Skip to main content
This guide requires Jamf Pro. Jamf Now and Jamf School have different script deployment capabilities.

Prerequisites

  • Jamf Pro admin access
  • Enrollment key from Runlayer
Enrollment keys allow devices to automatically register with Runlayer and obtain API credentials.Enrollment Keys List
1

Navigate to Enrollment Keys

Go to Settings in the Runlayer dashboard and select the Enrollment Keys tab
2

Create a New Key

Click + Create Enrollment KeyCreate Enrollment Key
3

Configure the Key

  • Name (required): Enter a descriptive name (e.g., “Production MDM”)
  • Description (optional): Add context about the key’s purpose
4

Copy the Key

Copy the generated key (starts with rl_enroll_) and store it securelyEnrollment Key Created
Enrollment keys are shown only once. Store them securely and treat them like passwords.

Deployment Steps

1

Generate the Script

Fill in your settings below to generate a deployment script.
  • ENROLLMENT_USERNAME: Jamf variable for user identity (e.g., $EMAIL). Leave empty to use the device username.
  • ENROLLMENT_DEVICE_NAME: Jamf variable for device name (e.g., $COMPUTERNAME, $SERIALNUMBER). Leave empty to use the computer name.
2

Upload to Jamf Pro

  • Navigate to Settings > Computer Management > Scripts
  • Click New, paste the generated script
  • Set Priority to “After”
  • Save
3

Create a Policy

  • Navigate to Computers > Policies > New
  • Scripts: Add your uploaded script
  • Scope: Select target computers or groups
  • Trigger: Recurring Check-in, Login, or Enrollment Complete
  • Frequency: Ongoing
  • Save to deploy

Verification

Open a client application (e.g., Cursor) on a target device and confirm the synced MCP servers appear. Check policy execution status in Jamf Pro. If something went wrong, check /var/log/runlayer-sync.log on the device.