Partner Experience Enhancements
Partners can create not-for-resale (NFR) tenants. This allows you to test new features before assisting customers with them. NFR tenants expire after 365 days, unless manually extended or converted to a standard instance.
To create an NFR tenant, navigate to .
For more information, see Creating a Not-For-Resale Tenant.
OIDC-Based Single Sign-On (SSO) Enhancements
You can add a user to Jamf Pro and configure their assigned tenant and role from Jamf Account. This requires Jamf Pro "Edit" and "SSO" privileges in Jamf Account. To use this new feature, navigate to . Click the Action (•••) pop-up menu and choose Add to Jamf Pro.
You can view Jamf Pro SSO statuses and configure SSO for Jamf Pro entirely in Jamf Account, as well as retrieve failover URLs. Navigate to .
You can specify complex identity provider (IdP) group filtering logic when creating or updating an IdP connection. This includes the ability to provide multiple filter values, and specify whether the group name should match any or all of the provided filters.
Note:Filter values must total 180 characters or less.
Organizations that do not use an email claim with their IdP can specify a verified domain to be used in conjunction with their username to create a unique identifier that is similar to an email address. This results in Jamf portals receiving a claim for email in the form of
{username}@{yourVerifiedDomain.com}, which allows users to log in to Jamf apps requiring an email claim, such Jamf School and Jamf Account.
Resolved Issues
Fixed: The email domain is case sensitive when attempting to discover an IdP at Jamf login pages.
Fixed: Users without an email claim may not be able to access the AI Assistant.