About Apple device supervision
Supervision generally denotes that the device is owned by the organization, which provides additional control over its configuration and restrictions. There are various ways that organizations can supervise devices; some types vary by platform.
Automated supervision by serial number recognition (all devices)
The following devices are supervised automatically when their serial numbers appear in Apple School Manager, Apple Business Manager, or Apple Business Essentials:
iPhone with iOS 13 or later
iPad with iPadOS 13.1 or later
Mac computers with macOS 10.14.4 or later
Apple TV with tvOS 13 or later
Apple Watch with watchOS 10 or later
The above devices must use Automated Device Enrollment to enroll in a linked MDM solution.
Mac-only supervision (macOS 11 or later)
Mac computers are also supervised if they:
Are using macOS 11 or later and are enrolled in MDM using profile-based or account-driven Device Enrollment or Automated Device Enrollment
Were upgraded to macOS 11 or later and the enrollment in MDM was approved by a local administrator account
Manual supervision using Apple Configurator (iPhone, iPad, and Apple TV)
You can also supervise iPhone, iPad, and Apple TV devices manually by using Apple Configurator for Mac. This requires that you have the device in your physical possession and that it be connected to a Mac using Apple Configurator. During this process, the device is erased and all data is lost. For more information, see Prepare an iPhone, iPad, or Apple TV manually in the Apple Configurator User Guide for Mac.
Supervision using the profiles command-line tool (Mac)
Mac computers enrolled in an assigned MDM solution whose serial numbers appear in Apple School Manager, Apple Business Manager, or Apple Business Essentials can have their supervision reset by using the profiles
command-line tool with one of these commands:
sudo profiles renew -type enrollment
profiles -N
In macOS 14, a full-screen experience is displayed instead of asking the user to enroll. The user can choose “Not now” once, which causes the screen to be dismissed for 8 hours. After the time expires, the user must perform the enrollment or erase their Mac. During this time, the user sees a follow-up option in System Settings to start the enrollment, even before the dismissal expires.
In macOS 13.5 or earlier, if the Mac isn’t connected to the internet during the initial configuration, users are notified every 2 hours that the Mac has available device enrollment settings. They can then optionally click the notification to begin the enrollment process into MDM. Enrollment into MDM requires an administrator user name and password. Or you can use the profiles
command to migrate a Mac computer from one MDM server to another, including respecting nonremovable MDM and regranting supervision, without erasing the Mac. Simply unenroll the Mac from the first MDM server, change its assignment in Apple School Manager, Apple Business Manager, or Apple Business Essentials, have the new MDM server assign Device Enrollment settings to the Mac, then execute the command and enroll when the user clicks the notification.
Mac computers using macOS 13 or later also limit the profiles
command-line tool to 10 of the following requests per 24 hours for devices owned by an organization that appear in Apple School Manager, Apple Business Manager, or Apple Business Essentials:
profiles show
profiles validate
profiles renew
For information on how to automatically supervise devices, see Automated Device Enrollment and MDM.
Identify whether an Apple device is supervised
iPhone and iPad: You can go to Settings > General > About and look for this line of text under the name of the device: “This [iPhone] [iPad] is supervised. [Organization name] can monitor your internet traffic and locate this device.”
Mac: You can go to System Settings > Privacy & Security > Profiles and look for this line at the top of the window: “This Mac is supervised and managed by [Organization name].”
Apple TV: You can go to Settings, then look under the image of the Apple TV on the left. If the device is supervised, look for this line: “This Apple TV is supervised, and [Organization name] can monitor the internet traffic on this device.”
Apple Watch: You can go to Settings in watchOS or open the Watch app on iOS and look for this line: “This Apple Watch is supervised and managed by [Organization name].”