Jump to:navigation, search


Connection of the Mobile Security Portal with the Apple DEP

Last adaption: 03.2021


  • Troubleshooting note added
  • Reference to content manager for multi-client solution added

  • Devices can be assigned to an MDM with the help of the Device Enrollment Program
  • DEP is a prerequisite for rolling out centrally purchased and licensed software to devices via VPP (Volume Purchase Program).


The following requirements are necessary:

MSP v1.5.3 Infos DEP-Token-en.png

Establish connection to DEP (Device Enrollment Program)

The connection is done in three steps at  account /  Infos / Apple DEP-Token Update
1. download the Apple push certificate (*.pem file)
2. upload this certificate in the Apple Business Manager or Apple School Manager menu Settings

  •  ABM: If no corresponding MDM server has been created yet:
  •  <ABM: Menu Settings/ Organization Settings / 30px Device Management Settings / 30px] Add MDM server
  •  ABM: MDM Server Name Unique name
  •  ABM: MDM Server Settings Select File: Upload the .*.pem file previously downloaded from the Securepoint Mobile Security Portal and Secure
  •  <ABM: Selection of the corresponding MDM Server 30px ttt-point-mdm-Server-123456.sms
  •  <ABM: Download the dep token ABM Token Icon.PNG Load token (*.p7m file) in the Apple Business Manager or Apple School Manager in the menu

3. upload the *.p7m file in the dial window opened under point 1 in the Securepoint Mobile Security Portal. Finish with  Done

DEP-Tokens do not have an expiry date and do not have to be renewed

Multi-client solution

If a multi-client solution is to be implemented, this is possible as follows:

Example scenario:
A school board with one Apple Schoolmanager account and several schools.

  • In the Reseller Portal in the menu  Customers create a customer for each client (in the example: for each school).
  • Create a licence for each client via the button   in the column Actions (product: Mobile Security )
  • In Apple Schoolmanager (or Apple Busines Manager) under Locations create a separate location for each school/client
  • An Account with the function Content Manager must be registered for each location in the ABM / ASM so that each client / school can obtain its own licences.
  • Add a 30px for each school / client. Add MDM server
  • Then establish the connection between Securepoint Mobile Security Portal customer and the respective location in Apple School Manager or Apple Business Manager as described above.


Problem / Error message Cause Solution
DEP token has become invalid
  • The account of the Aple Business Manager or Apple School Manager user who created the token is locked or deleted.
  • The ABM/ASM user who created the token has changed his/her password
Renew DEP token with a valid account
Message when logging in to https://portal.securepoint.cloud :
Check your Apple business account
We retrieved an error while fetching your data from Apple
This could happen due to updated software license agreements.
Please check your apple business account, for further information.
Apple has changed its T&Cs. Login to Apple Business Manager or Apple School Manager and confirm the new terms and conditions.