{"id":75905,"date":"2023-05-15T16:40:23","date_gmt":"2023-05-15T20:40:23","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=75905"},"modified":"2024-09-25T13:01:32","modified_gmt":"2024-09-25T17:01:32","slug":"manage-device-trust-certificates","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates","title":{"rendered":"Manage Device Trust Certificates for Desktop"},"content":{"rendered":"\n<p>JumpCloud\u2019s Device Trust Certificates let you allow or deny access to the User Portal and SSO applications based on the desktop device the user is authenticating from. Device Trust is established when the User Portal requests that the desktop client present a certificate, and the user\u2019s browser provides that certificate. Device Trust can save users time and allow seamless access to applications.<\/p>\n\n\n\n<p>When you enable certificate distribution, the agent server sends an update that causes the agent (along with the user-agent where applicable) to request and install Device Trust certificate bundles on the device. One certificate request is made per managed user.<\/p>\n\n\n\n<p><strong>Prerequisites<\/strong>:<\/p>\n\n\n\n<ul>\n<li>Conditional Access Policies, which let you relax, restrict, or deny user access to resources, work in tandem with Device Trust Certificates for any policy that uses a device condition. You\u2019ll need to create a conditional access policy before you can implement Device Trust.\n<ul>\n<li>See<a href=\"https:\/\/jumpcloud.com\/support\/configure-a-conditional-access-policy\" target=\"_blank\" rel=\"noreferrer noopener\"> Configure a Conditional Access Policy<\/a>.<\/li>\n\n\n\n<li>Conditional Access is a Platform Prime feature. See <a href=\"https:\/\/jumpcloud.com\/pricing\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud pricing<\/a> for more information about Platform Prime.&nbsp;<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><strong>Considerations<\/strong>:<\/p>\n\n\n\n<ul>\n<li>Device Trust certificates covered in this article apply only to desktop devices using the JumpCloud Agent and supported web browsers.<\/li>\n\n\n\n<li>Certificates are distributed only to JumpCloud managed users on devices.<\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<p>The managed device condition using Device Trust certificates doesn&#8217;t apply to mobile devices managed by MDM. To enforce Device Trust on mobile devices, see <a href=\"https:\/\/jumpcloud.com\/support\/get-started-mobile-device-trust\">Get Started: Mobile Device Trust<\/a>.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-understanding-the-device-trust-certificate-bundle\">Understanding the Device Trust Certificate Bundle<\/h2>\n\n\n\n<p>The JumpCloud Device Trust certificate bundle contains four parts:<\/p>\n\n\n\n<ul>\n<li><strong>Root Certificate<\/strong> &#8211; The <em>JumpCloud Production Device Identification Root CA<\/em> certificate is a self-signed certificate and displays as <em>untrusted<\/em> in some certificate managers, but this is not an issue.<\/li>\n\n\n\n<li><strong>Intermediate Certificate<\/strong> &#8211; The <em>device-trust.intermediate<\/em> certificate.<\/li>\n\n\n\n<li><strong>Leaf Certificate<\/strong> &#8211; The <em>JumpCloud Device Trust Certificate &#8211; \u2026\u2026..<\/em> certificate<em>.<\/em> The browser presents this certificate in response to the challenge from the agent server. The \u2018<em>&#8230;&#8230;..\u2019<\/em> contains an eight-digit hexadecimal identifier. The identifier is only used to ensure that two different leaf certs will have unique names.<\/li>\n\n\n\n<li><strong>Private key<\/strong> &#8211; The Imported Private Key was created by the agent on the user\u2019s behalf to generate the certificate signing request, as part of requesting the Device Trust certificate. It\u2019s packaged along with the certificates so it can be used to sign requests to the agent server.<\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>In addition to requesting and installing the Device Trust certificate, the Agent or the user-agent must also create certificate selection filters so that the user\u2019s browser can locate the correct certificate when challenged. &nbsp;<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-finding-the-storage-location-of-global-device-certificates\">Finding the Storage Location of Global Device Certificates<\/h2>\n\n\n\n<p><strong>On macOS<\/strong>:<\/p>\n\n\n\n<ul>\n<li>The certificates are stored in a new jumpcloud-device-trust-keychain in the user\u2019s Library\/Keychains folder.<\/li>\n\n\n\n<li>The generated password for the new keychain is stored in the user\u2019s login keychain, in a generic password item named J<em>umpCloud Device Trust Keychain Password<\/em>. This allows the user agent to unlock the Device Trust keychain when it needs access to install or renew certificates.<\/li>\n\n\n\n<li>The Device Trust keychain password will be rotated every time a certificate is installed or renewed.<\/li>\n<\/ul>\n\n\n\n<p><strong>On Windows:<\/strong><\/p>\n\n\n\n<ul>\n<li>The agent installs the root (CA) certificate in the system cert store<\/li>\n\n\n\n<li>The user-agent installs the intermediate certificate in the user\u2019s Intermediate Certification Authorities store, and the Device Trust certificate in the user\u2019s Personal store.<\/li>\n<\/ul>\n\n\n\n<p><strong>On Linux:<\/strong><\/p>\n\n\n\n<ul>\n<li>Certificates are stored in the user\u2019s NSS database (~\/.pki\/nssdb\/cert9.db, ~\/.pki\/nssdb\/key4.db).<\/li>\n\n\n\n<li>If the database does not exist, the agent will create a new one<\/li>\n\n\n\n<li>Certificate auto-select filters are found in \/etc\/opt\/chrome\/policies\/managed\/JumpCloudCertificateAutoselect.json<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-distributing-global-device-certificates-nbsp\">Distributing Global Device Certificates&nbsp;<\/h2>\n\n\n\n<p>Distribute device certificates from the Conditional Policies Settings page or when you create your first policy that uses a device condition. See <a href=\"https:\/\/jumpcloud-support.force.com\/support\/s\/article\/Configure-a-Conditional-Access-Policy\" target=\"_blank\" rel=\"noreferrer noopener\">Configure a Conditional Access Policy<\/a>&nbsp;to learn how to distribute certificates when you create your first device-based policy.&nbsp;<\/p>\n\n\n\n<p><strong>To distribute a device certificate from the Conditional Policies Settings page<\/strong>:&nbsp;<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.&nbsp;<\/li>\n\n\n\n<li>Go to <strong>SECURITY MANAGEMENT &gt; Conditional Policies<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Click <strong>Settings<\/strong> to the right of the policies. You can also click <strong>Edit in Settings<\/strong> under <strong>Global Policies<\/strong>.<br><img decoding=\"async\" width=\"2734\" height=\"704\" class=\"wp-image-84901\" style=\"width: 1200px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png 2734w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon-300x77.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon-1024x264.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon-768x198.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon-1536x396.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon-2048x527.png 2048w\" sizes=\"(max-width: 2734px) 100vw, 2734px\" \/><\/li>\n\n\n\n<li>In <strong>Device Certificates<\/strong>, set<strong> Global Certificate Distribution<\/strong> to <strong>ON<\/strong>.<\/li>\n\n\n\n<li>Click <strong>save<\/strong> <strong>changes<\/strong>.&nbsp;<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>Global device certificates have a time-to-live of 30 days, but are renewed every two weeks by the user agent.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-removing-global-device-certificates\">Removing Global Device Certificates<\/h2>\n\n\n\n<p>You can remove global device certificates after you\u2019ve distributed them. When you disable global device certificates, existing policies aren\u2019t updated, and any custom <a href=\"https:\/\/jumpcloud.com\/support\/understand-mac-keychain-access\" target=\"_blank\" rel=\"noreferrer noopener\">macOS Keychain Application Access<\/a> configurations are removed. To make sure users have uninterrupted access to their resources, disable policies with a device condition before you remove global device certificates. Learn how to disable a policy in <a href=\"https:\/\/jumpcloud-support.force.com\/support\/s\/article\/Configure-a-Conditional-Access-Policy\" target=\"_blank\" rel=\"noreferrer noopener\">Configure a Conditional Access Policy<\/a>.&nbsp;<\/p>\n\n\n\n<p><strong>To remove global device certificates<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.&nbsp;<\/li>\n\n\n\n<li>Go to <strong>SECURITY MANAGEMENT &gt; Conditional Policies<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Click <strong>Settings<\/strong> to the right of the policies. You can also click <strong>Edit in Settings<\/strong> under <strong>Global Policies<\/strong>.<\/li>\n\n\n\n<li>In <strong>Device Certificates<\/strong>, set<strong> Global Certificate Distribution<\/strong> to <strong>OFF<\/strong>.&nbsp;&nbsp;<\/li>\n\n\n\n<li>Click <strong>save changes<\/strong>.<br>&nbsp;<img decoding=\"async\" width=\"1090\" height=\"608\" class=\"wp-image-84860\" style=\"width: 400px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert.png 1090w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert-300x167.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert-1024x571.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert-768x428.png 768w\" sizes=\"(max-width: 1090px) 100vw, 1090px\" \/><\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>Disabling Global Certificate Distribution removes certificates from every device and every user on a device. Any existing managed device policies treat users as unmanaged, and this takes effect immediately.&nbsp;<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-users-selecting-a-device-trust-certificate\">Users: Selecting a Device Trust Certificate<\/h2>\n\n\n\n<p>As part of Device Trust, users may see prompts to select Device Trust certificates when browsing to the JumpCloud User Portal or using some SSO-enabled applications after certificate distribution is enabled. You should inform users that these types of prompts are legitimate and expected, and to select the JumpCloud Device Trust Certificate and let the application or browser proceed.<br><img decoding=\"async\" width=\"1024\" height=\"571\" class=\"wp-image-84859\" style=\"width: 400px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert2.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert2.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert2-300x167.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/DeviceTrustSelectCert2-768x428.png 768w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n\n\n\n<p>The prompt may present multiple <em>JumpCloud Device Trust Certificat<\/em>e options, but they are all the same certificate, and the user can select any one.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-addressing-persistent-certificate-prompts-on-macos\">Addressing Persistent Certificate Prompts on macOS<\/h2>\n\n\n\n<p>In some applications on macOS (Google Chrome, for example), the certificate selection prompt may persistently appear, even when the user has previously selected the certificate. To resolve this issue, restart the device. <\/p>\n\n\n\n<p>If a restart does not resolve the issue, you can gather the Device Trust Password from the macOS Keychain and input it when prompted.<\/p>\n\n\n\n<p><strong>To gather the Device Trust Password on a macOS device<\/strong>:<\/p>\n\n\n\n<ol>\n<li>On the macOS device, open the <strong>Keychain<\/strong> app.<\/li>\n\n\n\n<li>In the list of keychains, locate the <strong>JumpCloud Device Trust Keychain Password <\/strong>item under the <strong>Login<\/strong> keychain and double-click.<\/li>\n\n\n\n<li>The keychain entry opens in a new window. Click <strong>Show password<\/strong> and a password prompt appears.\n<ol class=\"is-lower-alpha\">\n<li>Enter the user&#8217;s local device account password (the same password used for device login) and click <strong>Allow<\/strong>.<\/li>\n\n\n\n<li>A second password prompt appears, enter the device account password again and click <strong>Allow<\/strong>.<br><img decoding=\"async\" width=\"743\" height=\"433\" class=\"wp-image-100050\" style=\"width: 600px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/10\/macos_keychain_device_trust_password_always_allow.jpg\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/10\/macos_keychain_device_trust_password_always_allow.jpg 743w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/10\/macos_keychain_device_trust_password_always_allow-300x175.jpg 300w\" sizes=\"(max-width: 743px) 100vw, 743px\" \/><\/li>\n<\/ol>\n<\/li>\n\n\n\n<li>In the keychain window, the Device Trust password will now appear. Select the password and <strong>Copy<\/strong> it.<\/li>\n\n\n\n<li>When prompted for the <strong>JumpCloud Device Trust Key<\/strong>, <strong>Paste<\/strong> this password into the field. <\/li>\n\n\n\n<li><strong>Important<\/strong>! Click <strong>Always Allow<\/strong>. Clicking Allow may not prevent the popup from reappearing later. <\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>JumpCloud\u2019s Device Trust Certificates let you allow or deny access to the User Portal and SSO applications based on the [&hellip;]<\/p>\n","protected":false},"author":202,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2929,2852],"support_tag":[],"coauthors":[2836,3011],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Manage Device Trust Certificates for Desktop - JumpCloud<\/title>\n<meta name=\"description\" content=\"Discover how to use Device Trust to allow or deny access to resources like the User Portal and applications, based on the device the user utilizes to authenticate.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Manage Device Trust Certificates for Desktop\" \/>\n<meta property=\"og:description\" content=\"Discover how to use Device Trust to allow or deny access to resources like the User Portal and applications, based on the device the user utilizes to authenticate.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-25T17:01:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"6 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"denasteward, nickconrad\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates\",\"url\":\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates\",\"name\":\"Manage Device Trust Certificates for Desktop - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png\",\"datePublished\":\"2023-05-15T20:40:23+00:00\",\"dateModified\":\"2024-09-25T17:01:32+00:00\",\"description\":\"Discover how to use Device Trust to allow or deny access to resources like the User Portal and applications, based on the device the user utilizes to authenticate.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Manage Device Trust Certificates for Desktop\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Manage Device Trust Certificates for Desktop - JumpCloud","description":"Discover how to use Device Trust to allow or deny access to resources like the User Portal and applications, based on the device the user utilizes to authenticate.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates","og_locale":"en_US","og_type":"article","og_title":"Manage Device Trust Certificates for Desktop","og_description":"Discover how to use Device Trust to allow or deny access to resources like the User Portal and applications, based on the device the user utilizes to authenticate.","og_url":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates","og_site_name":"JumpCloud","article_modified_time":"2024-09-25T17:01:32+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"6 minutes","Written by":"denasteward, nickconrad"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates","url":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates","name":"Manage Device Trust Certificates for Desktop - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png","datePublished":"2023-05-15T20:40:23+00:00","dateModified":"2024-09-25T17:01:32+00:00","description":"Discover how to use Device Trust to allow or deny access to resources like the User Portal and applications, based on the device the user utilizes to authenticate.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/DeviceTrustSettingsIcon.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/manage-device-trust-certificates#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Manage Device Trust Certificates for Desktop"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75905"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/202"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75905\/revisions"}],"predecessor-version":[{"id":115828,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/75905\/revisions\/115828"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=75905"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=75905"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=75905"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=75905"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}