Mac Installer

Supports MacOS 13, 14, and 15

Download the macOS Installation Package

The dope.endpoint runs on both Apple Intel and Apple Silicon Native (M1, M2 etc).

To download the macOS installation package, log in to the dope.console, and click the download button in the top right:

This page explains installations where MDM has not been configured. To configure MDM, see Installing using MDM on Mac.

Install the package on your device

After downloading the installer, extract the ZIP (dope_security_mac_<build number>.zip). It contains three files:

  • dope_security_<build number>.pkg — The dope.endpoint installer.

  • dope.security.root.crt — The dope.security Root CA, required for SSL inspection.

  • agent_parameters.json — Tenant-specific data required for the installation process.

All three files must be in the same directory or the installation will FAIL

Double click on the PKG file to launch the Installer:

Click Continue. A new screen will appear:

There will be a prompt to allow the dope.security Root CA to be installed:

Manually approve the extension

Once these steps are complete a dope.security icon can be seen in the macOS menu bar .

This dialogue could be hidden due to MDM, if so

MacOS 15: manually approve in: System Settings -> General -> Login Items & Extensions

MacOS 14: manually approve in Privacy & Security

Remember, to remove manual approvals you must add an MDM profile

The final prompts allow the dope.security application exstension to run. You should see a prompt to open settings:

Without MDM, MacOS requires manual approvals

Open the security preferences dialog box.

On MacOS 14 and lower, you will see the following:

System Settings Dialog in MacOS 14 "requires attention"

On MacOS 15, this will open a different area with similar manual approval:

Toggle to allow DopeSecurityApp to run:

Finally, you will be prompted with a warning that the dope app will filter web traffic, again select to allow.

If you accidentally clicked Don't Allow, re-prompt the message by Option ⌥ + click the DS icon in the menu bar, and clicking Quit. It will re-open and prompt you again.

Allow DopeSecurityApp to filter traffic

Prompts do not appear on devices that have the dope MDM profile installed. On these deployments, the experience is completely invisible to the end-user.

If endpoint authentication has been enabled (See Users), the user will be required to authenticate with M365 or Google credentials.

PreviousInstalling using Intune on WinNextInstallation Process - Silent

Last updated