Jamf Pro MCP. Audit your entire Mac and mobile fleet from your agent.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Just plug in your AI agents and start using Vinkius.
Jamf Pro MCP Server connects your AI agent directly to the Jamf Pro API. It lets you audit and manage your entire Apple ecosystem.
You can list all managed computers and mobile devices, check user assignments, and inventory everything from installed apps to disk encryption status.
It's essential for automating IT operations and asset tracking across your Mac and iOS fleet.
What your AI agents can do
Get computer
Retrieves detailed information for a specific Mac, including its installed apps, disk encryption status, and user info.
Get mobile device
Retrieves detailed inventory and management data for a specific mobile device (iPhone/iPad).
List buildings
Lists all configured buildings within your Jamf Pro environment for site auditing.
The agent retrieves detailed information for one Mac, including its installed apps, disk encryption status, and current user.
The agent retrieves detailed inventory and security status for one mobile device.
The agent lists all configured buildings, departments, or management categories to map device distribution.
The agent lists all managed computers, all managed mobile devices, or all system users.
The agent lists all available software packages or all management scripts configured in Jamf Pro.
The agent finds connections between users and devices, or between devices and specific locations.
Ask AI about this MCP
Supported MCP Clients
Gemini Waiting for input…
Jamf Pro MCP Server: 10 Tools for Device & Asset Tracking
Run detailed audits on your Mac and mobile endpoints. This server gives your agent the tools to inventory assets, check compliance, and map organizational relationships within Jamf Pro.
019d75bcget computer
Retrieves detailed information for a specific Mac, including its installed apps, disk encryption status, and user info.
019d75bcget mobile device
Retrieves detailed inventory and management data for a specific mobile device (iPhone/iPad).
019d75bclist buildings
Lists all configured buildings within your Jamf Pro environment for site auditing.
019d75bclist categories
Lists all management categories defined in Jamf Pro, useful for navigating the management hierarchy.
019d75bclist computers
Lists all managed computers, providing names, IDs, and serial numbers for fleet-wide auditing.
019d75bclist departments
Lists all business departments configured in Jamf Pro, helping audit device distribution by unit.
019d75bclist mobile devices
Lists all managed mobile devices, providing names, IDs, and models for mobile fleet auditing.
019d75bclist packages
Lists all software packages (pkg, .dmg) available in Jamf Pro for deployment auditing.
019d75bclist scripts
Lists all management scripts stored in Jamf Pro, useful for auditing custom automation assets.
019d75bclist users
Lists all users in the system, mapping them to specific devices and organizational units.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Jamf Pro, then connect any of our 4,700+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 4,700+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
What you can do with this MCP connector
Your AI client hooks right into the Jamf Pro API with this server. You can audit and manage your whole Apple setup—Macs, iPhones, and iPads. It’s built for IT guys who need to automate device management and prove compliance without clicking through the web console.
Inventorying Devices and Users
You can list every managed computer using list_computers, getting names, IDs, and serial numbers for your whole Mac fleet. Similarly, list_mobile_devices gives you a list of all managed iPhones and iPads, showing names, IDs, and models. list_users shows you every user in the system, mapping them to specific devices and organizational units.
You can also check out how your organization is structured by listing all configured buildings with list_buildings, or mapping devices by business department using list_departments, or checking management categories with list_categories.
Deep Device Audits
Need to check a specific machine? You run get_computer to pull detailed info for one Mac, including its installed apps, disk encryption status, and current user. For a mobile device, get_mobile_device pulls deep inventory and security status.
Software and Automation Review
To see what software's available, you run list_packages, which lists every software package (pkg, .dmg) in Jamf Pro for deployment auditing. If you need to audit custom automation, list_scripts shows you every management script stored in Jamf Pro.
Finding Connections
Your agent can find connections between users and devices, or between devices and specific locations. You can use list_computers and get_computer to get a full picture of a Mac's status, while get_mobile_device gives you the full rundown on a mobile asset. You can check out what's going on with your whole stack, from listing every device to seeing the specific software running on it.
How Jamf Pro MCP Works
- 1 First, your AI agent calls a listing tool (e.g.,
list_computers) to pull the full roster of assets needed for the audit. - 2 Next, the agent filters that roster using context (e.g., 'Show me devices in the London building').
- 3 Finally, the agent executes a detail tool (e.g.,
get_computer) on the selected asset ID to retrieve specific data points like encryption status or app list.
The bottom line is, you get a structured data dump of your entire Apple fleet, allowing your agent to run complex, multi-step audits that would take hours in the GUI.
Who Is Jamf Pro MCP For?
The ops engineer who's tired of clicking through dashboards at 2 am. This is for IT Operations and IT Security teams that need real-time, comprehensive audit data. If you spend time manually cross-referencing user accounts with device serial numbers, this saves you hours of tedium.
Uses list_computers and list_mobile_devices to build full asset reports, then runs get_computer to check disk encryption status for compliance.
Uses get_mobile_device and list_users to verify if specific mobile assets have the required security policies applied and who they belong to.
Uses list_departments and list_buildings to quickly map a reported device ID back to the correct physical location and business unit.
What Changes When You Connect
- See disk encryption status and installed apps for any Mac using
get_computer. This replaces manually running audit reports and gives you compliance data instantly. - Audit the entire mobile fleet by running
list_mobile_devicesand then drilling down on individual assets withget_mobile_deviceto check security status. - Map device distribution across your organization. Use
list_departmentsandlist_buildingsto answer questions like, 'How many Macs are in Accounting?' - Track software readiness.
list_packageslets you see every available software deployment package, which is critical before rolling out an application update. - Verify user ownership.
list_userslinks people to devices, whilelist_computersgives you the asset ID. You can combine these tools to build a full ownership report. - Automate compliance checks. By combining
list_scriptsandlist_packages, your agent can verify if the correct management scripts are available and ready to run.
Real-World Use Cases
A security audit requires knowing which devices are non-compliant.
The security admin needs a report on all Macs without disk encryption. They first call list_computers to get all IDs, then iterate through the list, calling get_computer for each one. The agent filters the results for 'disk encryption: False' and reports the full list of non-compliant assets.
The company is merging departments and needs to know the resource impact.
The IT manager uses list_departments and list_buildings to understand the current physical and organizational breakdown. They then cross-reference this data with list_computers to model which assets might need re-assignment or re-provisioning after the merger.
A new mobile policy needs to be rolled out to all employees.
The agent first runs list_mobile_devices to get all asset IDs. Then, using get_mobile_device, it checks the current OS version and security status of the entire fleet to confirm if every device meets the minimum standard before deployment.
A user leaves the company and needs their assets quickly accounted for.
The help desk agent uses list_users to identify the user's ID, then uses list_computers and list_mobile_devices to gather all associated asset IDs. They compile this into a handover report detailing all equipment that needs to be collected.
The Tradeoffs
Trying to get a full inventory by calling multiple listing tools.
The user runs list_computers to get Mac IDs, then runs list_mobile_devices to get phone IDs, and then runs list_users separately, forcing them to manually merge three separate CSV files.
→
Don't treat these as separate steps. Tell your agent to run list_computers and list_mobile_devices in sequence, then use the resulting IDs as context for a single summary report. This keeps the data structured and ready for analysis.
Asking for a specific piece of data without knowing the asset ID.
The user asks, 'What is the disk encryption status for Jane Doe's computer?' The agent can't answer because it needs a device ID first, forcing the user to search for the ID manually.
→
First, run list_users to find Jane Doe's ID. Then, use that ID to filter the results of list_computers to get the correct asset ID. Finally, run get_computer with that specific ID.
Overlooking the relationship between departments and assets.
The user only runs list_computers and gets a massive list of hardware. They don't know which department owns which machine, so the report is useless for planning a departmental shift.
→
Always start by running list_departments and list_buildings. Then, use the resulting structure to narrow your search when running list_computers to only include assets relevant to the target department.
When It Fits, When It Doesn't
Use this if your goal is comprehensive, cross-platform auditing. If you need to know the status of an asset (e.g., 'Is the Mac encrypted?'), you must use the detail tools (get_computer or get_mobile_device) after running a list tool. Don't assume the listing tools contain deep status data; they just give IDs and names. Don't use this if you just need to know the names of all available software packages; use list_packages directly. If you need to map user ownership to physical location, you must combine list_users, list_departments, and list_buildings in a single logical workflow. If the data you need is simple—like 'list all users'—just use the simple listing tools. This is an inventory server, not a CMDB updater.
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Jamf Pro. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This server provides 10 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.
Available Capabilities
Manually compiling a full inventory report takes hours.
Today, gathering a comprehensive view of your Mac fleet means jumping between the Jamf console, the user directory, and the asset management portal. You copy a list of serial numbers here, check the compliance tab there, and then copy the results into a spreadsheet to cross-reference ownership. It's slow, error-prone, and takes half a day.
With the Jamf Pro MCP Server, your agent handles that entire process in a single workflow. You ask for 'all unencrypted Macs in Accounting,' and the agent automatically calls `list_computers`, filters by department using `list_departments`, and then executes `get_computer` on the results. You get the clean, filtered data set instantly.
Jamf Pro MCP Server: Audit hardware and user distribution
The biggest time-saver is the ability to audit software and scripts. Instead of navigating to the 'Packages' section and manually checking every deployment status, your agent runs `list_packages` and `list_scripts` to give you a full manifest of what's ready for deployment.
This server doesn't just give you data; it lets you automate the discovery phase. You can verify that the necessary scripts are in place and the packages are ready before you even start the rollout. That's the difference between a manual checklist and automated proof.
Common Questions About Jamf Pro MCP
How do I use the get_computer tool to check encryption status? +
You pass the specific Mac ID or serial number to get_computer. The tool returns a detailed object containing the 'disk encryption status' field, telling you if it's compliant.
Can list_users help me map users to departments? +
Yes, list_users provides user details. To map them to departments, you must combine its output with list_departments and then cross-reference the user data to build a full organizational map.
Which tool should I use to see all available software deployments? +
Use list_packages. This tool pulls the manifest of all available software packages and their types (pkg, .dmg) from Jamf Pro.
What is the difference between list_computers and list_mobile_devices? +
Use list_computers for all Mac endpoints. Use list_mobile_devices for mobile assets like iPhones and iPads. Both return names, IDs, and models.
Can I audit a specific machine's apps using get_computer? +
Yes, get_computer includes a section listing installed applications, allowing you to audit if the required software is present on the Mac.
How can I use list_departments to analyze device ownership by business unit? +
The list_departments tool returns all configured departments. You can then cross-reference this list with the device data retrieved from list_computers or list_mobile_devices to map device distribution across your organizational structure.
What should I check if `get_mobile_device` returns an error? +
If get_mobile_device fails, check the device ID and ensure the asset is active in Jamf Pro. Errors often relate to incorrect identifiers or expired device records.
Can I use list_packages to find out what software is available for deployment? +
Yes, list_packages shows all available software packages (.pkg, .dmg) stored in Jamf Pro. This lets you audit exactly what software can be pushed out to your fleet.
How do I get Jamf Pro API credentials? +
You need to create an API user in your Jamf Pro console under Settings > User Accounts & Groups. Ensure the user has the necessary privileges for the data you want to access.
What is the instance domain? +
The domain is your Jamf Pro server URL (e.g., company.jamfcloud.com). You must provide this during setup.
Does it support the latest Jamf Pro API? +
Yes, this MCP uses the Jamf Pro API v1 with Bearer token authentication.
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
More in this category
BoxyHQ (Enterprise SSO)
Manage Enterprise SSO and Directory Sync (SCIM) via BoxyHQ — configure SAML/OIDC connections and automate user provisioning directly from your AI agent.
Azure Service Bus Queue
This MCP does exactly one thing: it pulls and acknowledges messages from a single Azure Service Bus Queue. That's its only function, and nothing else. Incredible for building secure AI workers.
Amazon S3 Bucket
Single-bucket object storage for AI agents — scoped access to one S3 bucket for secure, focused data operations.
You might also like
Pushover
Automate instant push notifications via Pushover — send messages, manage devices, and track delivery with AI.
Rev.com
Automate human-powered transcription via Rev.com — manage orders, captions, and file metadata with AI.
Smithsonian Open Access
Explore millions of museum records, images, and digital assets from the Smithsonian Institution's vast collections.