Choose a connection type
When you add a connection, you pick how to set it up:| Type | What it does |
|---|---|
| Iru Endpoint Instance | Pre-populates the connection fields from your Iru Endpoint instance, so there is little to enter by hand. |
| Custom MDM Connection | Lets you enter the connection details manually for another MDM. |
Connection settings
A connection has a display name and covers one or both platforms:- Apple
- Windows
| Setting | What it is |
|---|---|
| APNs topic | The Apple Push Notification service topic the MDM uses to reach Apple devices. |
| Check-in URL | The URL Apple devices check in to during and after enrollment. |
Enrollment profiles
For Apple platforms, you can download configuration profiles (macOS and iOS) from the connection. These configure Iru Access on a managed device - its privacy permissions and single sign-on extension - for deployment through your MDM; they don’t enroll the device into MDM itself.Connection secrets
A connection uses a client secret that you can rotate from the connection’s Client secrets list:- Rotate issues a new secret while the previous one keeps working for 24 hours, so you can update the MDM before the old secret stops. The previous secret shows an Expires Soon badge until it expires.
- Invalidate ends a secret immediately - use it if a secret may have been exposed.
How this relates to device trust
A connected MDM is how Iru can tell that a device is managed. Combined with the health signals the Iru Access app reports, your authentication policies can require a known, managed, healthy device before granting access.Where to go next
Device trust
Use managed and health signals as conditions in a policy.
Authenticators
How people install and register Iru Access on their devices.