Managed preferences reference
The InPolicy Mac app reads configuration from macOS Managed Preferences under the domain ai.inpolicy.desktop. This page is the complete reference — every key, its type, its default, and what it does.
These keys are normally set via an MDM-delivered configuration profile. For local development or individual overrides, they can also be written with defaults write.
Required keys
Section titled “Required keys”deviceToken
Section titled “deviceToken”- Type: String
- Default: (none — required for detection to run)
The organization-wide device token, minted from the InPolicy admin dashboard under Settings → Device Provisioning. One token per tenant — the same value goes on every Mac in your org.
This is a long-lived credential. If it’s ever compromised, rotate it from the admin dashboard; the old token is invalidated immediately and every Mac will need to reload the new value before authentication succeeds.
userEmail
Section titled “userEmail”- Type: String
- Default: (none — required)
The email of the user on this Mac. InPolicy uses this to resolve which InPolicy user this device belongs to and apply per-user scope (team, country, role).
In a configuration profile, use your MDM’s variable substitution:
| MDM | Variable |
|---|---|
| Jamf | $EMAIL |
| Kandji | {{user.email}} |
| Intune | {{UserPrincipalName}} |
| Mosyle | %EMAIL% |
| Addigy | $email$ |
If the substituted value is blank (e.g., the user isn’t bound to an identity provider), the app will sit in an unprovisioned state.
Optional keys
Section titled “Optional keys”apiBaseURL
Section titled “apiBaseURL”- Type: String
- Default:
https://api.inpolicy.ai
Override the backend URL. Used only for private-cloud or on-prem deployments.
Never point this at a non-HTTPS URL in production. The app will refuse to send authentication over plain HTTP unless NODE_ENV-equivalent debug flags are set.
telemetryEnabled
Section titled “telemetryEnabled”- Type: Boolean
- Default:
true
Whether the app emits product telemetry events (session heartbeats, install pings, violation counts — all without user-linkable data, per our public privacy commitment). Set to false to disable all telemetry.
This does not affect violation detection or analytics events surfaced in your tenant’s dashboard — those are operational data, not product telemetry.
disabledAppsManaged
Section titled “disabledAppsManaged”- Type: Array of strings (bundle IDs)
- Default:
[]
A list of macOS bundle IDs where InPolicy will not observe text. Example:
<key>disabledAppsManaged</key><array> <string>com.apple.SecurityAgent</string> <string>com.1password.1password</string> <string>com.agilebits.onepassword-macos</string></array>Use this for password managers, sensitive workflows, or apps that have their own compliance tooling. Users cannot re-enable InPolicy for apps on this list — only IT can.
There’s also a built-in deny list for well-known password-manager and Keychain-related bundle IDs; disabledAppsManaged is additive on top of that.
autoStartAtLogin
Section titled “autoStartAtLogin”- Type: Boolean
- Default:
true
Whether the app should register itself as a Login Item via SMAppService on first successful authentication. Set to false to require the user to manually launch the app each session — useful in lab or shared-Mac scenarios.
autoUpdateEnabled
Section titled “autoUpdateEnabled”- Type: Boolean
- Default:
true
Whether Sparkle should automatically check for and install app updates. Set to false to gate updates through your MDM’s deploy-a-new-PKG process.
debugLogging
Section titled “debugLogging”- Type: Boolean
- Default:
false
Enables verbose diagnostic logging to stdout. Never logs user text — only metadata (policy IDs, timing, event counts). Useful for troubleshooting a specific Mac’s detection behavior.
View logs:
log stream --predicate 'subsystem == "ai.inpolicy.desktop"' --level=debugTurn off once you’re done — debug logging slightly increases CPU usage.
sentryDsn
Section titled “sentryDsn”- Type: String
- Default: (InPolicy’s hosted Sentry DSN)
Override the Sentry DSN the app uses for crash and error reporting. Useful in:
- Air-gapped deployments where the default DSN is unreachable.
- Orgs that want to ingest InPolicy errors into their own Sentry.
- Disabling crash reporting entirely (set to an empty string
"").
Local override for development
Section titled “Local override for development”To test without deploying a full profile, write the preferences locally:
defaults write ai.inpolicy.desktop apiBaseURL "http://localhost:8080"defaults write ai.inpolicy.desktop deviceToken "dev-token-from-admin-api"defaults write ai.inpolicy.desktop userEmail "you@yourorg.com"defaults write ai.inpolicy.desktop debugLogging -bool trueThen relaunch the app. defaults read ai.inpolicy.desktop shows the current state.
Precedence
Section titled “Precedence”- Managed Preferences from a configuration profile always win. If an MDM-deployed profile sets
deviceToken, a localdefaults writecannot override it. - Config profile > local
defaults> compiled-in default.
What changes require a restart
Section titled “What changes require a restart”The app reads preferences at launch. To pick up a new value:
- Click the menu bar icon → Quit.
- Relaunch the app (or wait for the login item to start it on next login).
Deploying a new Managed Preferences profile via MDM does not automatically restart the app. Expect users to pick up changes on next logout/login, or trigger a restart remotely if the change is urgent.
Related
Section titled “Related”- Deploy via MDM — how to package and deploy these settings