About Apple device supervision
Supervision generally denotes that the device is owned by the organization, which provides additional control over its configuration and restrictions. There are various ways that organizations can supervise devices; some types vary by platform.
Automated Device Enrollment (all devices)
The following devices are supervised automatically when their serial numbers appear in Apple School Manager or Apple Business Manager and are enrolled in an MDM solution using Automated Device Enrollment:
iPhone with iOS 13 or later
iPad with iPadOS 13.1 or later
Mac computers with macOS 10.14.4 or later
Apple TV with tvOS 13 or later
Apple Watch with watchOS 10 or later
Mac-only supervision (macOS 11 or later)
Mac computers are also supervised if they:
Have macOS 11 or later and are enrolled in MDM using account-driven Device Enrollment, profile-based Device Enrollment, or Automated Device Enrollment
Were upgraded to macOS 11 or later and the enrollment in MDM was approved by a local administrator account
Manual supervision using Apple Configurator for iPhone, iPad, and Apple TV
You can also supervise iPhone, iPad, and Apple TV devices manually by using Apple Configurator for Mac. This requires that you have the device in your physical possession and that it be connected to a Mac using Apple Configurator. During this process, the device is erased and all data is lost. For more information, see Prepare an iPhone, iPad, or Apple TV manually in the Apple Configurator User Guide for Mac.
Supervision using the profiles command-line tool (Mac)
Mac computers enrolled in an assigned MDM solution whose serial numbers appear in Apple School Manager or Apple Business Manager can have their supervision reset by using the profiles command-line tool with one of these commands:
sudo profiles renew -type enrollmentprofiles -N
For a Mac with macOS 14 or later, a full-screen experience is displayed instead of asking the user to enroll. The user can choose “Not now” once, which causes the screen to be dismissed for 8 hours. After the time expires, the user must perform the enrollment or erase their Mac. During this time, the user sees a follow-up option in System Settings to start the enrollment, even before the dismissal expires.
For a Mac with macOS 13.5 or earlier, if the Mac isn’t connected to the internet during the initial configuration, users are notified every 2 hours that the Mac has available device enrollment settings. They can then optionally click the notification to begin the enrollment process into MDM. Enrollment into MDM requires an administrator user name and password. Or you can use the profiles command to migrate a Mac computer from one MDM server to another, including respecting nonremovable MDM and regranting supervision, without erasing the Mac. Simply unenroll the Mac from the first MDM server, change its assignment in Apple School Manager or Apple Business Manager, have the new MDM server assign Device Enrollment settings to the Mac, then execute the command and enroll when the user clicks the notification.
For a Mac with macOS 13 or later, macOS also limits the profiles command-line tool to 10 of the following requests per 24 hours for devices owned by an organization that appear in Apple School Manager or Apple Business Manager:
profiles showprofiles validateprofiles renew
For information on how to automatically supervise devices, see Automated Device Enrollment and MDM.
Identify whether an Apple device is supervised
iPhone and iPad: You can go to Settings and the text appears below the Search field, and above the Apple Account area: “This [iPhone] [iPad] is supervised. [Organization name] can monitor your internet traffic and locate this device.”
Mac: You can go to System Settings > General > Device Management and look for this line at the top of the window: “This Mac is supervised and managed by [Organization name].”
Apple TV: You can go to Settings, then look under the image of the Apple TV on the left. If the device is supervised, look for this line: “This Apple TV is supervised, and [Organization name] can monitor the internet traffic on this device.”
Apple Watch: You can go to Settings in watchOS or open the Watch app on iOS and look for this line: “This Apple Watch is supervised and managed by [Organization name].”