DNS Proxy MDM payload settings for Apple devices
You can configure DNS Proxy settings for users of an iPhone, iPad, Shared iPad, Mac, or Apple Vision Pro enrolled in a mobile device management (MDM) solution. Use the DNS Proxy payload to specify the app providing the DNS proxy network extension and any vendor-specific values.
Note: Multiple DNS proxies can be used, but per-app and system wide proxies can’t be combined.
The DNS Proxy payload supports the following. For more information, see Payload information.
Supported installation method: Requires an MDM solution to install.
Supported payload identifier: com.apple.dnsProxy.managed
Supported operating systems and channels: iOS, iPadOS, Shared iPad device, macOS device, visionOS 1.1.
Supported enrollment methods: Automated Device Enrollment.
Duplicates allowed: True—more than one DNS Proxy payload can be delivered to a device.
You can use the settings in the table below with the DNS Proxy payload.
Setting | Description | Required | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
App bundle ID | The app that contains the DNS proxy information by their bundle ID. | Yes | |||||||||
DNS Proxy UUID iOS 16 or later iPadOS 16.1 or later | A globally unique identifier for this DNS proxy configuration. Managed Apps with the same DNS Proxy UUID in their app attributes have their DNS lookups traffic processed by the proxy. | No | |||||||||
Provider bundle ID | The DNS proxy extension bundle ID. | No | |||||||||
Provider configuration | If a DNS provider or network vendor has a specific configuration file, you can either upload it or enter the keys manually. | No | |||||||||
Note: Each MDM vendor implements these settings differently. To learn how various DNS Proxy settings are applied to your devices, consult your MDM vendor’s documentation.