A trust boundary that is narrow enough to explain clearly.
Veridominus is designed so administrators can understand where credentials live, where Jamf traffic goes, what the app stores locally, and which permissions specific workflows require.
What the product actually does
Security claims should stay aligned with the architecture the product really uses.
Application model
Veridominus is a native macOS application. Normal product operation does not require a Veridominus cloud service or hosted data-processing path.
Credential handling
Jamf API credentials are stored in the macOS Keychain. Tokens are used during the session and are not written to plain-text local configuration files.
Network path
API traffic goes directly from the app to your Jamf Pro environment over HTTPS. TLS validation uses the macOS trust store. There is no in-app trust bypass.
Telemetry posture
No analytics SDK, no advertising framework, and no telemetry pipeline are part of normal product operation.
Operational security notes
Credentials in Keychain
Jamf API client credentials are stored in the macOS Keychain. Tokens are session data, not plain-text config files.
TLS uses the macOS trust store
The app relies on standard macOS trust evaluation. Internal or self-signed deployments require the issuing CA to be trusted by macOS.
No telemetry or analytics
There is no analytics SDK or usage telemetry pipeline in normal product operation.
Feature permissions are explicit
Veridominus is read-first. Higher-impact workflows such as script saves or MDM command submission rely on the Jamf permissions you grant to the API client.
Required Jamf API permissions
Least privilege still applies. Veridominus is designed so most workflows stay read-only. Use the dedicated permissions reference for the full workflow matrix.
| Permission class | Used for |
|---|---|
| Read baseline | Computers, policies, scripts, computer groups, extension attributes, and macOS configuration profiles for the core review workflows |
| Extended read | Patch Management, Push Certificates, Computer History, Packages, LAPS, and mobile-device surfaces where you use those workflows |
| Write only when needed | Send Computer Remote Commands for Fleet Commander and Device Lookup, or Update Scripts for Script Library save-back |
macOS permissions and entitlements
The app is sandboxed. Local permissions are limited and tied to explicit operator actions.
Notifications
Optional local notifications are used for push certificate expiry and Ghost Hunter alerts.
User-selected file access
Export and save workflows use standard macOS file panels and only access locations you choose.
Network client access
The app can make outbound HTTPS requests to Jamf Pro and optional Apple release feeds used by Apple Updates.
What this page does not claim
Responsible disclosure
For product security issues, email security@veridominus.com. Include reproduction detail, impact, affected versions, and any relevant logs or screenshots with secrets removed.