Not sure if declarative management is enabled

I am sending DeclarativeManagement with the MDM command, but it seems that it is not valid even if I send it to declaration-items What can you think of?

iOS 16

MDM Command

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Command</key>
<dict>
<key>Data</key>
<data>
eyJTeW5jVG9rZW5zIjp7IlRpbWVzdGFtcCI6IjIwMjMtMTAtMThUMTE6MDY6MDJaIiwi
RGVjbGFyYXRpb25zVG9rZW4iOiJiNjU0NDAyN2EzMTVjZDAwODVkNGNmMDgxNzQ2MjRj
MmQxNDI0NDQ4MDQzMGE4N2IxNzZhMjcyN2U3MzY2MDA5In19
</data>
<key>RequestType</key>
<string>DeclarativeManagement</string>
</dict>
<key>CommandUUID</key>
<string>3398d0c0-8b36-4647-86ab-6a63f26d1576</string>
<key>UDID</key>
<string>XXXXXXX-ZZZZZZZZZZZZZz</string>
</dict>
</plist>

declaration-items Rersponse(json)

{
  "DeclarationsToken": "1429e356-c51a-42a3-aff2-22963df30202",
  "Declarations": {
    "Assets": [

    ],
    "Management": [
      {
        "Type": "com.apple.management.organization-info",
        "Identifier": "e07d18d6-4ec6-432a-b474-9b8816d029a2",
        "ServerToken": "4922d69c-c231-426d-9598-c3acb612069e",
        "Payload": {
          "Email": "email@example.com",
          "Name": "Acme Inc",
          "URL": "https://www.example.com"
        }
      }
    ],
    "Configurations": [
      {
        "Type": "com.apple.configuration.legacy",
        "Identifier": "84fe24b1-ac21-4a29-b279-70f715b3ac82",
        "ServerToken": "0283b145-5791-4d7a-8a8e-7690e3a6db98",
        "Payload": {
          "ProfileURL": "https://gist.githubusercontent.com/jessepeterson/5a633f627bfc23f74153add89aee07f1/raw/f27458e05fd01b8ff9e7872a54aa2d543131afaa/cert-profile.mobileconfig"
        }
      },
      {
        "Type": "com.apple.configuration.passcode.settings",
        "Identifier": "1f0ce810-6c6b-4021-86ae-2844396e58f8",
        "ServerToken": "791e16ff-2011-4468-a201-de531d0c2326",
        "Payload": {
          "RequirePasscode": true,
          "RequireComplexPasscode": false,
          "RequireAlphanumericPasscode": false
        }
      },
      {
        "Type": "com.apple.configuration.management.status-subscriptions",
        "Identifier": "004b8c95-3500-4ac8-9480-54311a462929",
        "ServerToken": "888a4935-ef8d-4286-8c39-776fd8675f57",
        "Payload": {
          "StatusItems": [
            {
              "Name": "device.identifier.serial-number"
            },
            {
              "Name": "device.identifier.udid"
            },
            {
              "Name": "device.model.family"
            },
            {
              "Name": "device.model.identifier"
            },
            {
              "Name": "device.model.marketing-name"
            },
            {
              "Name": "device.operating-system.build-version"
            },
            {
              "Name": "device.operating-system.family"
            },
            {
              "Name": "device.operating-system.marketing-name"
            },
            {
              "Name": "device.operating-system.supplemental.build-version"
            },
            {
              "Name": "device.operating-system.supplemental.extra-version"
            },
            {
              "Name": "device.operating-system.version"
            },
            {
              "Name": "mdm.app"
            },
            {
              "Name": "passcode.is-compliant"
            },
            {
              "Name": "passcode.is-present"
            },
            {
              "Name": "test.array-value"
            },
            {
              "Name": "test.boolean-value"
            },
            {
              "Name": "test.dictionary-value"
            },
            {
              "Name": "test.error-value"
            },
            {
              "Name": "test.integer-value"
            },
            {
              "Name": "test.real-value"
            },
            {
              "Name": "test.string-value"
            }
          ]
        }
      }
    ],
    "Activations": [
      {
        "Type": "com.apple.activation.simple",
        "Identifier": "90cb68bc-c37d-40cc-8cef-b462947329b2",
        "ServerToken": "26985dc4-b0a0-43ef-afae-6ad3e89d5b9d",
        "Payload": {
          "StandardConfigurations": [
            "e07d18d6-4ec6-432a-b474-9b8816d029a2",
            "84fe24b1-ac21-4a29-b279-70f715b3ac82",
            "1f0ce810-6c6b-4021-86ae-2844396e58f8",
            "004b8c95-3500-4ac8-9480-54311a462929"
          ]
        }
      }
    ]
  }
}
Up vote post of shigeharu_matsumoto Down vote post of shigeharu_matsumoto
364 views
Posted by
shigeharu_matsumoto
Reply
Add a Comment

Accepted Reply

The declaration items response is wrong. That response is only a "manifest" of the declarations. The manifest is just lists of declaration Identifier and ServerToken values. The device then uses that to determine which declarations actually need to be fetched (ones that are new or updated), and there are separate individual requests to fetch each of those.

{
  "Declarations": {
    "Activations": [
      {
        "Identifier": "9FB8AB00-87D3-402E-A78A-E1BCD6C3C4A1",
        "ServerToken": "5DDAF91B-5EE5-48AC-97B7-BEC1B5DFAD50"
      },
      {
        "Identifier": "33704A61-B8C3-45DD-800B-4BB6CB1B5D2B",
        "ServerToken": "47E8014F-B498-4563-A453-F14A3C91E4DD"
      }
    ],
    "Configurations": [
      {
        "Identifier": "A4B9AC6A-2091-4697-B688-366F5C0A96A2",
        "ServerToken": "D4870F36-BD74-4C2A-BF40-FFFF1DE41B0A"
      },
      {
        "Identifier": "3FC3C4CD-FF0E-437B-88B7-5A112E956302",
        "ServerToken": "D9B9FC7A-FFC5-4FCB-8B5A-86F12E5202CC"
      }
    ],
    "Assets": [],
    "Management": [
      {
        "Identifier": "09284283-AE6E-4AA7-8363-6DF6A1CD9E9C",
        "ServerToken": "1b32bedcaa52c1561367cd2b0a5bba0d2f20bd059ba70a0517495efb73aff926"
      },
      {
        "Identifier": "DDAE7DB0-476F-4783-AA07-9DE4717B1EB9",
        "ServerToken": "c2727e88b1b544704789a9bdefcd6d5b5cfcea57ca4bf82d786232e79a94c511"
      }
    ]
  },
  "DeclarationsToken": "6659eaeff527d3677b0d27c40de51e2d9831eaf395a8fad90049b9a97b70da96"
}
Posted by
Systems Engineer
Up vote reply of Systems Engineer Down vote reply of Systems Engineer
Post marked as solved
Add a Comment

Replies

The declaration items response is wrong. That response is only a "manifest" of the declarations. The manifest is just lists of declaration Identifier and ServerToken values. The device then uses that to determine which declarations actually need to be fetched (ones that are new or updated), and there are separate individual requests to fetch each of those.

{
  "Declarations": {
    "Activations": [
      {
        "Identifier": "9FB8AB00-87D3-402E-A78A-E1BCD6C3C4A1",
        "ServerToken": "5DDAF91B-5EE5-48AC-97B7-BEC1B5DFAD50"
      },
      {
        "Identifier": "33704A61-B8C3-45DD-800B-4BB6CB1B5D2B",
        "ServerToken": "47E8014F-B498-4563-A453-F14A3C91E4DD"
      }
    ],
    "Configurations": [
      {
        "Identifier": "A4B9AC6A-2091-4697-B688-366F5C0A96A2",
        "ServerToken": "D4870F36-BD74-4C2A-BF40-FFFF1DE41B0A"
      },
      {
        "Identifier": "3FC3C4CD-FF0E-437B-88B7-5A112E956302",
        "ServerToken": "D9B9FC7A-FFC5-4FCB-8B5A-86F12E5202CC"
      }
    ],
    "Assets": [],
    "Management": [
      {
        "Identifier": "09284283-AE6E-4AA7-8363-6DF6A1CD9E9C",
        "ServerToken": "1b32bedcaa52c1561367cd2b0a5bba0d2f20bd059ba70a0517495efb73aff926"
      },
      {
        "Identifier": "DDAE7DB0-476F-4783-AA07-9DE4717B1EB9",
        "ServerToken": "c2727e88b1b544704789a9bdefcd6d5b5cfcea57ca4bf82d786232e79a94c511"
      }
    ]
  },
  "DeclarationsToken": "6659eaeff527d3677b0d27c40de51e2d9831eaf395a8fad90049b9a97b70da96"
}
Posted by
Systems Engineer
Up vote reply of Systems Engineer Down vote reply of Systems Engineer
Post marked as solved
Add a Comment

I see, declaration-items only needs to return a set of Identifier and ServerToken, and then sends a payload for each requested parameter. I will check it.

Posted by
shigeharu_matsumoto
Up vote reply of shigeharu_matsumoto Down vote reply of shigeharu_matsumoto
Add a Comment