macOS Agent & Intune Connector Contracts

Summary

OP-040 freezes the Phase 1 macOS agent and Intune connector contract. It accepts macOS 13+ basic telemetry through ADR-0009 enrollment/mTLS, and treats Intune / M365 Endpoint Manager as an API integration for device compliance posture and basic inventory reads.

Validation

Contract schemas added for agent.macos.enrolled and integration.intune.sync_completed.
AsyncAPI and OpenAPI include macOS enrollment and Intune posture event/API surfaces.
Contract examples validate through make validate-contracts.

Non-Scope

No macOS agent runtime, full endpoint parity, native mobile agent, Intune write/control action, deployment, Terraform, Helm, or AWS change was included. The Intune posture runtime is now tracked separately in the OP-056 feature note.

Summary​

Validation​

Non-Scope​

Summary

Validation

Non-Scope