Kandji updates
Kandji updates

Auto App: Egnyte Connect




Auto app Egnyte.png

Auto App: LastPass




Auto app LastPass.png

Auto App: AWS VPN Client




Auto app AWS VPN Client.png

API Updates - Automated Device Enrollment




A set of new API endpoints related to Automated Device Enrollment integration management is now available. These endpoints allow fetching all Automated Device Enrollment integrations for a tenant, as well as the specific devices from each ADE integration and whether or not the device is enrolled yet. Additionally, admins can create, renew, and delete an ADE integration.

These endpoints will not be enabled by default on existing API tokens; they need to be explicitly enabled within the token's permissions.

With the addition of these endpoints, customers can now have multiple Automated Device Enrollment integrations within a single Kandji tenant. Specifically, the following API endpoints will now be available:

POST /api/v1/integrations/apple/ade

POST /api/v1/integrations/apple/ade/{id}/renew

PATCH /api/v1/integrations/apple/ade/{id}

GET /api/v1/integrations/apple/ade

GET /api/v1/integrations/apple/ade/{id}

GET /api/v1/integrations/apple/ade/{id}/devices

GET /api/v1/integrations/apple/ade/public_key

DELETE /api/v1/integrations/apple/ade/{id}

Screen Shot 2022-06-14 at 14.49.20.png

Visit the API documentation for more info

Disable Weekly Emails




Within the user’s profile, we’ve renamed the “Date and time preferences” section to “Preferences” and added a new option to disable or enable the weekly status emails. This control is maintained at the user level, and selecting “No” will prevent the user from receiving future emails every week.

image (5).png

Additionally, a link to the Disable weekly emails support article has been added to the footer of the weekly email, so Kandji Admins will easily know how to disable these in the future.

image (6).png

Learn more

Managed OS Update




Managed OS has been updated. The latest approved version for Big Sur is now 11.6.7, with the following release date:

11.6.7: June 09, 2022

Expanded Support for Enterprise Authentication in Wi-Fi Library Item




Kandji has updated and expanded our Wi-Fi library item to better support enterprise networking by making it simpler to configure enterprise authentication protocols. 

More specifically, the Wi-Fi library item now allows you to configure seven flavors of the 802.1X Extensible Authentication Protocol (EAP): TLS, TTLS, LEAP, PEAP, EAP-FAST, EAP-SIM, and EAP-AKA.

New Wi-Fi dropdown_edit.jpg

Because a single network can support multiple authentication types, you can select more than one EAP type in a single library item.

Each of these authentication methods has its own configuration settings. So, for example, if you select TTLS (which uses a TLS tunnel to encrypt another authentication protocol), you then specify an outer authentication protocol (username and password or via directory) and an inner one (CHAP, EAP, MSCHAP, MSCHAPv2, or PAP), as well as minimum and maximum versions of TLS that you want to require.

Wi-Fi SCEP_edit.jpg

Some of these authentication methods require the use of certificates to prove the device’s identity. We’ve added the option to obtain such certificates from a SCEP (Simple Certificate Enrollment Protocol) server; when you select SCEP from the Identity certificate drop-down in the Wi-Fi library item, a drawer slides out where you can provide all of your SCEP specifics (URL of the SCEP server, fingerprint of the Certificate Authority certificate, key size and usage, and so on). For details on that and more, see our support article).

Auto App: Cloudflare WARP




Auto app Cloudflare WARP.png

Additional configuration options for Cloudflare WARP are available from Cloudflare's website.

Auto App: DisplayLink Manager




Auto app DisplayLink Manager.png

Create Multiple Instances of Auto Apps, Managed OS




We’ve made a significant improvement in the way Auto Apps and managed operating systems are configured and delivered. You can now set up multiple instances of a given Auto App or Managed OS library item, each with its own set of configurations and enforcement options. You can then assign those different instances to different Blueprints.

So, for example, if you want to be sure that everyone on the creative and product teams has Figma installed, but want to make that app optional (via Self Service) for the security group, you can set up two separate Figma Auto App library items, with separate settings and distinct names, then assign the appropriate one to each departmental Blueprint.


Or if you wanted your own IT group to always have the latest version of macOS Monterey, but just want to be sure that the rest of the company is on some version—any version—of Apple’s latest Mac operating system, you can set up two different Managed OS library items and distribute them via Blueprints.

Note: You can have just one instance of any given Auto App or Managed OS library item in a given Blueprint. For more details, see our support articles on Auto Apps and configuring managed OS.