Skip to content
  • There are no suggestions because the search field is empty.

Blueprint Modifiers: Subscriber Provided Payloads

Some Blueprints require you to supply your own payload — here's how to build, checksum, host, and attach it.

Blueprint Modifiers: Subscriber-Provided Payloads

Some Blueprints require you to provide the payload — typically when the payload is specific to your organization, such as an antivirus installer built for your district. Providing your own payload has four steps.

Step 1: Build the Payload File

Check the Blueprint’s Notes to see exactly what the payload must contain. If the notes don’t specify a name, you can name the payload anything (for example payload.zip). As an example, the Sophos Endpoint Blueprint requires a payload.zip containing exactly one file, SophosSetup.exe (the organization-specific installer Sophos provides).

Step 2: Get the SHA2 Checksum

Calculate the SHA2 (SHA-256) checksum of the payload file itself, not the files inside it — in the example, the SHA2 of payload.zip, not SophosSetup.exe. PowerShell is the recommended way:

Get-FileHash -Algorithm SHA256 payload.zip

Step 3: Host the Payload Publicly

Host the file somewhere publicly accessible with no username or password. Because it’s public, never include passwords, license information, or other secrets inside the payload. Your organization’s website is a good choice (for example http://myschool.k12.st.us/files/payload.zip). Avoid Google Drive for this — Google throttles anonymous downloads per hour, which can break installs at scale.

Step 4: Add the URL and SHA2 to the Modifier

  • Subscribe to the Blueprint.
  • Click Edit Blueprint.
  • Add the payload URL (from step 3) and the SHA2 checksum (from step 2).

Then build the Modifier as you normally would.

Common Questions

Why do I have to provide the payload?
Because it’s specific to your organization, such as a district-licensed installer.

Do I checksum the ZIP or the files inside it?
The payload file itself (the ZIP), not its contents.

Where should I host it?
Somewhere public and credential-free — your website is ideal. Avoid Google Drive due to download throttling.

Is it safe to put secrets in the payload?
No. The payload is publicly accessible — never include passwords or license info.