> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/monitors/extended-checks-in-mdm-tool-comms/iru-kandji-extended-checks-for-screen-lock-and-antivirus.md). # Iru (Kandji) – Extended Checks for Screen Lock and Antivirus ### **Overview** Sprinto’s enhanced integration with **Iru (Kandji)** now supports automated monitoring of two additional compliance checks: * **Screen lock** — Verifies that macOS devices automatically lock after a defined period of inactivity. * **Antivirus** — Detects the presence of recognised antivirus applications on staff devices. This enhancement enables real-time compliance tracking without manual evidence submissions. This article explains how to configure your Iru (Kandji) account to enable these new checks and how to ensure your API key permissions allow Sprinto to access the required data. ### **Prerequisites** Before enabling extended checks, ensure that: * You have admin access to your Iru (Kandji) account. * You can create or edit custom profiles in Iru (Kandji). * You have access to edit API token permissions. ### **Step 1 – Configure Screen Lock in Kandji** Sprinto requires a **Passcode** profile in Iru (Kandji) with the following settings: * **Require passcode** — Enabled * **Require Passcode After Sleep or Screen Saver Begins** — Set to **Immediately** * **Start Screen Saver After** — Set to **15 minutes or less** {% hint style="warning" %} #### **Important** Sprinto validates the Kandji screen lock check by looking for a library item named **`Screen Saver`**. If your screen lock policy is configured correctly in Kandji but is named differently, Sprinto will not detect it and the check will fail. To resolve this, rename the relevant Kandji library item to **`Screen Saver`**. {% endhint %} #### **To create a new Passcode profile:** 1. In Iru (Kandji), go to **Library** → **Add New**. 2. Search for and select **Passcode**. 3. Select **Add & Configure**. 4. Add a title, the name of the title should be **Screen Saver**. 5. Under **Install on Mac**, configure: * **Require passcode** — Enabled * **Require Passcode After Sleep or Screen Saver Begins** — Immediately * **Start Screen Saver After** — 15 minutes or less 6. Save the profile. #### **To modify an existing Passcode profile:** 1. In Iru (Kandji), go to **Library**. 2. Select the existing Passcode policy. 3. Select **Edit**. 4. Update the title to **Screen Saver**. 5. Ensure the following are configured: * **Require passcode** — Enabled * **Require Passcode After Sleep or Screen Saver Begins** — Immediately * **Start Screen Saver After** — 15 minutes or less 6. Save the changes. #### **Assign the Passcode profile to your blueprint:** 1. Go to **Blueprints**. 2. Select the blueprint used to monitor your devices. 3. Select **Edit Assignments**. 4. Drag the custom profile into the assignments. 5. Save the changes. ### **Step 2 – Update API Key Permissions in** Iru (Kandji) Sprinto requires the following **Device** API permissions to check for antivirus and screen lock compliance: * **Device Library Items** * **Application List** #### **To update API token permissions:** 1. In Iru (Kandji), go to **Settings** → **Access**. 2. Scroll to **API Token**. 3. Locate the API key currently used in Sprinto, select the three-dot menu, and choose **View**. 4. Select **Edit**. 5. Under the **Device** section, enable: * Device Library Items * Application List 6. Save the changes. {% hint style="info" %} The screenshot above shows the required permissions. {% endhint %} ### **How Sprinto Tracks Antivirus** Sprinto detects antivirus software by checking the installed applications returned via Iru (Kandji) API.\ A device passes the antivirus check if **any recognised antivirus application** is found. Recognised applications include, but are not limited to: * Microsoft Defender * CrowdStrike * Bitdefender * Sophos * SentinelOne * Malwarebytes * Norton * Avast / Avira * McAfee ### **Next Steps** Once your Iru (Kandji) configuration and API permissions are updated: * New **Screen Lock** and **Antivirus** monitors will appear in your **Staff Devices** section in Sprinto. * Any non-compliant devices will be flagged, and remediation tasks will be created. * Compliance status will update automatically based on Iru (Kandji) data. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.sprinto.com/monitors/extended-checks-in-mdm-tool-comms/iru-kandji-extended-checks-for-screen-lock-and-antivirus.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.