Difference between revisions of "Jamf Connect"

From Studentnet Wiki
Jump to navigation Jump to search
Line 14: Line 14:
 
#*'''https://127.0.0.1/jamfconnect''' for MacOS
 
#*'''https://127.0.0.1/jamfconnect''' for MacOS
 
#*'''jamfunlock://callback/auth''' for IOS to allow biometric authentication
 
#*'''jamfunlock://callback/auth''' for IOS to allow biometric authentication
#For '''Allowed Grant Types''' enable the checkbox '''Password'''
+
#For '''Allowed Grant Types''' enable the checkbox '''Password'''<br>[[File:Example_JAMF_Connect.PNG]]
#Click '''Submit''', you will then be redirected and see the service information.
+
#Click '''Submit''', you will then be redirected and see the service information.<br>[[File:Example_JAMF_Connect_App_Details.PNG]]
#Copy and save the '''Client ID''' and '''Secret'''(press '''show''' to reveal '''Secret''')
+
#Make a note of the '''Client ID''', '''Secret'''(press '''show''' to reveal '''Secret''') and '''Whitelisted Redirect URIs'''
#Send the '''Client ID''' and '''Secret''' to JAMF Connect.
+
#Navigate to '''Cloudwork Dashboard'''>'''Single Sign On'''>'''Manage OpenID Connect Apps'''>'''Identity Provider''' and make note of the '''Auto config URL'''
#Depending on JAMF Connect's response, you may need to send them extra information. The extra information can be found in '''Cloudwork Dashboard'''>'''Single Sign On'''>'''Manage OpenID Connect Apps'''>'''Identity Provider'''
+
 
  
  
 
==Setup with JAMF Connect==
 
==Setup with JAMF Connect==
 +
#Login to JAMF Connect
 +
#Fill out the Form as follows:
 +
#*'''Identity Provider''': Select '''Custom'''
 +
#*'''OIDC Client ID''': Enter the previously noted '''Client ID'''
 +
#*'''ROPG Client ID''': Enter the previously noted '''Client ID'''
 +
#*'''Client Secret''': Enter the previously noted '''Secret'''
 +
#*'''OIDC Redirect URI''': Enter the previously noted '''Whitelisted Redirect URIs'''
 +
#*'''Discovery URL''': Enter the previously noted '''Auto config URL'''
 +
 +
[[File:JAMF_Connect_IDP_Form.png]]
 
===Email Template===
 
===Email Template===
 
<blockquote>
 
<blockquote>

Revision as of 03:11, 25 July 2022

JAMF Connect

JAMF Connect is used to allow users when logging into a Mac device to be prompted with Cloudwork's Identity Provider login, instead of the usual Mac login screen.
This is so you can create a better user experience by giving users a familiar login screen every time the user signs into a SSO Service.

As a part of Cloudwork's support for JAMF Connect: When setting up an OAuth App in the Cloudwork Dashboard, under Allowed Grant Types, Password can now be selected.
Password must be selected as an Allowed Grant Type when setting up JAMF Connect, this is to allow both the username and password to authenticate and authorise the user.

Setting up with Cloudwork

  1. Email JAMF Connect telling them you want to complete a setup between Cloudwork and JAMF Connect, asking them for the Redirect URIs and what information JAMF Connect needs to complete steps at their end.
  2. Login to the Cloudwork Dashboard>Single Sign On>Manage OpenID Connect Apps>Add New Service
  3. In Name enter JAMF Connect
  4. In Client Type select Public Client
  5. In Redirect URIs enter the Redirect URIs:
  6. For Allowed Grant Types enable the checkbox Password
    Example JAMF Connect.PNG
  7. Click Submit, you will then be redirected and see the service information.
    Example JAMF Connect App Details.PNG
  8. Make a note of the Client ID, Secret(press show to reveal Secret) and Whitelisted Redirect URIs
  9. Navigate to Cloudwork Dashboard>Single Sign On>Manage OpenID Connect Apps>Identity Provider and make note of the Auto config URL


Setup with JAMF Connect

  1. Login to JAMF Connect
  2. Fill out the Form as follows:
    • Identity Provider: Select Custom
    • OIDC Client ID: Enter the previously noted Client ID
    • ROPG Client ID: Enter the previously noted Client ID
    • Client Secret: Enter the previously noted Secret
    • OIDC Redirect URI: Enter the previously noted Whitelisted Redirect URIs
    • Discovery URL: Enter the previously noted Auto config URL

JAMF Connect IDP Form.png

Email Template

Hi JAMF Connect,

Our school <schoolname> is wanting to setup a connection between Cloudwork and JAMF Connect.
To begin this process could you please provide the Redirect URIs?
Could you also provide what information you will require from us to complete the process at your end?