Account-driven BYOD Enrollment Failing

New Contributor III



We are having issues enrolling BYOD devices in Jamf Pro using Account-driven BYOD Enrollment. 

We are following the instructions on Jamf documentation but we are receiving an error for any Managed AppleID that tries to sign in:

"Your Apple ID does not support the expected services on this device. Contact your administrator to sign in"

All of our Apple IDs are managed and the domain is setup in Apple Business Manager. We have a ticket open with Jamf Support but wondering if anyone else has had this issue.


Current configuration:

Screenshot 2023-04-19 at 7.56.12 AM.pngScreenshot 2023-04-19 at 7.55.57 AM.png



This has worked before. We had these settings turned off for a while while we investigated (about 1.5 months).

iPhone 13 Pro Max running iOS 16.4.1.


New Contributor III

Did you verify the domain ownership in Apple Business Manager & upload the json file to your webserver (as described here: 

I don't understand the need for a web server...

It's strange that Jamf and Apple would ask their customers to do this on their own. This has worked before without a web server setup. 

It's an Apple requirement, nothing Jamf specific but yes. You need to upload a file named '' (with the correct content) to the /.well-known/ folder in the root directory of the website of which you verified the domain in ABM. 

If you run this terminal command: 

curl -I https://yourcompanysite/.well-known/

You need to receive an HTTP/1.1 200 OK and the content type needs to be Content-Type: application/json

Once that is ok your account driven enrollment should work.

Thanks for the info. Just in disbelief that this is a requirement at all from Apple. 

Where can we host this? in AWS? Running into this same issue