LogoLogo
  • Introducing dope.swg
    • Changing the Rules...
    • Quick Start Guide
      • Create a dope.swg Account
      • Get Started with the dope.endpoint
      • Import User and Group Data
      • Create a dope.swg Web Policy
    • Mitre ATT&CK and Nist CSF
  • dope.console
    • Analytics
      • Overview dashboard
      • Policy View
      • Productivity
      • Shadow IT
      • Detail View
    • dope.swg Policy
      • Editing the Base Policy
      • Adding Policy Exceptions
      • Assigning a Block Page
      • Creating Custom Categories
      • URL Bypass List
      • Application Bypass List
      • Default Bypass List
      • Cloud Application Control (CAC)
        • Microsoft O365
        • Google
        • Box
        • Salesforce
        • Dropbox
        • Slack
        • WebEx
      • Custom Policy
      • Policy Assignment
      • Policy Inheritance and Customization
    • CASB Neural
      • Microsoft 365 - Authentication
      • Google - Authentication
      • CASB DLP
        • DLP Files Table
    • Endpoint Manager View
      • Searching the View
      • Filtering and Sorting the Endpoint View
      • Endpoint Count
      • Running Diagnostics
      • Disable Endpoint
    • Settings
      • General
      • Block Pages
      • Endpoints
      • Users
        • Importing from Google
        • Why not SAML & SCIM?
      • Audit Log
      • SIEM Integration
        • Category & Verdict Mappings
      • API Client Credentials
      • Billing Details
    • Notifications
      • SSL Errors
  • dope.endpoint
    • Trusted Process Names
    • Generate Diagnostics
    • Disable Endpoint
    • Installing using MDM on Mac
      • Using JAMF
      • Using Kandji
      • Using Intune
    • Installing using Intune on Win
    • Mac Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • Windows Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • dope.endpoint UI
      • Windows UI
      • macOS UI
    • Automatic Updates
  • Release Notes
  • DOPE.APIs
    • Public API Specification
Powered by GitBook
On this page
  • Download the macOS Installation Package
  • Install the package on your device
  • Manually approve the extension
  1. dope.endpoint

Mac Installer

Supports MacOS 13, 14, and 15

PreviousInstalling using Intune on WinNextInstallation Process - Silent

Last updated 6 months ago

Download the macOS Installation Package

The dope.endpoint runs on both Apple Intel and Apple Silicon Native (M1, M2 etc).

To download the macOS installation package, log in to the dope.console, and click the download button in the top right:

This page explains installations where MDM has not been configured. To configure MDM, see Installing using MDM on Mac.

Install the package on your device

After downloading the installer, extract the ZIP (dope_security_mac_<build number>.zip). It contains three files:

  • dope_security_<build number>.pkg — The dope.endpoint installer.

  • dope.security.root.crt — The dope.security Root CA, required for SSL inspection.

  • agent_parameters.json — Tenant-specific data required for the installation process.

All three files must be in the same directory or the installation will FAIL

Double click on the PKG file to launch the Installer:

Click Continue. A new screen will appear:

There will be a prompt to allow the dope.security Root CA to be installed:

Manually approve the extension

This dialogue could be hidden due to MDM, if so

MacOS 15: manually approve in: System Settings -> General -> Login Items & Extensions

MacOS 14: manually approve in Privacy & Security

The final prompts allow the dope.security application exstension to run. You should see a prompt to open settings:

Open the security preferences dialog box.

On MacOS 14 and lower, you will see the following:

On MacOS 15, this will open a different area with similar manual approval:

Toggle to allow DopeSecurityApp to run:

Finally, you will be prompted with a warning that the dope app will filter web traffic, again select to allow.

If you accidentally clicked Don't Allow, re-prompt the message by Option ⌥ + click the DS icon in the menu bar, and clicking Quit. It will re-open and prompt you again.

If endpoint authentication has been enabled (See Users), the user will be required to authenticate with M365 or Google credentials.

Once these steps are complete a dope.security icon can be seen in the macOS menu bar .

Remember, to remove manual approvals you must

Prompts do not appear on devices that have the installed. On these deployments, the experience is completely invisible to the end-user.

add an MDM profile
dope MDM profile
Without MDM, MacOS requires manual approvals
System Settings Dialog in MacOS 14 "requires attention"
Allow DopeSecurityApp to filter traffic