Apple policy: Restrictions
The Restrictions sections control which OS features are allowed on managed Apple devices. In the Apple Policy Editor, these options are exposed as grouped panels with multiple toggles.
Many restrictions are only supported on specific OS versions and may require supervised devices. Use the tooltips in the dashboard for authoritative requirements.
Security
- Allow auto unlock
- Allow Fingerprint for Unlock
- Allow Fingerprint Modification
iCloud
- Allow iCloud address book
- Allow iCloud backup
- Allow iCloud bookmarks
- Allow iCloud calendar
- Allow iCloud desktop and documents
- Allow iCloud document sync
- Allow iCloud Freeform
- Allow iCloud keychain sync
- Allow iCloud Mail
- Allow iCloud Notes
- Allow iCloud Photo Library
- Allow iCloud Private Relay
- Allow iCloud Reminders
Multimedia
- Allow camera
- Allow File Sharing Modification
- Allow Files USB Drive Access
Cellular
- Allow app cellular data modification
- Allow cellular plan modification
- Allow eSIM modification
- Allow eSIM outgoing transfers
Networking
- Allow AirDrop
- Allow AirPlay incoming requests
- Allow AirPrint
- Allow AirPrint credentials storage
- Allow AirPrinti beacon discovery
- Allow Bluetooth modification
- Allow Bluetooth Sharing modification
- Allow Files Network Drive Access
- Allow Internet Sharing Modification
Accounts (restriction)
The Accounts panel contains both a restriction and (optionally) account configuration. The restriction toggle controls whether the user can modify system accounts.
- Allow account modification