<key>com.jamf.config.

jamfpro.invitation</key>

<string>$MOBILEDEVICEAPPINVITE</string>

Jamf Pro Invitation

The Jamf Pro Invitation is a unique string that is generated by Jamf Pro. The Jamf Pro Invitation ensures that the MDM server the device is managed by matches the server specified in the com.jamf.config.jamfpro.url key-value pair.

The value entered for the string must be $MOBILEDEVICEAPPINVITE.

<key>com.jamf.config.

device.udid</key>

<string>$UDID</string>

Device UDID

The device UDID is the UDID of the device the in-house app is installed on.

The value entered for the string must be $UDID.

<key>com.jamf.config.

jamfpro.url</key>

<string>https://jamf_pro_server_url/</string>

Jamf Pro URL

The Jamf Pro URL is the Jamf Pro server instance in which mobile devices are enrolled. Your full Jamf Pro URL must be entered in the string. This includes the correct protocol, fully qualified domain name (FQDN), and port of the server. For example:

<key>com.jamf.config.jamfpro.url</key>

<string>https://jss.instancename.com:8443/>

<key>com.jamf.config.

certificate-request.pkiId</key>

<string>PKI_ID</string>

Certificate Request PKI ID

The certificate request PKI ID is the ID of an Active Directory Certificate Service (AD CS) instance in Jamf Pro. It is used during certificate generation and is specific to your organization. For example:

<key>com.jamf.config.certificate-request.pkiId</key>

<string>1</string>

<key>com.jamf.config.

certificate-request.template</key>

<string>certificate_template_name</string>

Certificate Request Template Name

The certificate request template name is the name of the certificate template, usually Machine or User. It is used during certificate generation and is specific to your organization. For example:

<key>com.jamf.config.certificate-request.template</key>

<string>User2</string>

<key>com.jamf.config.

certificate-request.subject</key>

<string>certificate_subject</string>

Certificate Request Subject

The certificate request subject is the certificate subject that is the representation of a X.500 name (e.g., O=CompanyName, CN=FOO). It is used during certificate generation and is specific to your organization.

Note: This value can be dynamically supplied by Jamf Pro using variables. For example:

<key>com.jamf.config.certificate-request.template</key>

<string>cn=$SERIALNUMBER</string>

For more information about variables in Jamf Pro, see "Payload Variables for Mobile Device Configuration Profiles" in the Jamf Pro Administrator's Guide.

<key>com.jamf.config.

certificate-request.sanType</key>

<string>subject_alternative_name_type</string>

Certificate Request Subject Alternative Name Type

The certificate request subject alternative name type is the type of a subject alternative name. It is used during certificate generation and is specific to your organization. For example:

<key>com.jamf.config.certificate-request.sanType</key>

<string>rfc822Name</string>

<key>com.jamf.config.

certificate-request.sanValue</key>

<string>subject_alternative_name_value</string>

Certificate Request Subject Alternative Name Value

The certificate request subject alternative name value is the value of the subject alternative name. It is used during certificate generation and is specific to your organization.

Note: This value can be dynamically supplied by Jamf Pro using variables . For example:

<key>com.jamf.config.certificate-request.sanValue</key>

<string>$EMAIL</string>

For more information about variables in Jamf Pro, see "Payload Variables for Mobile Device Configuration Profiles" in the Jamf Pro Administrator's Guide.

<key>com.jamf.config.certificate-request.signature</key>

<string>$JAMF_SIGNATURE_com.jamf.config.certificate-request</string>

Certificate Request Signature

Jamf Pro replaces this value with a cryptographic signature of the values related to the certificate request. This signature is verified by the SDK before issuing a certificate to verify that values have not been tampered with.

The value entered for the string must be $JAMF_SIGNATURE_com.jamf.config.certificate-request.