{"id":22325494,"url":"https://github.com/jamf/certificatesdk","last_synced_at":"2025-07-29T16:33:05.774Z","repository":{"id":43258511,"uuid":"180163590","full_name":"jamf/CertificateSDK","owner":"jamf","description":"Get Certificates From Jamf Pro Into Your iOS Apps","archived":false,"fork":false,"pushed_at":"2024-06-14T19:27:43.000Z","size":2501,"stargazers_count":13,"open_issues_count":0,"forks_count":5,"subscribers_count":12,"default_branch":"main","last_synced_at":"2024-06-15T17:39:45.057Z","etag":null,"topics":["certificates","jamfpro","sdk-ios"],"latest_commit_sha":null,"homepage":"","language":"Objective-C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jamf.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-04-08T14:11:43.000Z","updated_at":"2024-06-14T19:25:56.000Z","dependencies_parsed_at":"2022-09-12T05:00:14.562Z","dependency_job_id":null,"html_url":"https://github.com/jamf/CertificateSDK","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamf%2FCertificateSDK","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamf%2FCertificateSDK/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamf%2FCertificateSDK/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jamf%2FCertificateSDK/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jamf","download_url":"https://codeload.github.com/jamf/CertificateSDK/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228030029,"owners_count":17858432,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificates","jamfpro","sdk-ios"],"created_at":"2024-12-04T02:12:14.954Z","updated_at":"2025-07-29T16:33:05.741Z","avatar_url":"https://github.com/jamf.png","language":"Objective-C","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Jamf Certificate SDK\n\nWhen the Jamf Certificate SDK is integrated with your iOS or visionOS app, it provides a secure process\nthat allows the app to request a certificate from a certificate authority (CA) via Jamf Pro. Certificates\ncan be used to establish identities that support certificate-based authentication to perform Single Sign-On\n(SSO) or other actions specific to your environment.\n\nSee [Distributing an In-House App Developed with the Jamf Certificate SDK](https://learn.jamf.com/en-US/bundle/technical-paper-integrating-ad-cs-current/page/Distributing_an_In-House_App_Developed_with_the_Jamf_Certificate_SDK.html) for more details.\n\n--------\n\n### Installation\n\nJamf Certificate SDK is available through the [Swift Package Manager](https://swift.org/package-manager/).\n\nTo install via the Swift Package Manager add the following line to your `Package.swift` file's `dependencies`:\n\n```swift\n.package(url: \"https://github.com/jamf/CertificateSDK.git\", from: \"2.0.0\")\n```\n\n--------\n\n#### Framework Architectures\n\nThe included XCFramework ships with support for the iOS and visionOS simulators on Apple Silicon and\nIntel-based Mac computers, and iOS and visionOS devices using the arm64 architecture.  This allows app\ndevelopers to use the framework on actual iOS and visionOS devices and in the simulators while\ndeveloping and testing their apps.\n\n--------\n\n### Managed App Configuration Required Settings\n\nTo ensure proper use of the SDK, the app is required to be distributed by Jamf Pro.  During distribution,\na managed app configuration can be specified that will let the SDK communicate with Jamf Pro and request\nthe proper certificate.  Here is a sample managed app configuration that can be used as a basis for your own app.\n\n*Note that you can add your own key/value pairs to the managed app configuration to configure other parts of your app.*  Jamf's keys are all prefixed\nwith `com.jamf.config.` so they will not clash with your own naming conventions for keys.\n\n    \u003cdict\u003e\n    \u003ckey\u003ecom.jamf.config.jamfpro.invitation\u003c/key\u003e\n    \u003cstring\u003e$MOBILEDEVICEAPPINVITE\u003c/string\u003e\n    \u003ckey\u003ecom.jamf.config.device.udid\u003c/key\u003e\n    \u003cstring\u003e$MANAGEMENTID\u003c/string\u003e\n    \u003ckey\u003ecom.jamf.config.jamfpro.url\u003c/key\u003e\n    \u003cstring\u003ehttps://the_jamf_pro_server_url_goes_here/\u003c/string\u003e\n    \u003ckey\u003ecom.jamf.config.certificate-request.pkiId\u003c/key\u003e\n    \u003cstring\u003e1\u003c/string\u003e\n    \u003ckey\u003ecom.jamf.config.certificate-request.template\u003c/key\u003e\n    \u003cstring\u003eUser2\u003c/string\u003e\n    \u003ckey\u003ecom.jamf.config.certificate-request.keySize\u003c/key\u003e\n    \u003cinteger\u003e4096\u003c/integer\u003e\n    \u003ckey\u003ecom.jamf.config.certificate-request.subject\u003c/key\u003e\n    \u003cstring\u003ecn=something\u003c/string\u003e\n    \u003ckey\u003ecom.jamf.config.certificate-request.subjectAlternativeNames\u003c/key\u003e\n    \u003carray\u003e\n        \u003cdict\u003e\n            \u003ckey\u003ecom.jamf.config.certificate-request.sanType\u003c/key\u003e\n            \u003cstring\u003erfc822Name\u003c/string\u003e\n            \u003ckey\u003ecom.jamf.config.certificate-request.sanValue\u003c/key\u003e\n            \u003cstring\u003esomebody@example.com\u003c/string\u003e\n        \u003c/dict\u003e\n        \u003cdict\u003e\n            \u003ckey\u003ecom.jamf.config.certificate-request.sanType\u003c/key\u003e\n            \u003cstring\u003euserPrincipalName\u003c/string\u003e\n            \u003ckey\u003ecom.jamf.config.certificate-request.sanValue\u003c/key\u003e\n            \u003cstring\u003esomebody@example.com\u003c/string\u003e\n        \u003c/dict\u003e\n    \u003c/array\u003e\n    \u003ckey\u003ecom.jamf.config.certificate-request.signature\u003c/key\u003e\n    \u003cstring\u003e$JAMF_SIGNATURE_com.jamf.config.certificate-request\u003c/string\u003e\n    \u003c/dict\u003e\n\n###### MAC key discussion\n\n`com.jamf.config.device.udid`: The device identifier of the device the app is installed on.  Starting with\nJamf Pro 11.5.1, the value must be `$MANAGEMENTID` to support both company-owned and BYOD devices.  In Jamf\nPro 11.5.0 and earlier, the value must instead be `$UDID` and only company-owned devices are supported.\n\n`com.jamf.config.jamfpro.url`: The value should be filled in with your Jamf Pro Server's URL.\n\nThe keys prefixed with `com.jamf.config.certificate-request` are used during certificate generation.  They\nwill be specific to your organization.  You should confer with those responsible for Jamf Pro and your\nCertificate Authority to ensure the proper settings are configured for your app.\n\n* `pkiId`: (an integer but typed as string in the MAC) Jamf Pro ID of the PKI Integration/Certificate Authority to be used; find this in the Jamf Pro\nweb UI at Settings \u003e PKI Certificates \u003e Your ADCS CA settings and then look in the URL bar for the number after \"id=\".  You should have a URL something like \"adcsSettings.html?id=3\" and enter the number `3` in the AppConfig\n* `template`: (string) Certificate template name as defined in your CA.\n* `subject`: (string) Subject to include in the certificate signing request.\n* `keySize`: (integer) The number of bits used in cryptographic algorithm of the certificate.  Must be one of `2048`, `4096` or `8192`; defaults to `2048` if not specified.\n* `subjectAlternativeNames`: (array) Available starting in Jamf Pro 11.17.0. An array of subject alternative name dictionaries.\n    * `sanType`: (string) One of 'rfc822Name', 'dNSName', 'uniformResourceIdentifier', or 'userPrincipalName.'\n    * `sanValue`: (string) Subject Alternative Name to include in the certificate signing request.\n\nWith the `subject` and `sanValue` fields, variable substitution is available as discussed under [Payload Variables for Configuration Profiles](https://learn.jamf.com/en-US/bundle/jamf-pro-documentation-current/page/Mobile_Device_Configuration_Profiles.html#ariaid-title3).\n\nJamf Pro 11.17.0 added the `keySize` and `subjectAlternativeNames` top level keys.  Jamf Pro 11.16 and earlier do not support `keySize`, and the `sanType` and `sanValue` keys should be specified at the top level instead of within the `subjectAlternativeNames` array.  See earlier versions of the CertificateSDK for details.\n\n--\n\nAdditional reference documentation is available in\n[Integrating the Jamf Certificate SDK with Mobile Device Apps Deployed by Jamf Pro](https://learn.jamf.com/bundle/jamf-certificate-sdk/page/Overview.html).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamf%2Fcertificatesdk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjamf%2Fcertificatesdk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjamf%2Fcertificatesdk/lists"}