Deploying Enpass on macOS

This page covers how to install Enpass Password Manager on macOS endpoints, configure it for your organization, and deploy it at scale using a UEM/MDM platform.

Manual Installation

For unmanaged environments or individual installs, Enpass can be installed from two sources.

From the Mac App Store

1. Open the Enpass listing on the Mac App Store.

2. Click Get to download and install.

3. Click Open to launch the app.

From the Enpass Website

1. Download the macOS installer (.pkg) from enpass.io/downloads.

2. Double-click the downloaded .pkg file.

3. Follow the on-screen installation steps.

4. Click Launch to open the app.

App Configuration

Before deploying Enpass, administrators can pre-configure the application using a custom MDM configuration profile (.mobileconfig). This file sets the policy-enforced and policy-email keys, which are applied when the app is first launched on the user's device.

1. Download the base configuration file from here.

2. Open the file in a text editor.

3. Replace the placeholder value for policy-email with a dynamic variable mapped to the user's email address as defined in your UEM solution.

4. Set policy-enforced to true.

5. Save the file and upload it to your MDM as a custom configuration profile.

For a full description of all supported keys, see the App Configuration Keys Reference.

Deploying via UEM/MDM

For managed environments, deployment involves pushing the PKG installer and the configuration profile to target devices.

General steps for any UEM/MDM platform:

1. Upload the Enpass.pkg installer to your UEM as a macOS PKG application.

2. Set the minimum OS requirement to macOS Ventura 13.0.

3. Use the App bundle ID in.sinew.Enpass-Desktop.App for detection.

4. Upload the edited .mobileconfig as a custom configuration profile and assign it to the same groups as the app.

5. Ensure the configuration profile is pushed before or alongside the app installation.