Skip to content

Configure service discovery

You must configure service discovery before you can use account-driven Apple User Enrollment.

For iPhones and iPads owned by the user, service discovery is an enrollment step where the device identifies itself to Sophos Mobile.

Users must enter their Managed Apple ID when enrolling their device with Sophos Mobile. The device uses the domain part of the ID to connect to a service discovery resource on your web server, which contains information the device needs to enroll with Sophos Mobile.

To configure service discovery, do as follows:

  1. In Sophos Mobile, go to Setup > Apple setup > Apple User Enrollment.
  2. Click Set up account-driven Apple User Enrollment.

    The Apple User Enrollment tab.

  3. Click Copy to clipboard to copy the JSON code shown on the page.

    The Copy to clipboard button.

  4. Paste the JSON code into a new text file.

  5. Publish the file on your web server at the following URL:

    https://your-domain.com/.well-known/com.apple.remotemanagement
    

    Replace your-domain.com with the domain you registered in Apple Business Manager for your Managed Apple IDs.

  6. In your web server configuration, set the file’s content-type header to application/json.

  7. Configure your web server to allow HTTP GET requests to the URL.