Jamf is a cloud service for managing Apple devices such as Mac, iPad, or iPhone. When enrolling these devices, the SCEP Payload must include the settings described in: 

https://support.apple.com/guide/deployment/scep-payload-settings-dep495a6d79/web

If using Jamf as MDM provider, configure and install a profile as described below.

To configure and install a MDM profile in Jamf

1. Login into the Jamf administration portal.
   
2. Select:
   • Computers to create a profile for enrolling Apple computers such as MacBooks.
   • Devices to create a profile for enrolling iPhones, iPads, etc. 
3. Select Configuration profiles in the sidebar and click New 
   
4. Configure the following settings in the New macOS Configuration Profile form. 
   • Options
   • Scope
   
   
5. Click Save.
6. To enroll devices, users must login to Jamf and follow the prompts for enrollment.
   • Depending on how Jamf was configured, users may or may not be prompted to download and install CA Certificates.
   • Users will be prompted to download and install a profile.
   • Wait while the device is enrolled. Certificates will automatically be issued during enrollment.