CalvinBackup/apple_device-management
1
0
Fork 0
mirror of https://github.com/apple/device-management.git synced 2026-02-12 21:03:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b6202ca2fbd31286a52eb160b67a4db7b4fe1f1f
apple_device-management/mdm/profiles/com.apple.applicationaccess.yaml
Cyrus Daboo b6202ca2fb Release_iOS-18-1_macOS-15-1
2024-10-21 14:54:30 -04:00

4187 lines
108 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
title: Restrictions
description: Use this section to define restrictions settings
payload:
payloadtype: com.apple.applicationaccess
supportedOS:
iOS:
introduced: '4.0'
multiple: true
supervised: false
allowmanualinstall: true
sharedipad:
mode: allowed
devicechannel: true
userchannel: true
userenrollment:
mode: allowed
macOS:
introduced: '10.7'
multiple: true
devicechannel: true
userchannel: true
requiresdep: false
userapprovedmdm: false
allowmanualinstall: true
userenrollment:
mode: allowed
tvOS:
introduced: '9.0'
multiple: true
supervised: false
allowmanualinstall: true
visionOS:
introduced: '1.1'
multiple: true
supervised: false
allowmanualinstall: true
userenrollment:
mode: allowed
watchOS:
introduced: '10.0'
multiple: true
supervised: false
allowmanualinstall: true
payloadkeys:
- key: allowAccountModification
supportedOS:
iOS:
introduced: '7.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
supervised: true
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables modification of accounts such as Apple
Accounts and Internet-based accounts such as Mail, Contacts, and Calendar. Available
in iOS 7 and later, macOS 14 and later, and watchOS 10 and later. Requires a supervised
device in iOS and watchOS.
- key: allowActivityContinuation
title: Allow Handoff
supportedOS:
iOS:
introduced: '8.0'
userenrollment:
mode: forbidden
macOS:
introduced: '10.15'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables activity continuation. Available in iOS
8 and later, and macOS 10.15 and later. Support for this restriction on unsupervised
devices and with Managed Apple Accounts is deprecated. In a future release, this
restriction will begin requiring supervision and will apply to personal Apple
Accounts only.
- key: allowAddingGameCenterFriends
title: Allow Adding Game Center Friends
supportedOS:
iOS:
introduced: 4.2.1
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prohibits adding friends to Game Center. Available
in iOS 4.2.1 and later, and macOS 10.13 and later. Requires a supervised device
in iOS 13 and later.
- key: allowAirDrop
supportedOS:
iOS:
introduced: '7.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables AirDrop. Requires a supervised device.
Available in iOS 7 and later, and macOS 10.13 and later.
- key: allowAirPlayIncomingRequests
title: Allow incoming AirPlay requests
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '12.3'
userenrollment:
mode: forbidden
tvOS:
introduced: '10.2'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables incoming AirPlay requests. Available in
macOS 12.3 and later, and tvOS 10.2 and later. Requires a supervised device in
tvOS.
- key: allowAirPrint
title: Allow AirPrint
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables AirPrint. Requires a supervised device.
Available in iOS 11 and later.
- key: allowAirPrintCredentialsStorage
title: Allow storage of AirPrint credentials in Keychain
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables keychain storage of user name and password
for AirPrint. Requires a supervised device. Available in iOS 11 and later.
- key: allowAirPrintiBeaconDiscovery
title: Allow discovery of AirPrint printers using iBeacons
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iBeacon discovery of AirPrint printers,
which prevents spurious AirPrint Bluetooth beacons from phishing for network traffic.
Requires a supervised device. Available in iOS 11 and later.
- key: allowAppCellularDataModification
title: Allow Modifying Cellular Data Usage for Apps Settings
supportedOS:
iOS:
introduced: '7.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables changing settings for cellular data usage
for apps. Requires a supervised device. Available in iOS 7 and later.
- key: allowAppClips
title: Allow App Clips
supportedOS:
iOS:
introduced: '14.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents a user from adding any App Clips, and removes
any existing App Clips on the device. Requires a supervised device. Available
in iOS 14.0 and later.
- key: allowAppInstallation
title: Allow App Installation
supportedOS:
iOS:
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
supervised: true
type: <boolean>
presence: optional
default: true
content: |-
If 'false', the system disables the App Store, and the system removes its icon from the Home screen. Users are unable to install or update their apps. This applies to App Store apps, marketplace apps, and locally installed apps (using Configurator, Xcode, etc).
In iOS 10 and later, MDM commands can override this restriction. Available in iOS 4 and later, and watchOS 10 and later. Requires a supervised device in iOS 13 and later, and watchOS.
- key: allowApplePersonalizedAdvertising
supportedOS:
iOS:
introduced: '14.0'
userenrollment:
mode: forbidden
macOS:
introduced: '12.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system limits Apple personalized advertising. Available
in iOS 14 and later, and macOS 12 and later.
- key: allowAppRemoval
title: Allow App Removal
supportedOS:
iOS:
introduced: 4.2.1
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
supervised: true
type: <boolean>
presence: optional
default: true
content: |-
If 'false', the system disables removal of apps from an iOS device. This applies to App Store apps, marketplace apps, and locally installed apps (using Configurator, Xcode, etc).
Requires a supervised device. Available in iOS 4.2.1 and later, and watchOS 10 and later.
- key: allowAppsToBeHidden
title: Allow Hiding Apps
supportedOS:
iOS:
introduced: '18.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If false, disables the ability for the user to hide apps. It does not affect
the user's ability to leave it in the App Library, while removing it from the
home screen.
- key: allowAppsToBeLocked
title: Allow Locking Apps
supportedOS:
iOS:
introduced: '18.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If false, disables the ability for the user to lock apps. Because hiding
apps also requires locking them, disallowing locking also disallows hiding.
- key: allowARDRemoteManagementModification
title: Allow modifying Remote Management Sharing setting
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modifying the Remote Management Sharing
setting in System Settings. Available in macOS 14 and later.
- key: allowAssistant
title: Allow Siri
supportedOS:
iOS:
introduced: '5.0'
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Siri. Available in iOS 5 and later, and
macOS 14 and later. Also available for user enrollment.
- key: allowAssistantUserGeneratedContent
supportedOS:
iOS:
introduced: '7.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
supervised: true
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents Siri from querying user-generated content
from the web. Requires a supervised device. Available in iOS 7 and later, and
watchOS 10 and later.
- key: allowAssistantWhileLocked
title: Allow Siri While Locked
supportedOS:
iOS:
introduced: '5.1'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Siri when the device is locked. The system
ignores this restriction if the device doesn't have a passcode set. Available
in iOS 5.1 and later. Also available for user enrollment.
- key: allowAutoCorrection
title: Allow Auto Correction
supportedOS:
iOS:
introduced: 8.1.3
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables keyboard autocorrection. Requires a supervised
device. Available in iOS 8.1.3 and later.
- key: allowAutoDim
title: Allow Auto Dim
supportedOS:
iOS:
introduced: '17.4'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', disables auto dim on iPads with OLED displays. Requires a supervised
device in iOS. Available in iOS 17.4 and later.
- key: allowAutomaticAppDownloads
title: Allow Automatic App Downloads
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
supervised: true
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents automatic downloading of apps purchased
on other devices. This setting doesn't affect updates to existing apps. Requires
a supervised device. Available in iOS 9 and later, and watchOS 10 and later.
- key: allowAutomaticScreenSaver
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: n/a
tvOS:
introduced: '15.4'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Apple TV's automatic screen saver. Available
in tvOS 15.4 and later.
- key: allowAutoUnlock
supportedOS:
iOS:
introduced: '14.5'
userenrollment:
mode: forbidden
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disallows auto unlock. Available in macOS 10.12
and later, and iOS 14.5 and later. Support for this restriction on unsupervised
devices is deprecated.
- key: allowBluetoothModification
title: Allow modifying Bluetooth settings
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '13.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modification of Bluetooth settings. Requires
a supervised device. Available in iOS 11 and later, and macOS 13.0 and later.
- key: allowBluetoothSharingModification
title: Allow modifying Bluetooth Sharing setting
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modifying Bluetooth settings in System
Settings. Available in macOS 14 and later.
- key: allowBookstore
title: Allow Bookstore
supportedOS:
iOS:
introduced: '6.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system removes the Book Store tab from the Books app. Requires
a supervised device. Available in iOS 6 and later.
- key: allowBookstoreErotica
title: Allow Bookstore Erotica
supportedOS:
iOS:
introduced: '6.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '11.3'
deprecated: '17.0'
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents the user from downloading Apple Books media
that's tagged as erotica. Available in iOS 6 and later, and tvOS 11.3 and later.
Support for this restriction on unsupervised devices is deprecated.
- key: allowCallRecording
title: Allow Call Recording
supportedOS:
iOS:
introduced: '18.1'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If false, call recording is disabled.
- key: allowCamera
title: Allow Camera Use
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: '10.11'
userenrollment:
mode: forbidden
tvOS:
introduced: '17.0'
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the camera and removes its icon from the
Home screen, and users are unable to take photographs. Available in iOS 4 and
later, macOS 10.11 and later, and tvOS 17 and later. Support for this restriction
on unsupervised devices is deprecated.
- key: allowCellularPlanModification
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents users from changing settings related to
their cellular plan (only available on select carriers). Requires a supervised
device. Available in iOS 11 and later.
- key: allowChat
title: Allow use of iMessage
supportedOS:
iOS:
introduced: '5.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the use of iMessage with supervised devices.
If the device supports text messaging, the user can still send and receive text
messages. Requires a supervised device. Available in iOS 5 and later.
- key: allowCloudAddressBook
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Address Book services. Available
in macOS 10.12 and later.
- key: allowCloudBackup
title: Allow iCloud Backup
supportedOS:
iOS:
introduced: '5.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables backing up the device to iCloud. Available
in iOS 5 and later. Support for this restriction on unsupervised devices is deprecated.
- key: allowCloudBookmarks
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Bookmark sync. Available in macOS
10.12 and later.
- key: allowCloudCalendar
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Calendar services. Available in
macOS 10.12 and later.
- key: allowCloudDesktopAndDocuments
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: 10.12.4
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Desktop and Document services. Available
in macOS 10.12.4 and later.
- key: allowCloudDocumentSync
title: Allow iCloud Document Sync
supportedOS:
iOS:
introduced: '5.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: '10.11'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables document and key-value syncing to iCloud.
Available in iOS 5 and later, and macOS 10.11 and later. Requires a supervised
device in iOS 13 and later, and Shared iPad doesn't support it. Support for this
restriction on unsupervised devices and with Managed Apple Accounts is deprecated.
- key: allowCloudFreeform
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disallows iCloud Freeform services. Available in
macOS 14 and later.
- key: allowCloudKeychainSync
supportedOS:
iOS:
introduced: '7.0'
userenrollment:
mode: forbidden
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud keychain synchronization. Available
in iOS 7 and later, and macOS 10.12 and later. Support for this restriction on
unsupervised devices and with Managed Apple Accounts is deprecated.
- key: allowCloudMail
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Mail services. Available in macOS
10.12 and later.
- key: allowCloudNotes
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Notes services. Available in macOS
10.12 and later.
- key: allowCloudPhotoLibrary
title: Allow iCloud Photo Library
supportedOS:
iOS:
introduced: '9.0'
userenrollment:
mode: forbidden
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Photo Library. The system removes
any photos from local storage that aren't fully downloaded from iCloud Photo Library
to the device. Available in iOS 9 and later, and macOS 10.12 and later. Support
for this restriction on unsupervised devices and with Managed Apple Accounts is
deprecated.
- key: allowCloudPrivateRelay
supportedOS:
iOS:
introduced: '15.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '12.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Private Relay. Available in iOS
15 and later, and in macOS 12 and later. Requires a supervised device in iOS.
Support for this restriction on unsupervised devices and with Managed Apple Accounts
is deprecated.
- key: allowCloudReminders
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iCloud Reminder services. Available in
macOS 10.12 and later.
- key: allowContentCaching
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.13'
userchannel: false
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables content caching. Available in macOS 10.13
and later.
- key: allowContinuousPathKeyboard
title: Allow Continuous Path Keyboard
supportedOS:
iOS:
introduced: '13.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables QuickPath keyboard. Requires a supervised
device. Available in iOS 13 and later.
- key: allowDefinitionLookup
title: Allow Define
supportedOS:
iOS:
introduced: 8.1.3
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.11'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables definition lookup. Available in iOS 8.1.3
and later, and macOS 10.11 and later. Requires a supervised device on iOS.
- key: allowDeviceNameModification
title: Allow Modifying Device Name
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: '11.0'
supervised: true
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents the user from changing the device name.
Available in iOS 9 and later, macOS 14 and later, and tvOS 11.0 and later. Requires
a supervised device in iOS and tvOS.
- key: allowDeviceSleep
title: Allow Device Sleep
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: n/a
tvOS:
introduced: '13.0'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents the device from automatically sleeping.
Requires a supervised device. Available in tvOS 13 and later.
- key: allowDiagnosticSubmission
title: Allow diagnostic submission
supportedOS:
iOS:
introduced: '6.0'
macOS:
introduced: '10.13'
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents the device from automatically submitting
diagnostic reports to Apple. Available in iOS 6 and later, and macOS 10.13 and
later. Also available for user enrollment.
- key: allowDiagnosticSubmissionModification
title: Allow modifying diagnostics settings
supportedOS:
iOS:
introduced: 9.3.2
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables changing the diagnostic submission and
app analytics settings in the Diagnostics & Usage UI in Settings. Requires a supervised
device. Available in iOS 9.3.2 and later.
- key: allowDictation
title: Allow dictation
supportedOS:
iOS:
introduced: '10.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disallows dictation input. Available in iOS 10.3
and later, and macOS 10.13 and later. Requires a supervised device in iOS.
- key: allowEnablingRestrictions
title: Allow Configuring Restrictions or ScreenTime
supportedOS:
iOS:
introduced: '8.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the Enable Restrictions option in the Restrictions
UI in Settings. If 'false' in iOS 12 and later, the system disables the Enable
ScreenTime option in the ScreenTime UI in Settings and disables ScreenTime if
already enabled. Requires a supervised device. Available in iOS 8 and later.
- key: allowEnterpriseAppTrust
title: Allow Trusting Enterprise Apps
supportedOS:
iOS:
introduced: '9.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system removes the Trust Developer button in Settings >
General > VPN & Device Management, which prevents provisioning apps by universal
provisioning profiles. This restriction applies to both free developer accounts
and enterprise app developers that are not implicitly trusted by apps installed
through MDM. This restriction does not revoke previously granted trust. Available
in iOS 9 and later.
- key: allowEnterpriseBookBackup
title: Allow Enterprise Books Backup
supportedOS:
iOS:
introduced: '8.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables backup of Enterprise books. Available in
iOS 8 and later. Also available for user enrollment.
- key: allowEnterpriseBookMetadataSync
title: Allow Enterprise Books Notes and Highlights Sync
supportedOS:
iOS:
introduced: '8.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables sync of Enterprise books, notes, and highlights.
Available in iOS 8 and later. Also available for user enrollment.
- key: allowEraseContentAndSettings
title: Allow Erase All Content and Settings
supportedOS:
iOS:
introduced: '8.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '12.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the Erase All Content and Settings option
in the Reset UI. Available in iOS 8 and later, and macOS 12 and later. Requires
a supervised device in iOS.
- key: allowESIMModification
title: Allow eSIM Modification
supportedOS:
iOS:
introduced: '12.1'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables modifications of eSIMs. Requires a supervised
device. Available in iOS 12.1 and later.
- key: allowESIMOutgoingTransfers
title: Allow eSIM Outgoing Transfers
supportedOS:
iOS:
introduced: '18.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', prevents the transfer of an eSIM from the device on which the
restriction is installed to a different device. Requires a supervised device.
Available in iOS 18 and later.
- key: allowExplicitContent
title: Allow Explicit Content
supportedOS:
iOS:
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '11.3'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system hides explicit music or video content purchased
from the iTunes Store. The system marks explicit content as such by content providers,
such as record labels, when sold through the iTunes Store. Available in iOS 4
and later, and tvOS 11.3 and later. Requires a supervised device in iOS 13 and
later. Support for this restriction on unsupervised devices is deprecated.
- key: allowFileSharingModification
title: Allow modifying File Sharing setting
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modifying File Sharing setting in System
Settings. Available in macOS 14 and later.
- key: allowFilesNetworkDriveAccess
supportedOS:
iOS:
introduced: '13.1'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents connecting to network drives in the Files
app. Requires a supervised device. Available in iOS 13.1 and later.
- key: allowFilesUSBDriveAccess
supportedOS:
iOS:
introduced: '13.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents connecting to any connected USB devices
in the Files app. Requires a supervised device. Available in iOS 13.1 and later.
- key: allowFindMyDevice
supportedOS:
iOS:
introduced: '13.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.15'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Find My Device in the Find My app. Requires
a supervised device. Available in iOS 13 and later, and macOS 10.15 and later.
- key: allowFindMyFriends
supportedOS:
iOS:
introduced: '13.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.15'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Find My Friends in the Find My app. Requires
a supervised device. Available in iOS 13 and later, and macOS 10.15 and later.
- key: allowFindMyFriendsModification
supportedOS:
iOS:
introduced: '7.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables changes to Find My Friends. Requires a
supervised device. Available in iOS 7 and later.
- key: allowFingerprintForUnlock
title: Allow Touch ID to Unlock Device
supportedOS:
iOS:
introduced: '7.0'
userenrollment:
mode: forbidden
macOS:
introduced: 10.12.4
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents Touch ID or Face ID from unlocking a device.
Available in iOS 7 and later, and macOS 10.12.4 and later. Support for this restriction
on unsupervised devices is deprecated.
- key: allowFingerprintModification
title: Allow Modifying Touch ID Fingerprints
supportedOS:
iOS:
introduced: '8.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents the user from modifying Touch ID or Face
ID. Available in iOS 8.3 and later, and macOS 14 and later. Requires a supervised
device in iOS.
- key: allowGameCenter
title: Allow Game Center
supportedOS:
iOS:
introduced: '6.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Game Center, and the system removes its
icon from the Home screen. Available in iOS 6 and later, and macOS 10.13 and later.
Requires a supervised device in iOS.
- key: allowGenmoji
title: Allow Genmoji
supportedOS:
iOS:
introduced: '18.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: '15.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', prohibits creating new Genmoji. Requires a supervised device.
Available in iOS 18 and later.
- key: allowGlobalBackgroundFetchWhenRoaming
title: Allow Automatic Sync While Roaming
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables global background fetch activity when an
iOS phone is roaming. Available in iOS 4 and later. Support for this restriction
on unsupervised devices is deprecated.
- key: allowHostPairing
supportedOS:
iOS:
introduced: '7.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables host pairing with the exception of the
supervision host. If there's no configured supervision host certificate, the system
disables all pairing. Host pairing lets the administrator control if an iOS device
can pair with a host Mac or PC. Requires a supervised device. Available in iOS
7 and later.
- key: allowImagePlayground
title: Allow Image Playground
supportedOS:
iOS:
introduced: '18.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: '15.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', prohibits the use of image generation. Requires a supervised
device. Available in iOS 18 and later and macOS 15 and later.
- key: allowImageWand
title: Allow Image Wand
supportedOS:
iOS:
introduced: '18.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', prohibits the use of Image Wand. Requires a supervised device.
Available in iOS 18 and later.
- key: allowInAppPurchases
title: Allow In App Purchases
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prohibits in-app purchasing. Available in iOS 4
and later. Support for this restriction on unsupervised devices is deprecated.
- key: allowInternetSharingModification
title: Allow modifying Internet Sharing setting
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modifying the Internet Sharing setting
in System Settings. Available in macOS 14 and later.
- key: allowiPhoneMirroring
title: Allow iPhone mirroring
supportedOS:
iOS:
introduced: '18.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: '15.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', prohibits the use of iPhone Mirroring. When used on macOS,
this prevents the Mac from mirroring any iPhone. When used on iOS, this prevents
the iPhone from mirroring to any Mac. Requires a supervised device. Available
in iOS 18 and later and macOS 15 and later.
- key: allowiPhoneWidgetsOnMac
title: Allow iPhone widget on Mac
supportedOS:
iOS:
introduced: '17.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disallows iPhone widgets on a Mac that has signed
in the same Apple Account for iCloud. Requires a supervised device. Available
on iOS 17 and later.
- key: allowiTunes
title: Allow use of iTunes
supportedOS:
iOS:
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the iTunes Music Store, and the system
removes its icon from the Home screen. Users can't preview, purchase, or download
content. Available in iOS 4 and later. Requires a supervised device in iOS 13
and later.
- key: allowiTunesFileSharing
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables iTunes file sharing services. Available
in macOS 10.13 and later.
- key: allowKeyboardShortcuts
title: Allow Keyboard Shortcuts
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables keyboard shortcuts. Requires a supervised
device. Available in iOS 9 and later.
- key: allowListedAppBundleIDs
title: Allow Listed Apps
supportedOS:
iOS:
introduced: '15.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '15.0'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <array>
presence: optional
content: |-
If present, the system only shows or can launch apps with bundle IDs in the array. Include the value 'com.apple.webapp' to allow all webclips. This applies to App Store apps, marketplace apps, and locally installed apps (using Configurator, Xcode, etc).
Requires a supervised device. Available in iOS 15 and later, and tvOS 15 and later.
subkeys:
- key: appAllowlistedBundleID
title: Allow Listed App
type: <string>
- key: allowLiveVoicemail
title: Allow Live Voicemail
supportedOS:
iOS:
introduced: '17.2'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: |-
If 'false', the system disables live voicemail on the device.
Requires a supervised device. Available in iOS 17.2 and later.
- key: allowLocalUserCreation
title: Allow creating users in System Settings
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents creating new users in System Settings.
Available in macOS 14 and later.
- key: allowLockScreenControlCenter
supportedOS:
iOS:
introduced: '7.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents Control Center from appearing on the Lock
screen. Available in iOS 7 and later. Also available for user enrollment.
- key: allowLockScreenNotificationsView
supportedOS:
iOS:
introduced: '7.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the Notifications history view on the lock
screen, so users can't view past notifications. However, they can still see notifications
when they arrive. Available in iOS 7 and later. Also available for user enrollment.
- key: allowLockScreenTodayView
supportedOS:
iOS:
introduced: '7.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the Today view in Notification Center on
the lock screen. Available in iOS 7 and later. Also available for user enrollment.
- key: allowMailPrivacyProtection
supportedOS:
iOS:
introduced: '15.2'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Mail Privacy Protection on the device.
Requires a supervised device. Available in iOS 15.2 and later.
- key: allowMailSummary
supportedOS:
iOS:
introduced: '18.1'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '15.1'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If false, disables the ability to create summaries of email messages manually.
This does not affect automatic summary generation.
- key: allowManagedAppsCloudSync
title: Allow iCloud Sync for Managed Apps
supportedOS:
iOS:
introduced: '8.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents managed apps from using iCloud sync. Available
in iOS 8 and later. Also available for user enrollment.
- key: allowManagedToWriteUnmanagedContacts
title: Allow managed apps to write to managed contacts accounts
supportedOS:
iOS:
introduced: '12.0'
allowmanualinstall: false
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
allowmanualinstall: false
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: |-
If 'true', the system allows managed apps to write contacts to unmanaged accounts. If 'allowOpenFromManagedToUnmanaged' is 'true', this restriction has no effect. Available in iOS 12 and later.
Use MDM to install profiles that contain this restriction.
- key: allowMarketplaceAppInstallation
title: Allow App Installation from alternative marketplaces
supportedOS:
iOS:
introduced: '17.4'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents installation of alternative marketplace
apps from the web and prevents any installed alternative marketplace apps from
installing apps. Available in iOS 17.4 and later. Requires a supervised device.
- key: allowMediaSharingModification
title: Allow modifying Media Sharing setting
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '15.1'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If false, prevents modification of Media Sharing settings.
- key: allowMultiplayerGaming
title: Allow Multiplayer Gaming
supportedOS:
iOS:
introduced: '4.1'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prohibits multiplayer gaming. Available in iOS 4.1
and later, and macOS 10.13 and later. Requires a supervised device in iOS.
- key: allowMusicService
title: Allow Apple Music
supportedOS:
iOS:
introduced: '9.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.12'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the Music service, and the Music app reverts
to classic mode. Requires a supervised device. Available in iOS 9.3 and later,
and macOS 10.12 and later.
- key: allowNews
title: Allow use of News
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables News. Requires a supervised device. Available
in iOS 9 and later.
- key: allowNFC
supportedOS:
iOS:
introduced: '14.2'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables NFC. Requires a supervised device. Available
in iOS 14.2 and later.
- key: allowNotificationsModification
title: Allow Modifying Notifications Settings
supportedOS:
iOS:
introduced: '9.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables modification of notification settings.
Requires a supervised device. Available in iOS 9.3 and later.
- key: allowOpenFromManagedToUnmanaged
title: Enable allow open from managed to unmanaged
supportedOS:
iOS:
introduced: '7.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', documents in managed apps and accounts only open in other managed
apps and accounts. Available in iOS 7 and later. Also available for user enrollment.
- key: allowOpenFromUnmanagedToManaged
title: Enable allow open from unmanaged to managed
supportedOS:
iOS:
introduced: '7.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', documents in unmanaged apps and accounts only open in other
unmanaged apps and accounts. Available in iOS 7 and later. Also available for
user enrollment.
- key: allowOTAPKIUpdates
supportedOS:
iOS:
introduced: '7.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables over-the-air PKI updates. Setting this
restriction to 'false' doesn't disable CRL and OCSP checks. Available in iOS 7
and later.
- key: allowPairedWatch
title: Allow Pairing With Apple Watch
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables pairing with an Apple Watch, and the system
unpairs any currently paired Apple Watch and erases its content. Requires a supervised
device. Available in iOS 9 and later.
- key: allowPassbookWhileLocked
title: Allow Wallet While Locked
supportedOS:
iOS:
introduced: '6.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system hides Passbook notifications from the lock screen.
Available in iOS 6 and later.
- key: allowPasscodeModification
title: Allow Modifying Passcode
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents adding, changing, or removing the passcode.
The system ignores this restriction on Shared iPad. Available in iOS 9 and later,
and macOS 10.13 and later. Requires a supervised device in iOS.
- key: allowPasswordAutoFill
supportedOS:
iOS:
introduced: '12.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.14'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: |-
If 'false', the system disables:
* The AutoFill Passwords feature in iOS, with Keychain and third-party password managers
* Prompting the user to use a saved password in Safari or in apps
* Automatic strong passwords
* Suggesting strong passwords to users
However, if 'false', the system doesn't prevent AutoFill for contact info and credit cards in Safari.
Available in iOS 12 and later, and macOS 10.14 and later. Requires a supervised device in iOS.
- key: allowPasswordProximityRequests
supportedOS:
iOS:
introduced: '12.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.14'
userenrollment:
mode: forbidden
tvOS:
introduced: '12.0'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables requesting passwords from nearby devices.
Available in iOS 12 and later, macOS 10.14 and later, and tvOS 12 and later. Requires
a supervised device in iOS and tvOS.
- key: allowPasswordSharing
supportedOS:
iOS:
introduced: '12.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.14'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables sharing passwords with the Airdrop Passwords
feature. Available in iOS 12 and later, and macOS 10.14 and later. Requires a
supervised device in iOS.
- key: allowPersonalHotspotModification
title: Allow modifying Personal Hotspot settings
supportedOS:
iOS:
introduced: '12.2'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables modifications of the personal hotspot setting.
Requires a supervised device. Available in iOS 12.2 and later.
- key: allowPersonalizedHandwritingResults
title: Allow personalized handwriting results
supportedOS:
iOS:
introduced: '18.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If false, prevents the system from generating text in the user's handwriting.
Requires a supervised device. Available in iOS 18 and later.
- key: allowPhotoStream
title: Allow Photo Stream
supportedOS:
iOS:
introduced: '5.0'
deprecated: '17.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Photo Stream. Available in iOS 5 and later.
This restriction is deprecated and will be removed in a future release.
- key: allowPodcasts
supportedOS:
iOS:
introduced: '8.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables podcasts. Requires a supervised device.
Available in iOS 8 and later.
- key: allowPredictiveKeyboard
title: Allow Predictive Keyboard
supportedOS:
iOS:
introduced: 8.1.3
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables predictive keyboards. Requires a supervised
device. Available in iOS 8.1.3 and later.
- key: allowPrinterSharingModification
title: Allow modifying Printer Sharing setting
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modifying Printer Sharing settings in System
Settings. Available in macOS 14 and later.
- key: allowProximitySetupToNewDevice
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', disables the prompt to set up new devices that are nearby.
Requires a supervised device. Available in iOS 11 and later.
- key: allowRadioService
title: Allow iTunes Radio
supportedOS:
iOS:
introduced: '9.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Apple Music Radio. Requires a supervised
device. Available in iOS 9.3 and later.
- key: allowRapidSecurityResponseInstallation
title: Allow Rapid Security Response Installation
supportedOS:
iOS:
introduced: '16.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '13.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prohibits installation of rapid security responses.
Available in iOS 16 and later, and macOS 13 and later.
- key: allowRapidSecurityResponseRemoval
title: Allow Rapid Security Response Removal
supportedOS:
iOS:
introduced: '16.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '13.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prohibits removal of rapid security responses. Available
in iOS 16 and later, and macOS 13 and later.
- key: allowRCSMessaging
supportedOS:
iOS:
introduced: '18.1'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If false, prevents the use of RCS messaging.
- key: allowRemoteAppleEventsModification
title: Allow modifying Remote Apple Events Sharing setting
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modifying Remote Apple Events Sharing settings
in System Settings. Available in macOS 14 and later.
- key: allowRemoteAppPairing
title: Allow pairing with Remote app
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: n/a
tvOS:
introduced: '10.2'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables pairing Apple TV for use with the Control
Center widget. Requires a supervised device. Available in tvOS 10.2 and later.
- key: allowRemoteScreenObservation
title: Allow Remote Screen Observation
supportedOS:
iOS:
introduced: '9.3'
macOS:
introduced: 10.14.4
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables remote screen observation by the Classroom
app. Nest this key beneath 'allowScreenShot' as a subrestriction. If 'allowScreenShot'
is 'false', the Classroom app doesn't observe remote screens. Available in iOS
12 and later, and macOS 10.14.4 and later. Requires a supervised device until
iOS 13 and macOS 10.15. Allowed for user enrollments in macOS 12 and later.
- key: allowSafari
title: Allow use of Safari
supportedOS:
iOS:
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the Safari web browser app, and the system
removes its icon from the Home screen. This setting also prevents users from opening
web clips. As of iOS 13, requires a supervised device. Available in iOS 4 and
later.
- key: allowScreenShot
title: Allow Screenshots and Screen Recording
supportedOS:
iOS:
introduced: '3.1'
macOS:
introduced: 10.14.4
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables saving a screenshot of the display and
capturing a screen recording. It also disables the Classroom app from observing
remote screens. Available in iOS 4 and later, and macOS 10.14.4 and later. Also
available for user enrollment.
- key: allowSharedDeviceTemporarySession
supportedOS:
iOS:
introduced: '13.4'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system makes temporary sessions unavailable on Shared iPad.
Available in iOS 13.4 and later.
- key: allowSharedStream
title: Allow Shared Stream
supportedOS:
iOS:
introduced: '6.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Shared Photo Stream. Available in iOS 6
and later. Support for this restriction on unsupervised devices is deprecated.
- key: allowSpellCheck
title: Allow Spell Check
supportedOS:
iOS:
introduced: 8.1.3
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the keyboard spell checker. Requires a
supervised device. Available in iOS 8.1.3 and later.
- key: allowSpotlightInternetResults
title: Allow Siri Suggestions
supportedOS:
iOS:
introduced: '8.0'
userenrollment:
mode: forbidden
macOS:
introduced: '10.11'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Spotlight Internet search results in Siri
Suggestions. Available in iOS 8 and later, and macOS 10.11 and later. Support
for this restriction on unsupervised devices is deprecated.
- key: allowStartupDiskModification
title: Allow modifying Startup Disk settings
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modification of Startup Disk settings in
System Settings. Available in macOS 14 and later.
- key: allowSystemAppRemoval
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the removal of system apps from the device.
Requires a supervised device. Available in iOS 11 and later.
- key: allowTimeMachineBackup
title: Allow modifying Time Machine settings
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '14.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents modification of Time Machine settings in
System Settings. Available in macOS 14 and later.
- key: allowUIAppInstallation
title: Allow App Installation from App Store
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
supervised: true
type: <boolean>
presence: optional
default: true
content: |-
If 'false', the system disables the App Store, and the systems removes its icon from the Home screen. However, users may continue to install or update their apps either locally (via Configurator, Xcode, etc), or using alternative marketplace apps.
In iOS 10 and later, MDM commands can override this restriction. Requires a supervised device. Available in iOS 9 and later, and watchOS 10 and later.
- key: allowUIConfigurationProfileInstallation
title: Allow UI Configuration Profile Installation
supportedOS:
iOS:
introduced: '6.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '13.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prohibits the user from installing configuration
profiles and certificates interactively. Available in iOS 6 and later, and macOS
13 and later. Requires a supervised device in iOS.
- key: allowUniversalControl
title: Allow Universal Control
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '13.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables Universal Control. Available in macOS 13
and later.
- key: allowUnmanagedToReadManagedContacts
title: Allow unmanaged apps to read managed contacts accounts
supportedOS:
iOS:
introduced: '12.0'
allowmanualinstall: false
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
allowmanualinstall: false
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: |-
If 'true', the system allows unmanaged apps to read from managed contacts accounts. If 'allowOpenFromManagedToUnmanaged' is 'true', this restriction has no effect. Available in iOS 12 and later.
Use MDM to install profiles that contain this restriction.
- key: allowUnpairedExternalBootToRecovery
supportedOS:
iOS:
introduced: '14.5'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system allows unpaired devices to boot devices into recovery.
Requires a supervised device. Available in iOS 14.5 and later.
- key: allowUntrustedTLSPrompt
title: Allow user to accept untrusted TLS certificates
supportedOS:
iOS:
introduced: '5.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '1.1'
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system automatically rejects untrusted HTTPS certificates
without prompting the user. Available in iOS 5 and later.
- key: allowUSBRestrictedMode
supportedOS:
iOS:
introduced: 11.4.1
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '13.0'
userchannel: false
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system allows iOS devices to always connect to USB accessories
while locked. On macOS, allows new USB and Thunderbolt accessories and SD cards
to connect without authorization. If the system has Lockdown mode enabled, it
ignores this value. Available in iOS 11.4.1 and later, and macOS 13 and later.
Requires a supervised device in iOS.
- key: allowVideoConferencing
title: Allow Video Conferencing
supportedOS:
iOS:
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system hides the FaceTime app. Available in iOS 4 and later.
Requires a supervised device in iOS 13 and later.
- key: allowVoiceDialing
title: Allow Voice Dialing While Device is Locked
supportedOS:
iOS:
deprecated: '17.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables voice dialing if the device is locked with
a passcode. Available in iOS 4 and later.
- key: allowVPNCreation
title: Allow Adding VPN Configurations (Supervised devices only)
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system disables the creation of VPN configurations. Requires
a supervised device. Available in iOS 11 and later.
- key: allowWallpaperModification
title: Allow Modifying Wallpaper
supportedOS:
iOS:
introduced: '9.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the system prevents changing the wallpaper. Available in iOS
9 and later, and macOS 10.13 and later. Requires a supervised device in iOS.
- key: allowWebDistributionAppInstallation
title: Allow App Installation from web sites
supportedOS:
iOS:
introduced: '17.5'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', the device prevents installation of apps directly from the
web. Available in iOS 17.5 and later.
- key: allowWritingTools
title: Allow writing tools
supportedOS:
iOS:
introduced: '18.0'
supervised: true
sharedipad:
mode: forbidden
userenrollment:
mode: forbidden
macOS:
introduced: '15.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', disables Apple Intelligence writing tools. Requires a supervised
device. Available in iOS 18 and later and macOS 15 and later.
- key: autonomousSingleAppModePermittedAppIDs
supportedOS:
iOS:
introduced: '7.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <array>
presence: optional
content: If present, the system allows apps identified by the bundle IDs listed
in the array to autonomously enter Single App Mode. Requires a supervised device.
Available in iOS 7 and later.
subkeys:
- key: appAutonomousSingleAppModePermittedID
title: Apps allow list for Autonomous Single App Mode
type: <string>
- key: blacklistedAppBundleIDs
title: Blacklisted Apps
supportedOS:
iOS:
introduced: '9.3'
deprecated: '15.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '11.0'
deprecated: '15.0'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <array>
presence: optional
content: Use 'blockedAppBundleIDs' instead.
subkeys:
- key: appBlacklistedBundleID
title: Blacklisted App
type: <string>
- key: blockedAppBundleIDs
title: Blocked Apps
supportedOS:
iOS:
introduced: '15.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '15.0'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <array>
presence: optional
content: |-
If present, the system prevents showing or launching apps with bundle IDs in the array. Include the value 'com.apple.webapp' to restrict all webclips. This applies to App Store apps, marketplace apps, and locally installed apps (using Configurator, Xcode, etc).
Requires a supervised device. Available in iOS 15 and later, and tvOS 15 and later.
Denying system apps may disable other functionality. For example, denying the App Store app may prevent users from accepting the terms and conditions for the user-based Volume Purchase Program (VPP).
subkeys:
- key: appBlockedBundleID
title: Blocked App
type: <string>
- key: enforcedFingerprintTimeout
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '12.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
default: 172800
content: The value, in seconds, after which the fingerprint unlock requires a password
to authenticate. The default value is 48 hours. Available in macOS 12 and later.
- key: enforcedSoftwareUpdateDelay
supportedOS:
iOS:
introduced: '11.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: 10.13.4
userenrollment:
mode: forbidden
tvOS:
introduced: '12.2'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
range:
min: 1
max: 90
default: 30
content: How many days to delay a software update on the device. With this restriction
in place, the user doesn't see a software update until the specified number of
days after the software update release date. The restrictions 'forceDelayedAppSoftwareUpdates'
and 'forceDelayedSoftwareUpdates' use this value. Available in iOS 11.3 and later,
macOS 10.13.4 and later, and tvOS 12.2 and later. Requires a supervised device
in iOS and tvOS.
- key: enforcedSoftwareUpdateMajorOSDeferredInstallDelay
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '11.3'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
range:
min: 1
max: 90
default: 30
content: This restriction allows the administrator to set how many days to delay
a major software upgrade on the device. When this restriction is in place, the
user sees a software upgrade only after the specified delay after the release
of the software upgrade. This value controls the delay for 'forceDelayedMajorSoftwareUpdates'.
Available in macOS 11.3 and later.
- key: enforcedSoftwareUpdateMinorOSDeferredInstallDelay
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '11.3'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
range:
min: 1
max: 90
default: 30
content: This restriction allows the administrator to set how many days to delay
a minor OS software update on the device. When this restriction is in place, the
user see a software update only after the specified delay after the release of
the software update. This value controls the delay for 'forceDelayedSoftwareUpdates'.
Available in macOS 11.3 and later.
- key: enforcedSoftwareUpdateNonOSDeferredInstallDelay
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '11.3'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
range:
min: 1
max: 90
default: 30
content: This restriction allows the administrator to set how many days to delay
an app software update on the device. When this restriction is in place, the user
sees a non-OS software update only after the specified delay after the release
of the software. This value controls the delay for 'forceDelayedAppSoftwareUpdates'.
Available in macOS 11.3 and later.
- key: forceAirDropUnmanaged
title: Treat AirDrop as Unmanaged Destination
supportedOS:
iOS:
introduced: '9.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system considers AirDrop to be an unmanaged drop target.
Available in iOS 9 and later. Also available for user enrollment.
- key: forceAirPlayIncomingRequestsPairingPassword
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system forces all devices sending AirPlay requests to this
device to use a pairing password. Available in tvOS 6.2 and later. This key isn't
supported in tvOS 10.2 and later. Use the AirPlay Security Payload instead.
- key: forceAirPlayOutgoingRequestsPairingPassword
supportedOS:
iOS:
introduced: '7.1'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system forces all devices receiving AirPlay requests from
this device to use a pairing password. Available in iOS 7.1 and later. Also available
for user enrollment.
- key: forceAirPrintTrustedTLSRequirement
title: Disallow AirPrint to destinations with untrusted certificates
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system requires trusted certificates for TLS printing communication.
Requires a supervised device. Available in iOS 11 and later.
- key: forceAssistantProfanityFilter
title: Enable Siri Profanity Filter
supportedOS:
iOS:
introduced: '5.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system forces the use of the profanity filter for Siri and
dictation. Available in iOS 11 and later, and macOS 10.13 and later. Requires
a supervised device in iOS.
- key: forceAuthenticationBeforeAutoFill
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the user needs to authenticate before the system can autofill
passwords or credit card information in Safari and apps. If this restriction isn't
enforced, the user can toggle this feature in Settings. Only supported on devices
with Face ID or Touch ID. Requires a supervised device. Available in iOS 11 and
later.
- key: forceAutomaticDateAndTime
supportedOS:
iOS:
introduced: '12.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '12.2'
supervised: true
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system enables the Set Automatically feature in Date & Time
and the user can't disable it. The system updates the device's time zone only
when the device can determine its location using a cellular connection or Wi-Fi
with location services enabled. Requires a supervised device. Available in iOS
12 and later, and tvOS 12.2 and later.
- key: forceBypassScreenCaptureAlert
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '15.1'
allowmanualinstall: false
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If set to true, then the presentation of a screen capture alert will be
bypassed.
- key: forceClassroomAutomaticallyJoinClasses
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: 10.14.4
supervised: true
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system automatically gives permission to the teacher's requests
without prompting the student. Requires a supervised device. Available in iOS
11 and later, and macOS 10.14.4 and later.
- key: forceClassroomRequestPermissionToLeaveClasses
supportedOS:
iOS:
introduced: '11.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: 10.14.4
supervised: true
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', a student enrolled in an unmanaged course through Classroom
needs to request permission from the teacher to leave the course. Requires a supervised
device. Available in iOS 11.3 and later, and macOS 10.14.4 and later.
- key: forceClassroomUnpromptedAppAndDeviceLock
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: 10.14.4
supervised: true
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system allows the teacher to lock apps or the device without
prompting the student. Requires a supervised device. Available in iOS 11 and later,
and macOS 10.14.4 and later.
- key: forceClassroomUnpromptedScreenObservation
supportedOS:
iOS:
introduced: '11.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: 10.14.4
supervised: true
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true' and 'ScreenObservationPermissionModificationAllowed' is also
'true' in the Education payload, a student enrolled in a managed course through
the Classroom app automatically gives permission to that course teacher's requests
to observe the student's screen without prompting the student. Requires a supervised
device. Available in iOS 11 and later, and macOS 10.14.4 and later.
- key: forceDelayedAppSoftwareUpdates
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '11.0'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system delays user visibility of non-OS software updates.
Requires a supervised device. Control visibility of operating system updates through
'forceDelayedSoftwareUpdates'. The delay is 30 days unless you set 'enforcedSoftwareUpdateDelay'
to another value. Available in macOS 11 and later.
- key: forceDelayedMajorSoftwareUpdates
supportedOS:
iOS:
introduced: n/a
macOS:
introduced: '11.3'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system delays user visibility of major OS updates. Available
in macOS 11.3 and later.
- key: forceDelayedSoftwareUpdates
supportedOS:
iOS:
introduced: '11.3'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: '12.2'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system delays user visibility of software updates. In macOS,
the system allows seed build updates without delay. The delay is 30 days unless
you set 'enforcedSoftwareUpdateDelay' to another value. Available in iOS 11.3
and later, macOS 10.13 and later, and tvOS 12.2 and later. Requires a supervised
device in iOS and tvOS.
- key: forceEncryptedBackup
title: Force Encrypted Backups
supportedOS:
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system encrypts all backups. Available in iOS 4 and later.
Also available for user enrollment.
- key: forceITunesStorePasswordEntry
title: Require iTunes password for all purchases
supportedOS:
iOS:
introduced: '6.0'
deprecated: '17.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system forces the user to enter their iTunes password for
each transaction. Available in iOS 6 and later.
- key: forceLimitAdTracking
supportedOS:
iOS:
introduced: '7.0'
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system limits ad tracking. Additionally, it disables app
tracking and the Allow Apps to Request to Track setting. Available in iOS 7 and
later.
- key: forceOnDeviceOnlyDictation
supportedOS:
iOS:
introduced: '14.5'
macOS:
introduced: '14.0'
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
type: <boolean>
presence: optional
default: false
content: If 'true', the system disables connections to Siri servers for the purposes
of dictation. Available in iOS 14.5 and later, macOS 14 and later, and watchOS
10 and later. Also available for user enrollment.
- key: forceOnDeviceOnlyTranslation
supportedOS:
iOS:
introduced: '15.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the device won't connect to Siri servers for the purposes of
translation. Available in iOS 15 and later. Also available for user enrollment.
- key: forcePreserveESIMOnErase
title: Force Preserve ESIM on Erase
supportedOS:
iOS:
introduced: '17.2'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: |-
If 'true', the system preserves eSIM when it erases the device due to too many failed password attempts or the Erase All Content and Settings option in Settings > General > Reset. Available in iOS 17.2 and later.
The system doesn't preserve eSIM if Find My initiates erasing the device.
- key: forceWatchWristDetection
title: Force Apple Watch Wrist Detection
supportedOS:
iOS:
introduced: '8.2'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system forces a paired Apple Watch to use Wrist Detection.
Available in iOS 8.2 and later. Also available for user enrollment.
- key: forceWiFiPowerOn
title: Disallow Wi-Fi from being turned off
supportedOS:
iOS:
introduced: '13.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system prevents turning off Wi-Fi in Settings or Control
Center, even by entering or leaving Airplane Mode. It doesn't prevent selecting
which Wi-Fi network to use. Requires a supervised device. Available in iOS 13.0
and later.
- key: forceWiFiToAllowedNetworksOnly
supportedOS:
iOS:
introduced: '14.5'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system limits the device to only join Wi-Fi networks set
up through a configuration profile. Requires a supervised device. Available in
iOS 14.5 and later.
- key: forceWiFiWhitelisting
title: Only join Wi-Fi networks installed by profiles
supportedOS:
iOS:
introduced: '10.3'
deprecated: '14.5'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: Use 'forceWiFiToAllowedNetworksOnly' instead.
- key: ratingApps
title: Apps Ranking Number
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '11.3'
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
range:
min: 0
max: 1000
default: 1000
content: |-
The maximum level of app content allowed on the device. Preinstalled (first party) apps ignore this restriction. Available in iOS 4 and later, and tvOS 11.3 and later. Support for this restriction on unsupervised devices is deprecated.
Possible values, with the US description of the rating level:
* '1000': All
* '600': 17+
* '300': 12+
* '200': 9+
* '100': 4+
* '0': None
- key: ratingMovies
title: Movies Ranking Number
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '11.3'
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
range:
min: 0
max: 1000
default: 1000
content: |-
The maximum level of movie content allowed on the device. Available in iOS 4 and later, and tvOS 11.3 and later. Support for this restriction on unsupervised devices is deprecated.
Possible values, with the US description of the rating level:
* '1000': All
* '500': NC-17
* '400': R
* '300': PG-13
* '200': PG
* '100': G
* '0': None
- key: ratingRegion
title: Region Code
supportedOS:
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <string>
presence: optional
rangelist:
- us
- au
- ca
- de
- fr
- ie
- jp
- nz
- gb
content: The two-letter key that profile tools use to display the proper ratings
for the given region. The client doesn't recognize or report this data.
- key: ratingTVShows
title: TV Shows Ranking Number
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '11.3'
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <integer>
presence: optional
range:
min: 0
max: 1000
default: 1000
content: |-
The maximum level of TV content allowed on the device. Available in iOS 4 and later, and tvOS 11.3 and later. Support for this restriction on unsupervised devices is deprecated.
Possible values, with the US description of the rating level:
* '1000': All
* '600': TV-MA
* '500': TV-14
* '400': TV-PG
* '300': TV-G
* '200': TV-Y7
* '100': TV-Y
* '0': None
- key: requireManagedPasteboard
supportedOS:
iOS:
introduced: '15.0'
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', copy and paste functionality is limited by the 'allowOpenFromManagedToUnmanaged'
and 'allowOpenFromUnmanagedToManaged' restrictions. Also available for user enrollment.
- key: safariAcceptCookies
title: Accept Cookies in Safari
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <real>
presence: optional
rangelist:
- 0.0
- 1.0
- 1.5
- 2.0
default: 2.0
content: |-
Defines the conditions under which the device accepts cookies. The user-facing settings changed in iOS 11, although the possible values remain the same. Available in iOS 4 and later. Support for this restriction on unsupervised devices is deprecated. Allowed values:
* '0': Enables Prevent Cross-Site Tracking and Block All Cookies, and the user canʼt disable either setting.
* '1' or '1.5': Enables Prevent Cross-Site Tracking, and the user canʼt disable it. Doesn't enable Block All Cookies, but the user can enable it.
* '2': Enables Prevent Cross-Site Tracking but doesn't enable Block All Cookies. The user can toggle either setting.
- key: safariAllowAutoFill
title: Allow AutoFill in Safari
supportedOS:
iOS:
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: '10.13'
userenrollment:
mode: forbidden
tvOS:
introduced: n/a
visionOS:
introduced: '2.0'
supervised: true
userenrollment:
mode: forbidden
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: |-
If 'false', the system disables Safari AutoFill for passwords, contact info, and credit cards and also prevents using the Keychain for AutoFill. As of iOS 13, requires a supervised device. Available in iOS 4 and later, and macOS 10.13 and later.
The system still allows third-party password managers, and apps can use AutoFill.
- key: safariAllowJavaScript
title: Allow JavaScript
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', Safari doesn't execute JavaScript. Available in iOS 4 and later.
This restriction will require supervision in a future release.
- key: safariAllowPopups
title: Allow Pop-ups
supportedOS:
iOS:
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If 'false', Safari doesn't allow pop-up windows. Available in iOS 4 and
later. Support for this restriction on unsupervised devices is deprecated.
- key: safariForceFraudWarning
title: Enable Fraud Warning
supportedOS:
macOS:
introduced: n/a
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <boolean>
presence: optional
default: false
content: If 'true', the system enables Safari fraud warning. Available in iOS 4
and later. Also available for user enrollment.
- key: whitelistedAppBundleIDs
title: Whitelisted Apps
supportedOS:
iOS:
introduced: '9.3'
deprecated: '15.0'
supervised: true
userenrollment:
mode: forbidden
macOS:
introduced: n/a
tvOS:
introduced: '11.0'
deprecated: '15.0'
supervised: true
visionOS:
introduced: n/a
watchOS:
introduced: n/a
type: <array>
presence: optional
content: Use 'allowListedAppBundleIDs' instead.
subkeys:
- key: appWhitelistedBundleID
title: Whitelisted App
type: <string>
Reference in New Issue View Git Blame Copy Permalink