--- title: "Profiles: Santa Configuration - Santa Docs" description: "Profiles: Santa Configuration - Open source binary authorization for macOS. Configure, deploy, and extend the agent that powers Workshop." doc_version: "1" last_updated: "2026-05-22" canonical: "https://northpole.security/docs/santa/deployment/profile-configuration" --- # Profiles: Santa Configuration Santa has *many* configuration options controlling its behavior. The configuration is expected to be deployed as a macOS [configuration profile](https://developer.apple.com/business/documentation/Configuration-Profile-Reference.pdf) by an MDM. ## Generating the profile As Santa’s profile is not part of macOS, there is no built-in support in any MDM and you will instead need to deploy the configuration as a “Custom Profile”. The full set of configuration options is detailed on the [Configuration: Keys](https://northpole.security/docs/santa/configuration/keys) page and you can generate a profile using the [Configuration: Generator](https://northpole.security/docs/santa/configuration/generator) page. Once you have the completed profile, you can upload or paste it into your MDM’s configuration page for deployment. The details of how to do this differ between MDM vendors so you may need to refer to your MDM documentation for assistance. ## Example profile Below is an example configuration profile that includes a *subset* of the keys available. ``` PayloadContent ClientMode 1 EnableSilentMode EventDetailText Open sync server EventDetailURL https://sync-server-hostname/blockables/%file_sha% FileChangesRegex ^/(?!(?:private/tmp|Library/(?:Caches|Managed Installs/Logs|(?:Managed )?Preferences))/) MachineIDKey MachineUUID MachineIDPlist /Library/Preferences/com.company.machine-mapping.plist MachineOwnerKey Owner MachineOwnerPlist /Library/Preferences/com.company.machine-mapping.plist ModeNotificationLockdown Entering Lockdown mode ModeNotificationMonitor Entering Monitor mode<br/>Please be careful! MoreInfoURL https://sync-server-hostname/moreinfo StaticRules identifier ZMCG7MLDV9 policy ALLOWLIST rule_type TEAMID identifier b7c1e3fd640c5f211c89b02c2c6122f78ce322aa5c56eb0bb54bc422a8f8b670 policy BLOCKLIST rule_type BINARY SyncBaseURL https://sync-server-hostname/api/santa/ PayloadDisplayName Santa Configuration PayloadIdentifier com.mycompany.santa.359E3C7D-396F-4C45-99E7-F429620B9B21 PayloadType com.northpolesec.santa PayloadVersion 1 PayloadDescription Manages Santa's configuration PayloadDisplayName Santa: Configuration PayloadIdentifier com.mycompany.santa PayloadOrganization My Company PayloadRemovalDisallowed PayloadScope System PayloadType Configuration PayloadUUID AFA02DE3-ACA6-49C4-9980-A3664E22E446 PayloadVersion 1 ``` ## Sitemap - [Home](https://northpole.security/index.md) - [Workshop](https://northpole.security/workshop.md) - [Santa](https://northpole.security/santa.md) - [Features](https://northpole.security/features.md) - [Cookbook](https://northpole.security/cookbook.md) - [Docs](https://northpole.security/docs.md) - [Blog](https://northpole.security/blog.md) - [Glossary](https://northpole.security/glossary.md) - [About](https://northpole.security/about.md) - [Contact](https://northpole.security/contact.md)