Google Identity

Jamf Account Documentation
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

Training Video

Watch the Integrate Google Identity with Jamf Account training video to learn how to configure SSO through Jamf Account.

  1. Log in to Google Cloud Console.
  2. Click the current resource button in the upper-left corner, and then click New Project.
  3. Add a project name (e.g., "Jamf Account"), and then click Create.
  4. Under Notifications, select the name of the project.

    If you have cleared notifications, select the project by clicking the name of the currently selected project in the upper-left corner of the window near the Google Cloud logo.

  5. Configure the OAuth consent screen:
    1. Click the navigation menu in the upper-left corner.
    2. Click APIs & Services, and select the "OAuth consent screen".
    3. On the OAuth Overview page, click Get Started.
    4. Under App Information, enter an app name (e.g., "Jamf Account" to match the project name).
    5. Click the User support email pop-up menu, select an email address, and then click Next.
    6. Under Audience, select Internal, and then click Next.
    7. Under Contact Information, enter an email address to receive Google notifications, and then click Next.
    8. Under Finish, select the I agree checkbox to accept the Google User Data Policy.
    9. Click Continue.
    10. Click Create.
  6. Configure the OAuth client:
    1. Click Create OAuth Client.
    2. Click the Application type pop-up menu, and select Web application.
    3. Enter the app name.
    4. Under Authorized redirect URIs, click Add URI.
    5. Enter your region-specific URI associated with your IdP configuration.

      • https://us.auth.jamf.com/login/callback

      • https://eu.auth.jamf.com/login/callback

      • https://au.auth.jamf.com/login/callback

      • https://jp.auth.jamf.com/login/callback

        Note:

        If you do not know your hosting region, add all redirect URIs.

    6. Click Add URI again, and then enter the logout redirect URI: https://account.jamf.com/logout.
    7. Click Create.

      The Client ID displays after configuring. Copy this information and save it in a secure location.

    8. Click OK.
    9. Click Data Access.
    10. Click Add or Remove Scopes, and then select the first three checkboxes (email, profile, and openid).
    11. Click Update.
    12. Click Save.
      Note:

      You can view your Client ID and Client secret by clicking Clients > app name.

Your app integration is created. Before you connect your IdP with Jamf Account, you must verify your SSO domain. For instructions, see Verifying your SSO Domain in Jamf Account.