JumpCloud® SaaS Management gives you visibility and control over shadow IT and SaaS app use within your org. Connectors detect shadow IT without adoption of a browser extension and provide a significant increase to the valuable usage and security insights.
The Jamf Connector retrieves the license list from the Jamf API. Using periodic polling for regular updates, it captures new users to keep data accurate and up-to-date.
Prerequisites
- You must have administrative access to Jamf to create API roles and clients.
Considerations
- Based on your organization’s size, the initial collection of data may take some time, up to an hour.
Configuring Jamf
- Log in to Jamf using your customized tenant URL. For example, yourtenant.jamfcloud.com.
- Go to Settings > API roles and clients.
- In the API Roles tab, create a new role.
- Search for and add the Read User privilege.
- Go to the API Clients tab and create a new client:
- Enter a display name.
- Select your new role from the API roles dropdown menu.
- Click Enable API Client and Save.
When creating the API client, ensure to copy and note the Client ID and generated Client Secret. This is the only time they appear in the Jamf console during configuration.
Configuring JumpCloud
- Log in to the JumpCloud Admin Portal.
- Go to SECURITY MANAGEMENT > SaaS Management.
- In SaaS Management settings, go to the Connector tab and select + Add Connector.
- Select Jamf and click Connect.
- Enter a name and click Connect.
- Enter the following fields copied from Jamf during configuration in the previous section:
- Client ID
- Client Secret
- Jamf Tenant
- Click Save Connector.
- You will now see Jamf in your list of Connectors.
If permissions are accidentally removed, or if the admin who configured left your organization, the connector will stop working and you will be prompted to Reconnect.
Required Permissions
- Read Users:
- View users and their email addresses.
- Get users to populate SaaS Management accounts.
Uninstall/Remove
- On the Connector’s detail page, click on Delete Connector and follow the prompts.
- To revoke the permissions granted to JumpCloud, delete the API Role and API Client created in Jamf.