Apple Platform Deployment
- Welcome
- Intro to Apple platform deployment
- What’s new
-
-
- Declarative app configuration
- Authentication credentials and identity asset declaration
- Background task management declarative
- Calendar declarative configuration
- Certificates declarative configuration
- Contacts declarative configuration
- Exchange declarative configuration
- Google Accounts declarative configuration
- LDAP declarative configuration
- Legacy interactive profile declarative configuration
- Legacy profile declarative configuration
- Mail declarative configuration
- Math and Calculator app declarative configuration
- Passcode declarative configuration
- Passkey Attestation declarative configuration
- Safari extensions management declarative configuration
- Screen Sharing declarative configuration
- Service configuration files declarative configuration
- Software Update declarative configuration
- Software Update settings declarative configuration
- Storage management declarative configuration
- Subscribed Calendars declarative configuration
-
- Accessibility payload settings
- Active Directory Certificate payload settings
- AirPlay payload settings
- AirPlay Security payload settings
- AirPrint payload settings
- App Lock payload settings
- Associated Domains payload settings
- Automated Certificate Management Environment (ACME) payload settings
- Autonomous Single App Mode payload settings
- Calendar payload settings
- Cellular payload settings
- Cellular Private Network payload settings
- Certificate Preference payload settings
- Certificate Revocation payload settings
- Certificate Transparency payload settings
- Certificates payload settings
- Conference Room Display payload settings
- Contacts payload settings
- Content Caching payload settings
- Directory Service payload settings
- DNS Proxy payload settings
- DNS Settings payload settings
- Dock payload settings
- Domains payload settings
- Energy Saver payload settings
- Exchange ActiveSync (EAS) payload settings
- Exchange Web Services (EWS) payload settings
- Extensible Single Sign-on payload settings
- Extensible Single Sign-on Kerberos payload settings
- Extensions payload settings
- FileVault payload settings
- Finder payload settings
- Firewall payload settings
- Fonts payload settings
- Global HTTP Proxy payload settings
- Google Accounts payload settings
- Home Screen Layout payload settings
- Identification payload settings
- Identity Preference payload settings
- Kernel Extension Policy payload settings
- LDAP payload settings
- Lights Out Management payload settings
- Lock Screen Message payload settings
- Login Window payload settings
- Managed Login Items payload settings
- Mail payload settings
- Network Usage Rules payload settings
- Notifications payload settings
- Parental Controls payload settings
- Passcode payload settings
- Printing payload settings
- Privacy Preferences Policy Control payload settings
- Relay payload settings
- SCEP payload settings
- Security payload settings
- Setup Assistant payload settings
- Single Sign-on payload settings
- Smart Card payload settings
- Subscribed Calendars payload settings
- System Extensions payload settings
- System Migration payload settings
- Time Machine payload settings
- TV Remote payload settings
- Web Clips payload settings
- Web Content Filter payload settings
- Xsan payload settings
-
- Glossary
- Document revision history
- Copyright
Intro to smart card integration
For devices with iOS 16.1, iPadOS 16, macOS 10.15, or later, Apple offers native support for personal identity verification (PIV) smart cards, USB CCID class-compliant readers, and hard tokens that support the PIV standard. PIV is an open standard widely used in commercial and government organizations for two-factor authentication, digital signing, and encryption. For Mac computers, built-in support for smart cards is based on the CryptoTokenKit framework, which has been extended to enable smart cards support without any additional software.
Note: When using smart cards with iPhone or iPad, some desktop CCID class-compliant readers may require the use of a powered USB hub to address increased power requirements.
Smart cards and accessory security
Accessory security is a feature of macOS 13 or later that helps protect your Mac against any potentially malicious external Thunderbolt, USB, or—in macOS 13.3 or later—SD Extended Capacity “SDXC” cards by requiring user approval before the accessory can communicate with the macOS. To guarantee that smart card operations work as expected with this new feature, accessory security won’t function if a com.apple.security.smartcard.plist
file is detected (in /Library/Preferences/) at startup. Removing the file reenables accessory security. For more information, see Manage accessory access.
Developing app support for smart cards
If you’re a developer interested in using the CryptoTokenKit framework to support smart cards, see CryptoTokenKit on the Apple Developer website.