Introduction
It is possible to link your datajar.mobi / Jamf Service Provider Plan to your Okta instance using SAML/SSO. This allows SSO user authentication during enrolment using Enrolment Customisation (macOS 10.15+) and the Self Service app, as well as assignment of devices and integrations into Apple School/Business Manager.
Using SSO during enrolment optionally allows you to require your users to use MFA when they authenticate, before Macs are enrolled, if using Enrolment Customisation.
Requirements / Dependancies
An LDAP/S connection to Okta Universal LDAP is required to work along side the SSO integration to give richer inventory reporting via the collection of additional attributes in Okta user records which can be used for app/profile scoping. Please ensure the steps in the following article are completed beforehand: Configuring Okta Universal Directory (LDAPS) for datajar.mobi
Technical Details
- Follow the steps in the following article (we recommend using the Pre-Configured Application):
- https://docs.jamf.com/technical-articles/Configuring_Single_Sign-On_with_Okta.html
- A dataJAR engineer will provide you with the "Jamf Pro" URL. It may be in the format of customername.datajar.mobi and NOT customer.jamfcloud.com - please do not use *.jamfcloud.com in any field when configuring the Okta app.
- Edit the Application as follows:
- Under Sign On → Settings → Credential Details, set the Application username format to mailNickName (this attribute should be created as part of Configuring Okta Universal Directory (LDAPS) for datajar.mobi)
- Please provide the Metadata URL from Okta to the dataJAR engineer.
- If you wish to follow the optional steps to enable Single Logout, please let your engineer know and they will provide the necessary certificate for you to upload to your Okta instance.
Need further support?
Automate. Simplify. Succeed. If you still require assistance with us or have any further questions, please raise a ticket with our support team.
Alternatively, please see our frequently updated knowledge base articles for reference.