Hi, I am trying to enable declarative management on my device ( it is already enrolled as a sharedIpad with DEP). When sendind the command, the device's response contains an error. It is not acknowledged. Either on the device channel or on the user channel. The device channel returns : 'ErrorChain': [{'ErrorCode': 4, 'ErrorDomain': 'RMErrorDomain', 'LocalizedDescription': 'Feature Disabled: Device Channel.'}], 'Status': 'Error', and the user channel returns : 'ErrorChain': [{'ErrorCode': 12021, 'ErrorDomain': 'MDMErrorDomain', 'LocalizedDescription': '“DeclarativeManagement” is not a valid request type.', 'USEnglishDescription': '“DeclarativeManagement” is not a valid request type.'}], 'Status': 'Error', Does DEP device support declarative management? Thanks.

Is there a way to check in code if a device is under Mobile Device Management? We want to show the users a different screen in the app if it is under device management. This is primarily for devices under Apple School Manager or something similar

We are facing issue SSO from some days its was working fine few days before. In apple devices, we are facing issue that once user enters the username and password, it is asking again when user logs in. All things were fine no changes in system only thing, this issue started happening for may be iOS 16 updated. We have implemented SSO using Microsoft AD. Things working for all other OS (Windows, Android) except iOS.

Is there a way to check if DDM(Declarative Device Management) is enabled on a device?

The same problem encountered with iOS 17 beta 1 and beta 2 is back: Unable to create a secure connection to the server ("bad certificate format" -9,808).

My application supports Custom URL Schema which is used to perform an open operation. My application is used as a helper app for MDM, hence it will be installed as a Managed Application. I want only the other Managed Applications to be able to invoke the Custom URL Schema and not allow it for unmanaged applications. Is there any such provision provided by Apple MDM protocol?

I implemented parents to manage their children's apps with FamilyActivityPicker. Then, is there way to get child’s app list without FamilyActivityPicker?

We want to set key-value pair (installation_token: xxxxx) into an app installed by MDM. Formerly we could set the key-value using Settings MDM command like this. <dict> <key>Command</key> <dict> <key>RequestType</key> <string>Settings</string> <key>Settings</key> <array> <dict> <key>Configuration</key> <dict> <key>installation_token</key> <string>xxxxxxx</string> </dict> <key>Identifier</key> <string>com.cloudflare.cloudflareoneagent</string> <key>Item</key> <string>ApplicationConfiguration</string> </dict> </array> </dict> We can still use this for the apps installed withInstallApplication MDM command, however we cannot apply this configuration into the app using Declarative Device Management. When we try it, we got an error like this. <dict> <key>CommandUUID</key> <string>.............</string> <key>Settings</key> <array> <dict> <key>ErrorChain</key> <array> <dict> <key>ErrorCode</key> <integer>12008</integer> <key>ErrorDomain</key> <string>MDMErrorDomain</string> <key>LocalizedDescription</key> <string>Could not modify apps managed by Declarative Device Management.</string> <key>USEnglishDescription</key> <string>Could not modify apps managed by Declarative Device Management.</string> </dict> </array> <key>Identifier</key> <string>com.cloudflare.cloudflareoneagent</string> <key>Item</key> <string>ApplicationConfiguration</string> <key>Status</key> <string>Error</string> </dict> </array> How can we work with managed application configuration with DDM?

Hello, We are trying to use the Managed App Distribution framework with our mdm following the documentation here : https://developer.apple.com/documentation/managedappdistribution But on the first load we don't get anything, the app keep getting stuck inside the following code without sending an error or getting the managed apps for try await result in ManagedAppLibrary.currentDistributor.availableApps { content = try result.get().map(Content.managedApp) } If we update the list of available managed apps in our mdm, the function execute and so we have all the apps displayed as expected, but if we close and re-open the app it'll again not display anything until we update the managed apps list. How can we fetched our managed apps at anytime and not only when the list is updated ? Why this method seems to be waiting for an update instead of just fetching the available managed apps when we call it ?

I am checking the behavior of the Contact settings, but the controls are not working with respect to the Communication Service Rules. Please let me know the following Is it possible to change the default calling app on a Japanese iPhone? If possible, does the control of the Contact settings in the configuration profile work?

Hi, We made a MDM Capability request a few months ago and still haven't heard back. Is there a way to check what the status of the request is? Thanks, Dave

Hi Apple Team , We have a. Bunch of macOS devices in our Fleet Which has MDM Passcode Payload Applied. We have observed a huge delay in unlocking the user account at login Screen after the Credentials are presented, Where as Removing the Passcode Payload makes the User to unlock their account at login Screen Immediately. Can someone help with this issue any OS Updates helps this ? Have Filed a FeedBack: FB15143190 (MDM Passcode Payload Causing Delay In Device Unlock) Also there is a Discussion reg this Passode Policy Issue

I integrated the Apple in app SDK, but when using SK Products Request to obtain the product ID, it was empty and invalid. I checked the app backend status and product status, and they are both normal. What's going on? I hope to receive an effective answer and solution as soon as possible. Thank you very much!

I was checking the operation of items that are now available on devices with iOS 18 or later, but when I distribute to Shared iPad devices, the following 3 items are not installed on the device and cannot be controlled. allowiPhoneMirroring allowPersonalizedHandwritingResults allowWritingTools Please let us know the following. Are the above 3 items available on Shared iPad? If so, please tell us how to solve the problem that the items are not installed on the Shared iPad device and the control does not work. The specifications of the device used are as follows OS : iOS18.1 beta3 Model : iPad Air 13-inch(M2)

I am trying to use Apple Intelligence on a shared iPad. I cannot use Apple Intelligence even though I have registered my Apple Acount. Apple Intelligence does not appear in the device settings. Please tell me the following Can I use Apple Intelligence on my Shared iPad device? If so, is it an expected behavior that Apple Intelligence settings are not displayed on the Shared iPad device? The specifications of the devices used are as follows OS: iPadOS 18.1 beta3 Model: iPad Air-13inch(M2)

On the "What's new for enterprise in iOS 18" page here: https://support.apple.com/en-am/121158, one of the new features mentioned is: "On supervised devices, organizations can disable a user’s ability to hide and lock apps." Despite reviewing the developer documentation surrounding device management (https://developer.apple.com/documentation/devicemanagement), as well as going through the latest changes to schema definitions (https://github.com/apple/device-management), I have been unable to find a restriction that corresponds to this functionality. This is a feature that I'd like to implement, has anyone found any details about this restriction and what key may need to be inserted in the restrictions payload to use it?

New Local Network Privacy Setting has been added in Privacy &amp;amp; Security Section of system Settings. I just want to know if this permission be managed through MDM mobileconfig profile. Let me know if any suggestions are there, in respect to this.

I was able to successfully pass a PAT token challenge with my iPhone in iOS 18. However, after installing a corporate profile via Google Device Policy, it no longer passes the challenge. Is this expected? I.e. does Apple consider a device with a profile to be less secure than one without it?

I am currently working on a Visual Basic .NET project and aim to integrate an internal application with the Apple Business Manager API to access DEP (Device Enrollment Program) device data. Specifically, I would like to request any guidance on the following aspects: Generating a Valid Access Token: I am aware that JSON tokens are required to interact with the API, but I am unsure of the correct procedure to create a valid token for accessing the Apple Business Manager data. How to set permissions for accessing DEP Device Data: What steps do I need to follow to obtain the necessary permissions to read DEP device data from Apple Buiness Manager? Are there specific configurations or approval processes that need to be completed within Apple Developer Account oder Apple Business Manager account (which both uses same Apple ID)? API Endpoints and Documentation to access Business Manager by API: Could you please point me to the relevant APIs and endpoints for interacting with the DEP data? Which web requests to send where? Any documentation that outlines the API structure fur Business Manager access and how and where to obtain access tokens for it. Thanks for any assistance as I stuck here since it is ma first project accessing Apple APIs.

With iPhone 16, there is Camera Control page when setting up a phone. In https://developer.apple.com/documentation/devicemanagement/skipkeys?language=objc, there is listed skip keys for different setup pages, but there is no mention of Camera Control. Is there skip key for Camera Control? If there is, what is it?