Skip to main content

Connect Kandji to Anzenna

Integrate Anzenna with Kandji to monitor Mac, iPhone, and iPad device management, security posture, and compliance.

Prerequisites

  • Kandji administrator access
  • Anzenna account
  • Ability to create API tokens in Kandji

Overview

The integration provides:

  • Device inventory and status
  • Security compliance monitoring
  • Prism threat data visibility
  • Application inventory
  • Optional: Remote remediation

Step-by-Step Instructions

Part 1: Log into Kandji

  1. Navigate to your Kandji portal

  2. Click Continue with Google (or your authentication method)

  3. Complete authentication

Part 2: Create API Token

  1. Once logged in, click Settings (gear icon)

  2. Select Access from the settings menu

  3. Click Add Token

  4. Enter token details:

    • Name:Anzenna
    • Description: Integration with Anzenna for security monitoring
  5. Click Create Token

Part 3: Configure Token Scopes

  1. Review the security warning about API token access

  2. Check the acknowledgment box

  3. Click Next

Part 4: Select Required Scopes

Grant the following required scopes:

Device Information:

  • Device Details
  • Device List

Application Data:

  • Application Information

Prism Security:

  • Prism Data Access

Optional - For Remediation:

  • Device Actions
  • Script Execution
  • Policy Management
  1. Click Save to create the token

Part 5: Copy API Token

  1. Copy the API token immediately after creation

Save Token

The API token is only displayed once. Store it in a secure password manager.

Part 6: Get API URL

  1. While in Kandji settings, note your API URL

Format: https://your-instance.api.kandji.io

Finding API URL

The API URL is typically shown in the API documentation or token creation screen. It uses your Kandji subdomain.

Part 7: Connect in Anzenna

  1. Log into Anzenna at

    app.anzenna.ai

  2. Navigate to Settings > Integrations

  3. Find the Kandji integration card

  4. Toggle the switch to enable the integration

  5. Paste the API token into the Token field

  6. Enter your API URL:

    https://your-instance.api.kandji.io
  7. Click Save to establish the connection

  8. Verify status shows Connected

Verification

  1. Check integration shows Connected in Anzenna

  2. Wait 15-30 minutes for initial sync
  3. Navigate to Devices dashboard

  4. Verify Kandji-managed devices appear
  5. Check security posture data is visible

What Data is Collected

Device Inventory

  • Mac computers
  • iPhones and iPads
  • Serial numbers
  • Model information
  • OS versions

Device Status

  • Online/offline status
  • Last check-in time
  • Enrollment status
  • MDM profile status

Security Posture (Prism)

  • Malware detections
  • Suspicious processes
  • Security threats
  • Compliance violations

Applications

  • Installed applications
  • Application versions
  • Managed vs unmanaged apps
  • License information

Compliance Data

  • Policy compliance status
  • Configuration profiles
  • Security settings
  • Certificate status

Prism Integration

Kandji Prism provides advanced threat detection:

  • Real-time threat monitoring
  • Behavioral analysis
  • Process monitoring
  • Network activity tracking
  • Automated threat response

Anzenna collects Prism data to:

  • Correlate threats across systems
  • Identify patterns
  • Enhance detection accuracy
  • Provide unified security view

Remediation Capabilities

With remediation scopes enabled:

  • Remote lock - Secure lost/stolen devices

  • Remote wipe - Erase device data

  • Execute scripts - Run custom remediation

  • Install applications - Deploy security tools

  • Update policies - Apply configuration changes

Troubleshooting

Connection Fails

Unable to establish connection:

  • Verify API token copied correctly (no extra spaces or line breaks)

  • Check API URL format matches your Kandji subdomain exactly

  • Ensure token hasn't been revoked in Kandji
  • Confirm token has all required scopes (Device List minimum)

  • Try generating a new API token if connection repeatedly fails

  • Check network connectivity between Anzenna and Kandji

No Data Appearing

Devices or inventory not syncing to Anzenna:

  • Wait 30 minutes for initial sync to complete

  • Verify devices are enrolled in Kandji and actively managed

  • Check token has Device List scope enabled
  • Ensure devices have checked in to Kandji recently

  • Review device enrollment status in Kandji dashboard

  • Check for any sync errors in Anzenna logs
  • Verify devices are not in a "pending" enrollment state

Prism Data Missing

Threat detection data not available:

  • Verify Prism Data Access scope is granted to your API token

  • Check that Prism is enabled for your Kandji instance

  • Ensure target devices have Prism agent installed

  • Wait for Prism data collection cycle (can take 1-2 hours)

  • Confirm devices are online and communicating with Kandji

  • Check Prism configuration in Kandji settings

Token Expires or Becomes Invalid

Authentication errors after initial setup:

  • Tokens don't expire by default in Kandji, but can be revoked

  • If token was revoked, create a new token with same scopes

  • Update the token in Anzenna immediately
  • Test connection after updating credentials
  • Verify no one has modified API token settings in Kandji

  • Check token hasn't been accidentally deleted

Security Considerations

  • API token security - Store in password manager

  • Scope limitation - Only grant necessary permissions

  • Read-only default - Remediation requires explicit scopes

  • Audit logging - All API access logged in Kandji

  • Token rotation - Consider annual rotation

Best Practices

  1. Minimal scopes - Start with read-only access

  2. Document token - Record where stored and granted scopes

  3. Monitor initially - Watch for errors in first 48 hours

  4. Test remediation - Verify in sandbox before production

  5. Regular audits - Review token access quarterly

  6. Prism enablement - Ensure Prism deployed to all devices

  7. API URL verification - Confirm matches your instance

Integration Maintenance

Regular Checks

Perform monthly:

  • Verify connection active
  • Check data freshness
  • Review sync timestamps
  • Test sample queries

Token Management

Best practices:

  • Store securely in vault
  • Document scopes granted
  • Set calendar reminder for annual review
  • Have rollback plan for token changes

Kandji Updates

After Kandji platform updates:

  • Test API connectivity
  • Verify data still syncing
  • Check for new available scopes
  • Update documentation if needed

API Rate Limits

Kandji enforces API rate limits:

  • Monitor usage in Kandji admin
  • Anzenna automatically handles throttling
  • Contact Kandji support if limits are reached

  • Consider upgrading plan for higher limits

Need help? Contact

Anzenna Support

for assistance.