Iru Device Management API Features After Kandji Rebranding May 2026

Iru is the new name for Kandji as of March 2026. The platform now uses a Model Context Protocol to help IT teams manage security across all devices faster than before.
By Newsroom | Technology, Software |

Iru, formerly known as Kandji, is solidifying its position in the device management landscape with a comprehensive API that underpins its AI-driven platform. The system, built around a 'Model Context Protocol' (MCP), allows for granular control and insight into endpoint management, detection, and response, extending across Apple, Windows, and Android devices. This unified approach promises to streamline security operations by integrating vulnerability management, threat detection, and identity and access controls within a single agent.

The core functionality of Iru's API remains consistent, offering extensive capabilities for managing fleets of devices. These functions are detailed across numerous tools, each designed to address specific IT and security needs. The platform supports complex queries, enabling IT administrators to ask questions like "Show me all non-compliant devices with high-severity vulnerabilities" or "List executive devices with any security threats or vulnerabilities." This data-driven approach extends to user lifecycle management, license utilization tracking, and proactive monitoring for devices requiring immediate attention.

Read More: New research shows how people talk to AI chatbots

API Functionality Underpins Diverse Management Tasks

The scope of the Iru API is extensive, covering a broad spectrum of device management and security functions. A substantial number of 'MCP tools' are available, each addressing distinct operational requirements.

  • Vulnerability Management is a key focus, with the API capable of identifying critical vulnerabilities, listing devices with known exploitable flaws, and filtering by severity and CVSS scores.

  • Threat Detection and Response capabilities include identifying active malware, tracking quarantined threats, and flagging devices with suspicious behavioral detections.

  • Security Audit and Compliance features allow for the monitoring of configuration changes, tracking of administrative actions, and auditing of device-related events.

  • Device Inventory and Discovery functions provide detailed insights into device types, assignments, and software versions across various operating systems.

  • Application and Software Management enables tracking of installed applications, identification of missing security software, and detection of unapproved software.

  • Blueprint and Policy Management offers visibility into available blueprints, assigned library items, and deployed configuration profiles.

  • Device Status and Health reporting covers compliance status, installation failures, and pending updates.

  • User Lifecycle management tracks active users, creation dates, and device assignments.

  • Access and Licensing provides overviews of license utilization, availability, and subscription status.

  • Device Actions are primarily query-based, focusing on read-only information such as device location and battery status.

  • Investigation and Forensics tools allow for deep dives into recent application installations, network changes, and user accounts on specific devices.

  • Executive Summaries and Trend Analysis offer high-level overviews of security posture, vulnerability trends, and compliance rates over time.

  • Capacity Planning aids in understanding resource needs based on current fleet composition and license availability.

  • Common IT Help Desk Questions are addressed through specific queries designed to troubleshoot device check-in status, enrollment issues, and compliance discrepancies.

  • Proactive Monitoring alerts administrators to devices needing urgent attention, failed configurations, or communication issues.

Integration and Setup Protocols

Integration with other platforms, such as Ravenna, is facilitated through API tokens. Setup involves generating a token within the Iru dashboard, assigning it appropriate permissions – with 'List Devices' being a minimum requirement for Ravenna – and then configuring the integration in the target application. Troubleshooting guides address common issues like invalid API tokens, incorrect API URLs, connection timeouts, insufficient permissions, and device-not-found errors.

Background

The rebranding from Kandji to Iru, effective March 7, 2026, signifies a continuity of service and technology. The underlying 'Model Context Protocol' (MCP) servers, such as the one developed by mangopudding, are maintained, ensuring that the transition is seamless for existing users and integrations. The platform's documentation, accessible via a central index file, serves as a guide for users to navigate the platform's extensive capabilities.

Read More: GitHub Enterprise Server 3.21 New Documentation Rules May 2026

Frequently Asked Questions

Q: What is the new name for the Kandji device management platform?
Kandji officially rebranded to Iru on March 7, 2026. The platform continues to offer the same device management services with new AI-driven tools.
Q: How does the Iru API help IT administrators manage security?
The Iru API uses a Model Context Protocol to let IT teams run complex queries across Apple, Windows, and Android devices. This helps them quickly identify vulnerabilities, malware, and non-compliant devices.
Q: Can Iru manage devices other than Apple products?
Yes, Iru now supports management and security monitoring for Apple, Windows, and Android devices. This allows IT departments to use one single agent for their entire fleet.
Q: How do I connect Iru with other platforms like Ravenna?
You can connect Iru to other tools by generating an API token in the Iru dashboard. You must assign the correct permissions, such as 'List Devices,' to ensure the integration works correctly.