directly to the destination if the PAC file is unreachable.Use if proxy_type="Manual" or if proxy_type="Auto". Default=-1.
proxy_password
String
Optional. The username used to authenticate to the proxy server. Use if proxy_type="Manual" or if proxy_type="Auto". Default=false
nai_realm_names
List of Strings
Optional. List of Roaming Consortium Organization Identifiers used for Wi-Fi Hotspot 2.0 negotiation.
proxy_username
String
Optional. The username used to authenticate to the proxy server. Use if proxy_type="Manual" or if proxy_type="Auto".
is_hotspot
Boolean
If true, the network is treated as a hotspot. Default=false
proxy_type
String
Valid values are None, Manual, and Auto.
roaming_consortium_ois
List of Strings
Optional. List of Roaming Consortium Organization Identifiers used for Wi-Fi Hotspot 2.0 negotiation.
service_provider_roaming_enabled
Boolean
If true, allows connection to roaming service providers. Default=true

proxy_server
String
The proxy server's network address. Use if proxy_type="Manual" or if proxy_type="Auto".
hidden_network
Boolean
Besides SSID, the device uses information such as broadcast type and encryption type to differentiate a network. By default (false), it is assumed that all configured networks are open or broadcast. To specify a hidden network, must be true. Default=false
proxy_pac_url
String
Optional. The URL of the PAC file that defines the proxy configuration.Use if proxy_type="Manual" or if proxy_type="Auto".


Example:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "com.apple.wifi.managed",
    "ssid_str": "Office Wifi 5G",
    "encryption_type":"WPA",
    "password": "$u9er$Ecre79@$s30rd",
    "auto_join": false,
    "proxy_port": 80,
    "proxy_pac_fallback_allowed": true,
    "proxy_password": "07h3r$u9er$Ecre79@$s30rd",
    "proxy_username": "johndoe",
    "is_hotspot": true,
    "proxy_type": "Manual",
    "service_provider_roaming_enabled": false,
    "proxy_server": "proxy.server.com",
    "hidden_network": true
  }]
}'


Example with multiple payloads:

curl -X POST \
  'https://{realm}.addigy.com/api/profiles?client_id={client_id}&client_secret={client_secret}' \
  -H 'content-type: application/json' \
  -d '{
  "name": "Sample Profile",
  "payloads": [{
    "payload_type": "dns",
    "domains":[{
            "ip": "127.0.0.1",
            "domain": "www.twitter.com"
    }]
  },{
    "payload_type": "users",
    "users":[{
      "username": "sampleuser",
      "full_name": "Sample User",
      "password": "S@mpl39@$sw0rd",
      "is_admin": true
    }]
  },{
    "payload_type": "firewall",
    "firewall_on": true,
    "block_all": false,
    "stealth_mode": false,
    "allow_signed": true,
    "trusted": [
      "/Applications/App Store.app"
    ]
  },{
    "payload_type": "com.apple.MCX",
    "power_adapter_options" : {
      "sleep_on_power_button" : false,
      "display_sleep_timer" : 0,
      "wake_on_lan" : true,
      "disk_sleep_timer_boolean" : true,
      "automatic_restart_on_power_loss" : false,
      "system_sleep_timer" : 0
    },
    "desktop_options" : {
      "sleep_on_power_button" : true,
      "display_sleep_timer" : 5,
      "wake_on_lan" : true,
      "disk_sleep_timer_boolean" : true,
      "automatic_restart_on_power_loss" : false,
      "system_sleep_timer" : 10
    },
    "battery_options" : {
      "sleep_on_power_button" : false,
      "display_sleep_timer" : 5,
      "wake_on_lan" : true,
      "disk_sleep_timer_boolean" : true,
      "automatic_restart_on_power_loss" : false,
      "system_sleep_timer" : 10
    }
  },{
    "payload_type": "com.apple.loginwindow",
    "login_window_text": "Welcome, hope you are having a great day!"
  },{
    "payload_type": "com.apple.systempolicy.managed",
    "disable_override": true
  },{
    "payload_type": "com.apple.systempolicy.control",
    "allow_identified_developers": false,
    "enable_assessment": true
  },{
    "payload_type": "com.apple.preference.security",
    "allow_password_reset_ui": false
  },{
    "payload_type": "com.apple.screensaver",
    "ask_for_password": true,
    "ask_for_password_delay": 10
  },{
    "payload_type": "com.apple.MCX.TimeMachine",
    "backup_dest_url": "afp://server.example.com/backups/",
    "backup_all_volumes": true,
    "backup_skip_sys": false,
    "auto_backup": true,
    "backup_size_mb": 102400,
    "skip_paths": [
      "/tmp/"
    ],
    "mobile_backups": true
  },{
    "payload_type": "com.apple.mcxprinting",
    "print_footer": true,
    "require_admin_to_add_printer": true,
    "allow_local_printers": false,
    "show_only_managed_printers": true,
    "require_admin_to_print_locally": true,
    "print_mac_address": true,
    "footer_font_size": 8,
    "footer_font_name": "Times",
    "user_printer_list": [{
      "location": "office",
      "display_name": "Office Printer",
      "ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
      "model": "DCP-7065DN CUPS",
      "printer_locked": true,
      "device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
    }],
    "default_printer":{
      "location": "office",
      "display_name": "Office Printer",
      "ppd_url": "file://localhost/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Resources/Generic.ppd",
      "model": "DCP-7065DN CUPS",
      "printer_locked": true,
      "device_uri": "dnssd://Brother%20MFC-L2740DW%20series._ipp._tcp.local"
    }
  },{
    "payload_type": "com.apple.wifi.managed",
    "ssid_str": "Office Wifi 5G",
    "encryption_type":"WPA",
    "password": "$u9er$Ecre79@$s30rd",
    "auto_join": false,
    "proxy_port": 80,
    "proxy_pac_fallback_allowed": true,
    "proxy_password": "07h3r$u9er$Ecre79@$s30rd",
    "proxy_username": "johndoe",
    "is_hotspot": true,
    "proxy_type": "Manual",
    "service_provider_roaming_enabled": false,
    "proxy_server": "proxy.server.com",
    "hidden_network": true
  }]
}'