FAQ
Common Questions
& Technical Logic
Everything you need to evaluate Smplify as infrastructure for your platform.
General Questions
Traditional MDMs (Jamf, Iru, Intune) are built for IT teams who manage their own devices. They provide a console, predefined workflows, and admin-facing UIs.
Smplify is MDM infrastructure built for platform builders. API-first, no endpoint agent required, and designed to embed into your product under your UI, workflows, and brand.
Traditional MDM helps teams use device management. Smplify helps platforms offer device management.
Smplify doesn’t require installing or maintaining a persistent agent on managed devices. Instead, we use each platform’s native device management frameworks — like Apple’s built-in MDM protocol — to communicate securely with devices. No background app to deploy, update, monitor, or troubleshoot.
Your existing endpoint security agent runs alongside Smplify with zero conflicts.
Open-source projects like MicroMDM, NanoMDM, and Fleet are great for experimentation, but they require you to host, secure, scale, and maintain everything yourself — from certificate management to OS compliance updates.
Smplify is fully managed, production-grade infrastructure with enterprise multi-tenancy, RBAC, automated certificate management, and APIs designed for embedding. You get the control of open source without the operational burden.
Smplify is built for platform builders:
- Endpoint security platforms (XDR, EDR, MDR)
- IT management and RMM platforms
- Zero trust and identity platforms
- SaaS companies building device management features
If you’re building a platform and your customers are asking for MDM capabilities, Smplify is for you.
If you’re an IT team looking to manage your own company’s devices, a traditional MDM tool is a better fit.
Platform & Features
- Full-spec Apple MDM: iOS, iPadOS, macOS, tvOS, watchOS, visionOS
- Windows, Android/ChromeOS, Linux coming soon
- REST API with comprehensive documentation
- Webhook events for real-time updates
- Enterprise RBAC with multi-tenant architecture
- Automated Device Enrollment (ADE) for zero-touch provisioning
- Certificate hosting and management
- Optional hosted UI (or build your own)
- Usage-based pricing — pay only when devices enroll
Yes. Smplify manages all required certificates for Apple device management, including APNS (Apple Push Notification Service), ADE (Automated Device Enrollment) tokens, and MDM identity certificates.
We handle setup, renewal, and compliance so you don’t have to.
Smplify supports global portability — devices can move between regions (e.g., EU to US) without re-enrollment.
We use a global root Certificate Authority (CA) with per-cluster intermediate and issuing CAs. This enables seamless migration across clusters or regions while keeping private keys local and secure.
The result: lower latency, simpler operations, and no compromise on security.
Security & Compliance
Yes. Security is built into every layer:
- End-to-end encryption for all device communication
- Multi-tenant RBAC with full data isolation
- Secure API authentication
- Regular security audits
- SOC 2 Type II in progress
Visit our Trust Center at trust.smplify.com for current security documentation.
Integration & Architecture
Yes. Smplify is designed to embed into your platform via API. You control the UI, workflows, and user experience.
We also provide an optional hosted UI you can use while you build your own integration, or as a fallback for advanced features.
Smplify is built from the ground up for secure, scalable multi-tenant environments.
You can serve multiple customers or teams from a single backend and segment access by customer, region, department, or any structure you need. Enterprise-grade RBAC lets you define precisely who has access to what, across tenants, users, and device groups.
Pricing & Implementation
Usage-based. You pay only when devices enroll.
No upfront costs. No per-seat licenses. Pricing scales with your business.
Most teams can have a working integration running in 2-4 weeks. Implementation time depends on your use case and how deeply you want to integrate.
We provide comprehensive APIs, documentation, and engineering support to accelerate development.
Three approaches, depending on your goals:
Option 1: Agent-Only Deployment (Low Effort)
Deploy your own agent using Smplify. No API integration required. Your agent can silently manage devices and deploy MDM profiles. Your customers never see the Smplify name.
Option 2: Selective API Integration (Moderate Effort)
Integrate a focused set of APIs to display device data, patch status, and actions in your platform. Use Smplify’s optional hosted UI for full MDM functionality with minimal engineering effort.
Option 3: Full Native Integration (Greater Effort)
Build a fully embedded MDM experience using Smplify’s comprehensive API. Support enrollment, policy management, patching, and reporting — all from within your existing portal.
Every Smplify customer gets direct access to our engineering team.
- Technical documentation and API references
- Integration guides and SDKs
- Professional services for custom integration, architecture reviews, and ongoing technical advisory
Migration
Yes. Apple supports seamless MDM migration with no device erasure required. The Smplify CLI includes migration workflows to make this straightforward.
See Apple’s documentation: Migrate managed devices to another device management service
The Smplify CLI includes step-by-step migration workflows that guide you through moving devices from an existing MDM platform to Smplify.
We don’t believe in vendor lock-in. Smplify follows open standards, making migration straightforward. Apple’s seamless MDM migration means your devices move without erasure or re-enrollment.
Yes. Thanks to our RBAC model, you can transfer tenant ownership between accounts without re-enrolling devices — useful for acquisitions, partner handoffs, or internal restructuring.
AI, MCP & Compliance
Yes. The Smplify MCP server exposes real device data, real schemas, and real enforcement to AI agents. Every profile it generates is deployable, not theoretical.
Your AI layer can query live device state, generate compliant configuration profiles, and enforce baselines — all through natural language or agentic workflows. No retrofitting required.
Yes. The Smplify CLI has mSCP compliance workflows built in. When paired with Claude Code, it functions as a native AI skill, reducing token usage by over 60% compared to a standard MCP server integration.
The CLI supports all mSCP baselines: NIST 800-53, DISA STIG, CMMC, CIS, and CNSSI — or provide your own via an mSCP manifest.
Still Have Questions?
Whether you’re exploring Smplify or ready to integrate, we’d love to hear from you. Want to hear more about our philosophy? Listen to Episode 448 of the Mac Admins Podcast.
