Documentation Index
Fetch the complete documentation index at: https://docs.runlayer.com/llms.txt
Use this file to discover all available pages before exploring further.
Prerequisites
- Iru/Kandji admin access
- Enforce deployment script and enrollment key from the Runlayer dashboard
- At least one Blueprint configured with enrolled devices
Deployment Steps
Get Deployment Artifacts
In the Runlayer dashboard, go to Settings → Shadow MCPs. Under the Enforce section, click Configure and select your MDM platform. This opens a setup dialog that auto-generates an enrollment key and renders the deployment script.
Add a Custom Script Library Item
- Navigate to the Library section in Iru/Kandji
- Click Add New → Custom Script → Add & Configure
- Provide a Name (e.g., “AI Watch Enforce”)
- Assign to your target Blueprint(s)
- Set Execution Frequency to Install once per device
- Paste the generated script into the script field
- Click Save
Verification
Verify in Runlayer
Navigate to Settings → Shadow MCPs and confirm your Enforce configuration card is active. View intercepted tool calls on the Shadow page.
Log Locations
| Platform | Log Location |
|---|---|
| macOS | /var/log/runlayer/ai_watch_enforce.log |
| macOS (fallback) | /tmp/runlayer-ai_watch_enforce.log |
The fallback log location is used when the primary path (
/var/log/runlayer/) cannot be written to due to permissions.Exit Codes
| Code | Meaning |
|---|---|
| 0 | Success |
| 1 | General failure (no user logged in, missing config, enrollment failed) |
| 2 | Network failure (cannot reach PyPI) |
| 3 | Installation failure (uv or CLI install failed, hooks install failed) |