Home Services How It Works Platforms Pricing About → Book Demo
Full Platform Stack

Every Platform.
One Inbox.

16+ MDM, security, DEP, and UCaaS platforms — all managed through the Merkaba One API layer. Click any platform to see the exact automatable actions and known limitations.

16
Platforms
85%+
Avg API coverage
REST
Official APIs only
0
Portals required
Platform & Service Catalog
Akamai SIA Mobile
90%
SIA Configuration & Reporting API
SECURITY ACTIONS
Deploy DNS-layer threat protection via MDM — No client app required
Assign device to security policy group
Update acceptable use policies (AUP)
Configure off-network & roaming security policy enforcement corrected
Pull real-time threat & DNS activity reports
Block specific categories (phishing, malware, botnets)
⚠ LIMITATIONS
Endpoint detection & response (EDR) — SIA is DNS-layer only — not full EDR
Device encryption management — Handled by MDM, not SIA
Carrier data usage or roaming charge control — SIA is a security layer; carrier billing is separate
Apple Business Manager
60%
ABM REST API (OAuth2/JWT)
DEVICE & LICENSE MANAGEMENT
View all devices in ABM inventory
Assign device to MDM server (Intune/Jamf)
Unassign device from MDM server
Assign VPP licenses to devices or users
Revoke VPP licenses
View license usage
⚠ LIMITATIONS
Purchase new devices through ABM — Done by Apple resellers
Purchase new app licenses — App purchases require Apple portal
Manage user accounts in ABM — Portal only
Google Workspace Enroll
78%
Google Workspace Admin SDK
ENROLLMENT ACTIONS
Chromebook & Android bulk enrollment
Google Workspace org unit assignment
Zero-touch Android integration
Policy enforcement from first sign-in
⚠ LIMITATIONS
iOS or Windows device enrollment — Google Workspace is Google ecosystem only
Advanced MDM features — Basic management only — use Workspace ONE for advanced
IBM MaaS360
85%
Full REST API
DEVICE ACTIONS
Enroll iOS, Android, Windows, macOS — All major platforms
Remote lock
Remote wipe — full factory reset
Selective wipe — corporate data only
Force device check-in
Locate device (GPS)
Enable/disable Wi-Fi, Bluetooth, camera
Assign HIPAA compliance policy pack — MaaS360 Healthcare Edition
⚠ LIMITATIONS
Some advanced container management — Requires portal UI — API coverage improving
Remote screen access — Requires IBM MaaS360 Advisor
Jamf Pro
90%
Jamf Pro REST API
DEVICE MANAGEMENT
Enroll Mac, iPhone, iPad, Apple TV via ADE — Requires Apple Business Manager
Remote lock
Remote wipe
Restart or shut down Mac — Mac only
Enable Lost Mode on iOS
Reset passcode on iOS
Rotate FileVault recovery key — Mac only
Unlock a user account on Mac
Rename a device
POLICY & APP MANAGEMENT
Assign a policy to device or group
Trigger a policy to run immediately
Assign configuration profiles
Deploy apps from App Catalog
Manage VPP / Apple Business Manager licenses
Deploy app updates via patch management
Run scripts on macOS devices
⚠ LIMITATIONS
Manage non-Apple devices — Jamf is Apple-only
Push macOS major version upgrades — Apple platform restriction
Remote screen access — Requires Apple Remote Desktop or a third-party tool (e.g., TeamViewer, Splashtop) — Jamf Remote was discontinued corrected
Kandji
80%
Kandji REST API
DEVICE MANAGEMENT
View and manage enrolled Apple devices
Remote lock, wipe, restart, shut down
Enable Lost Mode (iOS)
Assign Blueprint to device — Kandji uses Blueprints for policy
Move device between Blueprints
View auto-app update status — Kandji Auto App is a key differentiator
Rotate local admin password (LAPS) — Mac only
⚠ LIMITATIONS
Manage non-Apple devices — Kandji is Apple-only
Create/modify Blueprints via API — Requires Kandji portal
Knox Enrollment Svc
80%
Samsung KES API
ENROLLMENT ACTIONS
Bulk Samsung device enrollment via reseller
IMEI / serial pre-assignment before delivery
Auto-routes to Knox Manage or any MDM
IT-configured before device reaches employee
⚠ LIMITATIONS
Non-Samsung Android devices — KES is Samsung-only
Post-enrollment device management — KES handles enrollment only — Knox Manage or MDM takes over
Microsoft Autopilot
88%
Microsoft Graph API
PROVISIONING ACTIONS
Zero-touch Windows device provisioning
OEM-direct enrollment from first boot
Azure AD & Intune auto-join
Pre-configured policy & app deployment
Register pre-staged devices already in the hardware hash database corrected
⚠ LIMITATIONS
Non-Windows devices — Autopilot is Windows-only
Registering net-new devices from scratch — Requires CSV hardware hash upload or OEM direct; API only manages already-registered devices corrected
Microsoft Intune
95%
Microsoft Graph API
DEVICE ENROLLMENT
Enroll Windows, iOS, Android, macOS — Autopilot for Windows, ADE for Apple
Assign enrollment profiles
Set enrollment restrictions by platform
Bulk enroll devices via CSV — Requires pre-staging
View enrollment status for all devices
Retire a device from enrollment
Delete a device record
DEVICE ACTIONS
Remote lock a device
Remote wipe — full factory reset — Irreversible
Corporate wipe — remove company data only
Force device sync
Restart a device remotely — Windows only
Locate a device (GPS) — iOS and Android
Reset passcode remotely — iOS only
Enable or disable Activation Lock
Rotate local admin password (LAPS) — Windows and macOS corrected
Send custom notification to device
Rename a device
COMPLIANCE & POLICIES
Assign compliance policies
Check compliance status of any device
View all non-compliant devices
Assign configuration profiles
Remove a policy from a device
Set conditional access policies — Requires Azure AD P1/P2
APP MANAGEMENT
Assign an app to device or user group
Remove an app from a device
View installed apps
Configure app protection policies (MAM)
Deploy app updates
⚠ LIMITATIONS
Push iOS system updates — Apple does not allow programmatic OS updates
Access device screen remotely — Requires TeamViewer or similar
Access files on a device — Intune is management only — not file access
Microsoft Teams Phone
75%
Microsoft Graph API + Teams PowerShell corrected
USER PHONE MANAGEMENT
Assign a phone number to user — via Microsoft Graph
Assign calling plan license — via Microsoft Graph
Set dial plan and voice routing policy — Grant-CsOnlineVoiceRoutingPolicy (Teams PowerShell) corrected
Set emergency address — Set-CsOnlineLisAddress (Teams PowerShell; Graph has partial support) corrected
Enable/disable voicemail — via Microsoft Graph
Configure call forwarding — Set-CsUserCallingSettings (Graph beta); complex rules require PowerShell
Enable call recording policy — Grant-CsTeamsCallingPolicy (Teams PowerShell) corrected
⚠ LIMITATIONS
Purchase phone numbers — Teams Admin Center only
Configure complex auto attendants / IVR — Requires Teams Admin Center or PowerShell
Set up Direct Routing — Requires PowerShell and network config
Omnissa Workspace ONE
90%
Workspace ONE UEM REST API
DEVICE MANAGEMENT
Enroll iOS, Android, Windows, macOS, ChromeOS — Broadest multi-platform support
Remote lock, wipe, enterprise wipe
Force device check-in
Assign profiles and policies
Deploy and remove apps
Manage app catalogs
Configure per-app VPN
⚠ LIMITATIONS
Remote screen access — Requires Workspace ONE Assist add-on
RingCentral
80%
RingCentral REST API
USER & EXTENSION MANAGEMENT
Create a new user extension
Delete or suspend a user extension
Assign a DID (Direct Inward Dial) number
Enable or disable international calling
Configure voicemail
Set call forwarding rules
Add user to call queue / hunt group
Enable or disable call recording
Enable or disable SMS
Pull call logs and recordings
⚠ LIMITATIONS
Purchase new phone numbers — Direct purchase requires portal or elevated partner API permissions; not available on standard API tier corrected
Cancel a phone number / DID — Requires portal action
Modify billing plan or seats — Requires portal or sales
Samsung Knox
85%
Knox Manage API + KME
DEVICE MANAGEMENT
Enroll Samsung devices via Knox Enrollment — Zero-touch style for Samsung
Remote lock and wipe
Knox container management — Separates work and personal data
Push firmware updates (E-FOTA) — Unique Samsung capability
Enable/disable device features — Camera, Bluetooth, USB
⚠ LIMITATIONS
Manage non-Samsung Android devices — Knox is Samsung-only
SOTI MobiControl
82%
SOTI MobiControl REST API
DEVICE MANAGEMENT
Enroll iOS, Android, Windows, rugged devices — Strong with Zebra, Honeywell
Remote lock, wipe, corporate wipe
Remote reboot
Remote screen access (SOTI Assist) — Requires separately licensed SOTI Assist add-on corrected
File transfer to and from device — SOTI Hub
Configure kiosk / lockdown mode — Strong for POS and field devices
Manage barcode scanner configurations — Unique to SOTI
⚠ LIMITATIONS
Apple device management parity with Jamf — SOTI is stronger on Android/Windows
macOS management — Not a core SOTI strength
Zero-Touch Enrollment
85%
Google ZTE REST API
ENROLLMENT ACTIONS
Hands-free provisioning on first boot
IMEI-based auto-enrollment configuration
Target any MDM (MaaS360, Intune, etc.)
COBO & COPE policy support
Bulk device pre-registration
⚠ LIMITATIONS
iOS/macOS devices — Google Zero-Touch is Android-only
Direct device configuration (MDM does that) — Zero-Touch only handles assignment to MDM
Zoom Phone
82%
Zoom REST API
USER PROVISIONING
Assign Zoom Phone license to user
Assign a phone number
Set extension number
Enable/disable international calling
Configure call forwarding
Configure call queues
Pull call logs and recordings
⚠ LIMITATIONS
Purchase new phone numbers — Portal only
Port numbers from another carrier — Manual process through Zoom
Want to verify your stack is supported?

Book a 15-minute call.
We’ll confirm every action automatable for your exact platform mix.

Merkaba One works as an authorized admin on your existing platforms — no new software to deploy, no agents to install. Tell us what you run and we’ll show you exactly what we can automate.