Jamf Pro API – Manage macOS Software Updates

Using the Jamf Pro API to carry out management tasks can help to save time and effort by using a script to do those tasks. A script can also be re-used at any time that you would like to do the task again. In this example, we are going to show how we can send macOS updates to our endpoints.

The API endpoint that is used for managed software updates is https://jamfserver.jamfcloud.com/v1/macos-managed-software-updates

If you wanted to see what versions of updates are available on a specific computer, the following can be ran:

/usr/libexec/mdmclient availableOSUpdates

To use the API to distribute macOS Software Updates, use the following:

https://github.com/robjschroeder/Jamf-API-Scripts/blob/main/api-macOSManagedSoftwareUpdates

#!/bin/sh

# Use the Jamf Pro API to send macOS updates
# to computers listed in the deviceIds array
# identified by their id. maxDefferrals, 
# version, and updateAction can be changed 
# for your specific needs.
#
# Updated: 3.01.2022 @ Robjschroeder  

# Variables

# Add API credentials
username="apiUsername"
password="apiPassword"
URL="https://jamfserver.jamfcloud.com"

# Update settings

# Allow users to defer the update the provided number of 
# times before macOS forces the update. If a value is 
# provided, the Software Update will use the InstallLater install action.
maxDeferrals=""

# If no value is provided, the version will default to latest version based 
# on device eligibility.
version=""

# MaxDeferral is ignored if using the DownloadOnly install action.
# Options: DOWNLOAD_ONLY or DOWNLOAD_AND_INSTALL
updateAction=""

encodedCredentials=$( printf "${username}:${password}" | /usr/bin/iconv -t ISO-8859-1 | /usr/bin/base64 -i - )

# Generate an auth token
authToken=$( /usr/bin/curl "${URL}/uapi/auth/tokens" \
--silent \
--request POST \
--header "Authorization: Basic ${encodedCredentials}" )

# Parse authToken for token, omit expiration
token=$( /usr/bin/awk -F \" '{ print $4 }' <<< "$authToken" | /usr/bin/xargs )

curl --request POST \
     --url ${URL}/api/v1/macos-managed-software-updates/send-updates \
     --header "Accept: application/json" \
     --header "Content-Type: application/json" \
     --header "Authorization: Bearer ${token}" \
     --data "
{
     "deviceIds": [
          "13",
          "14"
     ],
     "maxDeferrals": ${maxDeferrals},
     "version": "${version}",
     "updateAction": "${updateAction}"
}
"

exit 0

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: