You’ve chosen Apple and we’ve designed a device management experience to match.
Set up and configure devices for new employees instantly and remotely, without IT having to physically touch the device.
The best employee experience
New employees can use their pre-configured devices right out of the box without a visit to IT.
Flexible device Blueprints
Leverage Kandji’s Blueprints to organize devices based on team, department, or location. Easily drop a new device into a Blueprint to automatically assign the right apps, controls, and automations to that device.
Our enrollment portal makes it easy to import your users from G Suite or Microsoft 365 and invite them to enroll their own devices quickly and painlessly.
Experience an unprecedented level of visibility. Oversee your entire fleet and keep tabs on all activity with detailed records, key updates, and an extensive log of remediations performed on each machine.
MDM alone simply isn’t enough. With Kandji, you get the best of both worlds — a reliable MDM plus a proprietary macOS agent that extends your capabilities beyond the expected.
Kandji is the only MDM that works around the clock to enforce compliance and remediate issues whether your Mac devices are online or off.
Automated macOS patch management is enabled by Kandji's Auto Apps, a library of applications that Kandji pre-packages, hosts, and automatically patches.
Auto Apps end user experience
All Auto Apps are fully enforced automatically with user-friendly prompts powered by the Kandji agent.
Auto Apps admin experience
Choose whether you want app updates enforced automatically or manually, and add to the dock so it is easy for users to find.
App Store apps
Sync your App Store apps from Apple Business Manager (formerly the Volume Purchase Program, or VPP).
Ready to retire an app or want to block unauthorized apps? Application blocking is built right into Kandji, allowing you to restrict usage across your entire fleet with just a few clicks.
Easily upload and deploy custom apps by dragging and dropping a package (.pkg or .mpkg), Disk Image (copy .app from disk image to /Applications), or ZIP File (unzip contents into specified directory).
150+ pre-built automations
With the largest library of macOS Parameters (over 150 and growing) you can toggle on with one click, Kandji empowers your IT team with the most control on the market.
Kandji’s advanced implemention of Profiles takes full advantage of Apple’s powerful MDM framework with Profiles such as Wi-Fi, Privacy, SSO, System Extensions, and much more.
In addition to our library of Profiles, you an also easily deploy any custom .mobileconfig file according to your needs.
Although we’ve containerized the most common policies with our Parameter library, we also support custom scripts for any unique device control needs.
Kandji’s managed OS tool is redefining how admins enforce operating system updates across your environment. It is built into our platform (no scripting required), fully enforced, and supports both major and minor OS updates.
Major & minor updates
Global Profile Variables
Automatically input unique device details such as Asset Tag, Serial Number, User Email, and more into any profile text field.
Always stay audit-ready and share detailed results with auditors. Prove compliance at a moment’s notice using read-only auditor access mode.
Kandji is the only MDM that works around the clock to enforce compliance and remediate issues whether your Macs are online or off.
Compliance control library
With Kandji, compliance is never an afterthought. Kandji is the only MDM with a pre-built library of security controls (over 150 and growing) that you can filter by specific compliance frameworks to meet your needs.
Templates for security best practices
Get started quickly by leveraging Kandji’s pre-built blueprints to deploy security and compliance best practices without having to start from scratch.
Alerts and logging
See a live stream of action on every machine in your fleet. Set up real-time alerts within Kandji or to Slack based on events you want to be notified of.
Keep your devices and data safe and sound. Easily enforce device encryption and remotely lock or wipe devices that have been lost or stolen.
Kandji easily integrates with a growing list of applications, allowing you to speed up setup, automate workflows, and save precious time.
Apple Business Manager
Leverage Apple Business Manager for Automated Device Enrollment (formerly DEP) and application management (formerly VPP).
Slack alerts for events
Set up customized Slack alerts for events you want to be alerted of, such as a missing devices or blocked application.
G Suite or Microsoft 365
Import your G Suite or Microsoft 365 users and assign devices to them directly within Kandji.
Use Kandji with proactive software monitoring provider Watchman Monitoring to keep devices safe and efficient.
One-click CIS compliance templates automatically enforce and remediate macOS controls for CIS compliance Level I and II Scored.
Leverage the Kandji API for enterprise-grade extensibility. Available for custom enterprise plans only.