DEP (Device Enrollment Program) Protocol

The DEP Protocol is Apple’s RESTful API that enables organizations to automate device enrollment and configuration through Apple Business Manager (ABM) or Apple School Manager (ASM).

What to Know

The DEP Protocol is the technical foundation for zero-touch deployment, enabling organizations to deliver fully configured devices to users without IT physically handling hardware. This dramatically reduces deployment time, eliminates manual enrollment steps prone to user error, and ensures devices are supervised and locked to MDM before first use. Without DEP Protocol integration, organizations must manually enroll devices, which cannot achieve supervision on iPhones and iPads already activated, and users can remove MDM profiles from unsupervised devices.

The protocol also enables continuous synchronization between ABM/ASM and MDM servers, allowing IT to assign newly purchased devices to the correct MDM instance and automatically apply enrollment profiles. This automation is essential for large-scale deployments and reduces the risk of misconfigured or unmanaged devices entering production environments.

Common Scenarios

Enterprise IT: IT teams integrate their MDM server with ABM using the DEP Protocol to automatically enroll corporate devices during Setup Assistant. New devices shipped directly to users from Apple or authorized resellers arrive pre-assigned to the corporate MDM, enabling remote deployment without IT touching the hardware. IT must maintain valid DEP tokens and monitor sync status to ensure device assignments flow correctly.

MSP: MSPs manage DEP Protocol integrations for multiple clients, each with separate ABM/ASM accounts and DEP tokens. Token renewal and device assignment workflows must be tracked per client to prevent assignment errors that could send devices to the wrong MDM instance. MSPs often establish standardized enrollment profiles across clients while customizing specific settings per organization.

Education: School districts use the DEP Protocol to manage large-scale iPad deployments, often with thousands of devices enrolled simultaneously at the start of each school year. The protocol enables bulk device assignments and profile updates without manual device handling. Education IT must coordinate with purchasing departments to ensure devices are ordered through ASM-compatible resellers and properly assigned before distribution to students.

In Addigy

Addigy’s MDM platform integrates with Apple Business Manager through the DEP Protocol, allowing admins to link their ABM/ASM account and automatically sync device assignments. Addigy provides guided workflows for generating and uploading DEP tokens, and monitors token expiration to alert admins before tokens expire. Device sync status is visible in the Addigy console, showing which devices have been assigned and are awaiting enrollment.

Administrators can define default enrollment settings in Addigy that apply to all DEP-enrolled devices, including Setup Assistant configuration, initial profiles, and app assignments. Addigy handles the technical protocol communication with Apple’s servers, abstracting the complexity while providing visibility into sync operations and device readiness.