This script follows the Implementing OAuth for the Apple School and Business Manager API to generate client assertion and access token.
You can refer to the official Apple documentation for further details on the OAuth implementation.
To run this script, you will need to generate the following credentials from the Apple Business or School Manager portal:
- PEM File: An EC private key (.pem file) used for JWT signing.
- Client ID & Team ID: These can be the same for your account.
- Key ID: A unique identifier for the key used in the ABM/ASM portal.
For detailed instructions on how to generate these credentials, refer to the Apple Support Guide for Apple School Manager and Apple Support Guide for Apple Business Manager
- OAuth Authentication: Uses JWT-based authentication to interact securely with the Apple API.
- Device Information Retrieval: Queries the assigned server for each device using device IDs.
- CSV Output: The fetched data is saved to a CSV file, including device ID, server name, server type, and timestamps.
- Log in to the Apple Business Manager or Apple School Manager portal.
- Follow the instructions in the OAuth implementation guide to create your PEM file, Client ID, Team ID, and Key ID.
- Create Text file containing a list of device IDs to query.
- Place your private key file (
cert.pem) in the same directory as the script. - The client assertion file (
client_assertion.json) will be auto-generated by the script if it doesn’t exist.
Ensure that you have Python 3.7+ installed, and install the required dependencies by running:
- requests
- authlib
- pycryptodome