Automated device enrollment is required for Apple devices like MacOS, iOS, and iPadOS in Intune. Apple Business Manager and Intune synchronize device information using the token. Enrollment profiles are also uploaded to Apple and assigned to devices using this interface. ADE tokens have a one-year validity period and must be renewed every year in order to remain functional.
It is important to consider a number of factors before renewing your ADE certificate.
Once you download a new token, the old one will no longer be valid. As long as the new token has not been uploaded, devices cannot be synced or profiles can't be assigned.
You should also renew the certificate before it expires if it has expired, since it will apply if the certificate has expired.
It is not necessary to renew an ADE certificate with the same account as an APNs certificate.
How to renew the ADE token
To reconfigure enrollment tokens, choose "Devices -> iOS/iPadOS -> iOS/iPadOS enrollment -> Enrollment program tokens" or click here and choose the token you need to renew.
Log in with an administrator account to Apple Business Manager. Press "Download Token" under "Settings -> MDM servers"
To continue, click the "Download Server Token" button. After the token has been downloaded, you will be able to use it.
In MEM admin center, switch back to the enrollment tokens blade. Click on the "Renew token" button at the top of the screen to renew the token
Select the Apple token you downloaded in step 3 and press “Next” to continue.
To finish the renewal, review your settings and press "Create".
We have now completed the renewal. The blade must be refreshed to display the new status, expiration date, and days until expiration.
