Create Policy

Choose Management Method

Select how you want to manage this policy:

📋 Traditional MDM

Configuration Profile (InstallProfile command)

Works on all devices (iOS 13+, macOS 10.13+)
Immediate deployment via MDM commands
Best for: Restrictions, WiFi, VPN, Email

Create Configuration Profile Google Chrome (macOS)

🚀 DDM (Declarative)

Declaration (Device-managed state)

Requires iOS 17+ / macOS 14+
Automatic sync and status reporting
Best for: OS Updates, App Deployment, Status

Create DDM Declaration

💡 Recommendation: Use DDM for OS updates (iOS 17+, macOS 14+). Use Traditional MDM for restrictions and configurations that work on older devices.

Policy Details

Policy Name *

Payload Identifier * Reverse-DNS format (e.g., com.company.policy.restrictions)

Policy Type

Description

Payload Content (JSON) * JSON payload content. See Apple documentation for payload types.

Allow users to remove this profile

Automatically sign and activate after creation If unchecked, you'll need to sign the policy manually before deployment.

Cancel

Policy Examples

Restrictions Policy:

{
  "PayloadType": "com.apple.applicationaccess",
  "PayloadContent": {
    "allowAppInstallation": false,
    "allowAppRemoval": false,
    "allowSafari": true,
    "allowSiri": false
  }
}

Camera Block Policy:

{
  "PayloadType": "com.apple.applicationaccess",
  "PayloadContent": {
    "allowCamera": false
  }
}

Passcode Policy:

{
  "PayloadType": "com.apple.mobiledevice.passwordpolicy",
  "PayloadContent": {
    "minLength": 8,
    "requireAlphanumeric": true,
    "maxFailedAttempts": 6
  }
}

Screen Saver (Auto-Lock) Policy:

{
  "PayloadType": "com.apple.screensaver",
  "PayloadContent": {
    "idleTime": 300,
    "askForPassword": true,
    "askForPasswordDelay": 0
  }
}