Kandji
  • 18 Jun 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Kandji

  • Dark
    Light
  • PDF

Article summary

Kandji is an Apple device management (MDM) solution for macOS, iOS, iPadOS, and tvOS.

Related Enforcement Actions:

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users
  • SaaS data

Parameters

  1. Host Name or IP Address (required) - The hostname or IP address of the Kandji server.

  2. API Token (required) - An API Token associated with a user account that has permissions to fetch assets.
    To generate an API Token, see Generate an API Token.

  3. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  4. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  5. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  6. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Kandji


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Enrich device information (optional) - Select whether to fetch additional device information about the device.
  2. Fetch applications (optional) - Select whether to fetch additional information about all installed apps on devices.
  3. Fetch ADE (automated device enrolled) devices - Select whether to fetch devices not yet enrolled.


Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses the Kandji API and Devices API.

Adapter Integration Setup

Create a User Account in Kandji

While to access SaaS data you need to grant roles and/or permissions that include write capabilities, the adapter only actually reads data from the application.

  1. From the Kandji console, click Settings in the left-hand navigation bar.
  2. Select the Access tab.
  3. Click New User on the top right.
  4. Fill in the First Name, Last Name, and Email Address fields
  5. Choose an Admin access level for the new team member.
  6. Click Submit.
  7. Login to the supplied email address and open the Kandji invitation. Complete the login process and supply a password.

Create an API Token

  1. Login with an admin user or with the user account you just created.
  2. From the Kandji console, click Settings in the left-hand navigation bar.
  3. Log in and click on Settings.
  4. Click the Access tab.
  5. Click Add API Token.
  6. Provide a Name and a Description for your API token.
  7. Click Create.
  8. Copy the generated token.
  9. Click Next.
  10. In Axonius configuration paste the copied token in the API Token field.
  11. Configure token permissions:
    1. Back in Kandji, Click Configure.
    2. In the Devices section, select the following options:
      • Device details
      • Device list
      • Device ID
      • Application list
      • Device Parameters
    3. Click Save.

Supported From Version

Supported from Axonius version 4.5



Was this article helpful?

What's Next