Explore the full catalogue of Apple Mobile Device Management (MDM) and Declarative Device Management (DDM) policies for macOS and iOS. Use the interactive explorer to search, filter, and reference policy keys for use with Microsoft Intune, Jamf, or any standards-compliant MDM solution.
The payload that configures mobile accounts on the device.
| Setting | Type | Required | Default | Manual Install | Supported OS |
|---|---|---|---|---|---|
com.apple.cachedaccounts.CreateAtLogin com.apple.cachedaccounts.CreateAtLogin If `true`, the system creates the mobile account at login time. | boolean | optional | false | ✓Yes | macOS (10.7+) |
com.apple.cachedaccounts.WarnOnCreate com.apple.cachedaccounts.WarnOnCreate If `true`, the system asks the user whether to create the mobile account and it allows the user to not create it. | boolean | optional | false | ✓Yes | macOS (10.7+) |
cachedaccounts.WarnOnCreate.allowNever cachedaccounts.WarnOnCreate.allowNever If `true`, the system allows the user to stop the prompts about mobile account creation every time the user logs in. This key is only valid if `com.apple.cachedaccounts.WarnOnCreate` is `true`. | boolean | optional | false | ✓Yes | macOS (10.7+) |
cachedaccounts.expiry.delete.disusedSeconds cachedaccounts.expiry.delete.disusedSeconds The minimum number of seconds a mobile account can exist before the system makes an automatic attempt to remove the mobile account. Set to `0` to attempt removing it at the next login or logout. Set to `-1` to never attempt removing the mobile account. | integer | optional | -1 | ✓Yes | macOS (10.7+) |
cachedaccounts.askForSecureTokenAuthBypass cachedaccounts.askForSecureTokenAuthBypass If `true`, the system bypasses the secure token authorization dialog. This dialog only appears on APFS volumes. | boolean | optional | false | ✓Yes | macOS (10.7+) |
