Skip to main content
Veridominus logo
Veridominus
Getting Started

Install the app, connect Jamf Pro, and verify the trust boundary first.

Veridominus is a native macOS application sold through the Mac App Store. Setup is straightforward: install the app, create a Jamf API role and client, add a server profile, and verify the permissions needed for the workflows you plan to use.

macOS 14.0 or laterJamf Pro 10.35 or laterMac App Store billing

System requirements

  • macOS 14.0 or later
  • Jamf Pro 10.35 or later
  • An active Veridominus subscription or the 7-day free trial through the Mac App Store

1. Install Veridominus

Download Veridominus from the Mac App Store. There is no server component to deploy. Normal product operation is direct from your Mac to your Jamf Pro environment.

2. Create a Jamf API role and client

In Jamf Pro, go to Settings → System → API Roles and Clients. Create an API role with the permissions your team needs, then create an API client that uses that role.

  1. Create the API role first.
  2. Create the API client and attach the role.
  3. Copy the client ID and generate a client secret.

Authentication method

Veridominus uses Jamf API client credentials and bearer tokens. It does not use Jamf username and password authentication.

3. Add a server profile

When you open the app, add a Jamf server profile with:

  • A local profile name such as Production or Staging
  • Your Jamf Pro URL without a trailing slash
  • The client ID and client secret you created in Jamf

After save, Veridominus validates the session, restores any local state tied to that server, and then continues loading additional data in the background. The app does not use a blank window or misleading progress as a startup stand-in.

4. Verify permissions before wider rollout

Veridominus is read-first. Most review workflows do not require write privileges. Higher-impact actions such as MDM command submission or script save-back need additional permissions only if you plan to use them.

Use the dedicated Permissions Reference for the full Jamf API role matrix and local macOS permission notes.

Credential, token, and local data handling

  • Jamf API credentials are stored in the macOS Keychain.
  • Bearer tokens are obtained for the session and refreshed as needed.
  • Normal product operation does not require a Veridominus backend service.
  • TLS validation uses the macOS trust store.
  • Some local workflow state is stored on the Mac for caching, scan history, and follow-up tracking.

On-premise trust chains

If your Jamf environment uses an internal or self-signed trust chain, the issuing CA must already be trusted by macOS. Veridominus does not bypass TLS trust evaluation.

Optional local permissions

  • Notifications are optional. They are used for push certificate expiry and Ghost Hunter alerts.
  • User-selected file access is requested through standard macOS save panels when you export or save to a chosen location.

Multiple server profiles

Veridominus supports multiple Jamf server profiles. Server-scoped data such as local follow-up items and scan history remain separated by profile, which is useful for production, staging, and consultant workflows.

First connection troubleshooting

  • Use the full Jamf URL without a trailing slash.
  • Confirm that the API client is enabled in Jamf Pro.
  • Regenerate the client secret if the original value is no longer available.
  • Verify outbound HTTPS connectivity from the Mac to your Jamf Pro environment.
  • Check the local trust chain if the Jamf environment uses an internal CA.