title: YAML MDM and Declarative Device Management Schema type: object additionalProperties: false required: - title properties: title: type: string description: Title for this schema object. description: type: string description: Description of this schema object. payload: type: object description: Overall properties of the payload. additionalProperties: false properties: payloadtype: type: string description: Type of the profile payload. requesttype: type: string description: Type of the MDM command. declarationtype: type: string description: Type of the declaration payload. statusitemtype: type: string description: Type of the status payload. credentialtype: type: string description: Type of the credential asset data. supportedOS: &supportedOS type: object description: Identifies the range of supported OS versions that support the entire payload. additionalProperties: false properties: iOS: &supportedOSItem type: object description: Supported range on this OS. additionalProperties: false properties: introduced: type: string description: OS version where feature was introduced. deprecated: type: string description: OS version where feature was deprecated. removed: type: string description: OS version where feature was removed. accessrights: type: string description: The MDM protocol access rights required on the device to execute the command. multiple: type: boolean description: Indicates whether multiple copies of the payload can be installed devicechannel: type: boolean description: Indicates whether the command or profile is supported on the device channel. If this key is present it overrides the the `devicechannel` key in the top-level payload !!(payload) key. userchannel: type: boolean description: indicates whether the command or profile is supported on the user channel. If this key is present it overrides the the `userchannel` key in the top-level payload !!(payload) key. supervised: type: boolean description: Indicates whether the command or profile can only be executed on supervised devices. If this key is present it overrides the the `supervised` key in the top-level payload !!(payload) key. requiresdep: type: boolean description: If True, the command can only be executed on devices provisioned in DEP. userapprovedmdm: type: boolean description: If True, the command can only be executed on devices with user-approved MDM enrollment. allowmanualinstall: type: boolean description: If True, the profile can be installed manually by a user on the device. allowed-enrollments: type: array description: Array of allowed enrollment types. items: type: string enum: - supervised - device - user - local allowed-scopes: type: array description: Array of allowed scopes. items: type: string enum: - system - user sharedipad: type: object description: Additional behavior specific to shared iPad devices. additionalProperties: false properties: mode: type: string description: Indicates whether a payload or payload key can used with or without shared iPad in effect. If set to 'allowed', then the payload or payload key can be used both with or without shared iPad in effect. If set to 'required', then the payload or payload key can only be used if shared iPad is in effect. If set to 'forbidden', then the payload or payload key cannot be used if shared iPad is in effect. If set to 'ignored', then the payload or payload key can be used, but is ignored if shared iPad is in effect. enum: - allowed - required - forbidden - ignored default: allowed devicechannel: type: boolean description: Defines if the payload can be installed on the device MDM channel. userchannel: type: boolean description: Defines if the payload can be installed on the user MDM channel. allowed-scopes: type: array description: Array of allowed scopes. items: type: string enum: - system - user - local userenrollment: type: object description: Additional behavior when user enrollment is in effect. If this key is not present, then the corresponding payload or payload key can be used both with or without user enrollment in effect, without any changes to normal behavior. additionalProperties: false properties: mode: type: string description: Indicates how a payload or payload key can only be used if user enrollment is in effect. If set to 'allowed', then the payload or payload key can be used both with or without user enrollment in effect. If set to 'required', then the payload or payload key can only be used if user enrollment is in effect. If set to 'forbidden', then the payload or payload key cannot be used if user enrollment is in effect. If set to 'ignored', then the payload or payload key can be used, but is ignored if user enrollment is in effect. enum: - allowed - required - forbidden - ignored default: allowed behavior: type: string description: Describes any special behavior for the payload or payload key if user enrollment is in effect. always-skippable: type: boolean description: If true, indicates that the skip key's corresponding Setup pane is always skipped. If false, indicates that the skip key's corresponding Setup pane may be shown, depending on exactly when during the setup flow it occurs. beta: type: boolean description: Indicates that this payload should be considered a beta release for this OS. It may change in an incompatible way prior to final release. macOS: *supportedOSItem tvOS: *supportedOSItem visionOS: *supportedOSItem watchOS: *supportedOSItem apply: type: string description: Indicates how multiple configurations of the same type are applied. If set to 'single', then only one configuration will be applied. If set to 'multiple', then each configuration is applied separately. If set to 'combined', then all configurations are combined into a single effective configuration. enum: - single - multiple - combined beta: type: boolean description: Indicates that this entire payload should be considered a beta release. It may change in an incompatible way prior to final release. content: type: string description: Description of the payload. payloadkeys: &payloadKeys type: array title: payloadkeys description: An array of payload keys. minitems: 1 items: type: object title: payloadkey description: A single payload key. additionalProperties: false required: - key - type properties: key: type: string description: The name of the key. title: type: string description: The title of the key. supportedOS: *supportedOS type: type: string description: The type of key. The value `` may be used to indicate that any of the standard values can be used without any expectation that the value will be validated. enum: - - - - - - - - - subtype: type: string description: Indicates the expected format of the string value of the key, supporting additional validation of the value. enum: - - - assettypes: type: array description: Indicates the set of allowed asset types. items: type: string presence: type: string description: Whether the key is required or optional. enum: - required - optional rangelist: type: array description: List of allowed values for this key. items: type: - string - integer - number range: type: object description: Bounds for the value of this key. additionalProperties: false properties: min: type: - integer - number description: Lower bound. max: type: - integer - number description: Upper bound. default: type: - string - integer - number - boolean description: The default value (if any) for the key. format: type: string description: The format for the value expressed as a regular expression. repetition: type: object description: Cardinality for this value. additionalProperties: false required: - min - max properties: min: type: integer description: Lower bound. max: type: integer description: Upper bound. combinetype: type: string description: |- For a configuration that will be combined, indicates how this key is combined with ones from other configurations. * boolean-or - multiple values are combined using a logical OR operation * boolean-and - multiple values are combined using a logical AND operation * number-min - multiple or values are combined by using the smallest value * number-max - multiple or values are combined by using the largest value * enum-first - multiple values with a rangelist are combined by using the value whose position is first in the range list * enum-last - multiple values with a rangelist are combined by using the value whose position is last in the range list * first - multiple values are combined by using the first value that is processed * array-append - multiple values are combined by concatenating the values in each array into a new array * set-union - multiple values are combined by returning the unique union of all values in each array * set-intersection - multiple values are combined by returning the unique intersection of all values in each array enum: - boolean-or - boolean-and - number-min - number-max - enum-first - enum-last - first - array-append - set-union - set-intersection content: type: string description: Description of the payload key. subkeytype: type: string description: A name that uniquely represents the structured subkey object. This is used when structured subkeys are referenced multiple times. subkeys: *payloadKeys responsekeys: *payloadKeys reasons: type: array description: An array of Remote Management status reason codes. items: type: object description: An Remote Management reason code. additionalProperties: false properties: value: type: string description: The Remote Management reason code. description: type: string description: Description of the Remote Management reason code. details: type: array description: Keys defined in the Details dictionary items: type: object description: Details dictionary keys additionalProperties: false properties: key: type: string description: The name of the dictionary key. description: type: string description: Description of the dictionary item. type: type: string description: The type of the dictionary value. enum: - - - - - - - - - related-status-items: type: array description: An array describing any status items that might be related to a configuration. items: type: object description: An additional note about a payload. A note is written in "markdown" and can be transformed to HTML if needed. additionalProperties: false required: - status-items properties: status-items: type: array description: List of status-item types. items: type: - string note: type: string description: A description of the relationship. notes: type: array description: An array of additional notes about a payload. These are published to the open source repository. items: type: object description: An additional note about a payload. A note is written in "markdown" and can be transformed to HTML if needed. additionalProperties: false required: - title - content properties: title: type: string description: Title for the note. content: type: string description: The note content in "markdown" format.