Connect Fleet DM to Smallstep
Smallstep can integrate with Fleet DM to deploy certificates to your Fleet-managed devices.
Requirements
You will need:
- A Smallstep team
- A Fleet DM instance
Configure device sync (coming soon)
To sync your devices from Fleet DM, create an API-only user in Fleet DM, and then put the token into the Fleet settings in Smallstep.
Configure Dynamic SCEP
To configure Fleet to use Dynamic SCEP for certificate issuance to your endpoints, follow the instructions in Connect end user to WiFi with certificate (Smallstep)
Deploy the Smallstep agent
Though not required, we suggest deploying the Smallstep agent to your endpoints. The agent makes it easier to configure endpoints and manage certificates. You can deploy the agent using Fleet's software management and scripting features.
Alternatively, you can use a separate software management system such as Munki to deploy the agent. See install via a software management tool for details.
Last updated on November 11, 2025
Introducing
Device Identity
Ensure that only company-owned devices can access your enterprise's most sensitive resources.
