# Configuration guide: Lock macOS device
{% hint style="warning" %}
The configuration options on this page are only accessible to [administrators](/platform/user-guide/administration/account-management/roles.md).
Refer to the [Usage guide: Lock macOS device](/platform/library-packs/l1-support/workflow-lock-macos-device/usage-guide-lock-macos-device.md) to use library content as a standard user.
{% endhint %}
## Prerequisites
This library pack contains content from the following [expansion products](/platform/overview/products.md)
* [Flow - Workflows](/platform/user-guide/workflows.md)
{% hint style="info" %}
Some of these products offer default access to their respective content and can still be used without [expansion products](/platform/overview/products.md).
To learn more about default thresholds for expansion products, [visit the extended documentation](broken://spaces/OrWF1QMMEwqZgv33QBkR).
{% endhint %}
## **Included content and dependencies**
This library pack contains the following content and dependencies:
This workflow enables L1 agents to quickly and effectively lock lost or stolen macOS corporate devices managed through Jamf Pro.
## Configuring Lock macOS device pack
{% hint style="info" %}
Adapt these suggested configuration steps to edit and customize content according to your organizational needs.
{% endhint %}
Follow these steps to install and configure content:
* Before configuration - Install library pack content from [Nexthink Library](/platform/user-guide/nexthink-library.md)
* [Step 1 - Configure workflow trigger and targeting](#step-1-configure-workflow-trigger-and-targeting)
* [Step 2 - Configure Jamf Pro connector credential](#step-2-configure-jamf-pro-connector-credential)
* [Step 3 - Configure ITSM API connector credential](#step-3-configure-servicenow-integration)
* [Step 4 - Configure global parameters](#step-4-configure-global-parameters)
* [Step 5 - Configure Post device lock command thinklet](#step-5-configure-post-device-lock-command-thinklet)
### Step 1 - Configure workflow trigger and targeting
The workflow trigger and targeting must be configured before use:\
\
This workflow is designed to target devices and the recommended trigger is Manual.
Please refer to [this section](/platform/library-packs/l1-support/workflow-lock-macos-device/usage-guide-lock-macos-device.md#workflow-structure) for suggestions on configuring the workflow trigger.
### Step 2 - Configure Jamf Pro connector credential
The configuration of connector credentials is essential for enabling API calls. The configuration of connector credentials is essential for enabling API calls. See detailed information in the [documentation](https://nexthink.gitbook.io/opd/integrations/outbound-connectors/connector-credentials). Each connector thinklet has a dropdown field for credentials that needs to be filled out:
When the workflow is installed or copied from the Library, this field will be blank as it is a local setup of each environment and is not included in the Library.
### Step 3 - Configure ServiceNow integration
The configuration of connector credentials is essential for enabling API calls. See detailed information in the [documentation](https://nexthink.gitbook.io/opd/integrations/outbound-connectors/connector-credentials). Each connector thinklet has a dropdown field for credentials that needs to be filled out:
When the workflow is installed or copied from the Library, this field will be blank as it is a local setup of each environment and is not included in the Library.
In addition to the connector credentials, the Create incident ticket thinklet must be customized before using the workflow:
The following three parameters must be customized for your organization:
* ServiceNow assignment group - Assignment group to be populated for the incident.
* Business service - Business service to be populated for the incident.
* Caller - Caller to be populated for the incident.
### Step 4 - Configure global parameters
There are two global parameters in this workflow:
* Incident number - This parameter should be configured with the ServiceNow ticket number, which is the basis for locking the device. The workflow will update this ticket upon execution and close it upon successful device lock.
* Lock PIN number - This parameter should be configured with a 6-digit PIN code that would be required to unlock the device.
### Step 5 - Configure Post device lock command thinklet
Prior to using the workflow, the **Post device lock command** thinklet must be configured. The following two parameters must be customized for your organization:
* Message - This parameter appears on the lock screen of a locked device.
* Phone number - this phone number will appear on the lock screen of a locked device along with the lock message. Depending on your requirements, it can refer to an organization's IT service desk or security department.
***
RELATED TOPICS
* [Workflow: Lock macOS device](/platform/library-packs/l1-support/workflow-lock-macos-device.md)
* [Usage guide: Lock macOS device](/platform/library-packs/l1-support/workflow-lock-macos-device/usage-guide-lock-macos-device.md)
* [Manage Workflows](https://docs.nexthink.com/platform/user-guide/workflows/managing-workflows)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.nexthink.com/platform/library-packs/l1-support/workflow-lock-macos-device/configuration-guide-lock-macos-device.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.