# Mac Installer
### Download the macOS Installation Package
The dope.endpoint [universal installer](#user-content-fn-1)[^1] runs on both Apple Intel and Apple Silicon Native (M1, M2 etc).
To download the macOS installation package, log in to the dope.console, and click the download button in the top right:
{% hint style="warning" %}
This page explains installations where MDM has **not** been configured. To configure MDM, see [Installing using MDM on Mac](/dope.endpoint/installing-using-mdm-on-mac.md).
{% endhint %}
### Install the package on your device
After downloading the installer, extract the ZIP (***dope\_security\_mac\_\.zip).*** It contains three files:
* dope\_security\_\.pkg — The dope.endpoint installer.
* dope.security.root.crt — The dope.security Root CA, required for SSL inspection.
* agent\_parameters.json — Tenant-specific data required for the installation process.
{% hint style="warning" %}
All three files must be in the same directory or the installation will **FAIL**
{% endhint %}
Double click on the PKG file to launch the Installer:
Click Continue. A new screen will appear:
There will be a prompt to allow the dope.security Root CA to be installed:
### Manually approve the extension
Once these steps are complete a dope.security icon can be seen in the macOS menu bar .
{% hint style="info" %}
This dialogue could be hidden due to MDM, if so
MacOS 15: manually approve in: System Settings -> General -> Login Items & Extensions
MacOS 14: manually approve in Privacy & Security
Remember, to remove manual approvals you must [add an MDM profile](/dope.endpoint/installing-using-mdm-on-mac.md)
{% endhint %}
{% hint style="danger" %}
In MacOS 15, you must scroll down System Settings -> General -> Login Items & Extensions **all the way** to Extensions and find Network Extensions:\
\
\
\
Remember, to remove manual approvals you must [add an MDM profile](/dope.endpoint/installing-using-mdm-on-mac.md)
{% endhint %}
The final prompts allow the dope.security application exstension to run. You should see a prompt to open settings:
Without MDM, MacOS requires manual approvals
Open the security preferences dialog box.
On MacOS 14 and lower, you will see the following:
System Settings Dialog in MacOS 14 "requires attention"
On MacOS 15, this will open a different area with similar manual approval:
Toggle to allow DopeSecurityApp to run:
Finally, you will be prompted with a warning that the dope app will filter web traffic, again select to allow.
{% hint style="warning" %}
If you accidentally clicked **Don't Allow**, re-prompt the message by Option ⌥ + click the DS icon in the menu bar, and clicking **Quit.** It will re-open and prompt you again.
{% endhint %}
Allow DopeSecurityApp to filter traffic
{% hint style="info" %}
Prompts do not appear on devices that have the [dope MDM profile](/dope.endpoint/installing-using-mdm-on-mac.md) installed. On these deployments, the experience is completely invisible to the end-user.
{% endhint %}
If endpoint authentication has been enabled (See [Users](/dope.console/settings/users.md)), the user will be required to authenticate with M365 or Google credentials.
[^1]: Single installer Intel + Apple Silicon builds are known as Universal Installers
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://inflight.dope.security/dope.endpoint/mac-installer.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.