Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Use Jamf Pro Classic API to send EraseDevice command (Erase All Content and Settings on macOS Monterey and newer) to one or multiple computers by Jamf Pro ID. This script doesn't support computers locked using Device Lock with unique passcodes.
#!/bin/zsh
:<<ABOUT_THIS_SCRIPT
-------------------------------------------------------------------------------
Written by:William Smith
Partner Program Manager
Jamf
bill@talkingmoose.net
https://gist.github.com/d8dbdbc920cbaddd7d60f44f17bf268a
Originally posted: November 9, 2022
Purpose: Send the EraseDevice MDM command to one or multiple computers
through the Jamf Pro Classic API.
Instructions:
1. Provide the information below for jamfProURL, username, password,
computerIDs and passcode.
2. Run the script using a code/text editor such as BBEdit or Coderunner.
Or save the script to your desktop and use Terminal to run the script.
Except where otherwise noted, this work is licensed under
http://creativecommons.org/licenses/by/4.0/
"Experience is simply the name we give our mistakes."
— Oscar Wilde
-------------------------------------------------------------------------------
ABOUT_THIS_SCRIPT
# server and credential information
jamfProURL="https://talkingmoose.jamfcloud.com"
username="jamfadmin"
password="P@55w0rd"
# computer IDs separated by commands (e.g. "1" or "1,2,4,12")
computerIDs="1"
passcode="000000"
# request auth token
authToken=$( /usr/bin/curl \
--request POST \
--silent \
--url "$jamfProURL/api/v1/auth/token" \
--user "$username:$password" )
echo "$authToken"
# parse auth token
token=$( /usr/bin/plutil \
-extract token raw - <<< "$authToken" )
echo Token: "$token"
# send data to Jamf Pro Classic API with command to EraseDevice
response=$( /usr/bin/curl \
--header "Authorization: Bearer $token" \
--header "Content-Type: text/xml" \
--request POST \
--silent \
--url "$jamfProURL/JSSResource/computercommands/command/EraseDevice/passcode/$passcode/id/$computerIDs" )
echo "$response"
# expire auth token
/usr/bin/curl \
--header "Authorization: Bearer $token" \
--request POST \
--silent \
--url "$jamfProURL/api/v1/auth/invalidate-token"
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment