Jamf Connect supports an integration Okta Classic Engine as your cloud identity provider. Authentication through Okta Classic engine authenticates users using the Okta Authentication API. You do not need to perform any additional tasks in the Okta admin console to enable authentication and password syncing.
When Okta Classic Engine is configured to use User Principal Name (UPN) formatted user names and multiple domains, a conflict may occur when converting the user name to UNIX local user name format.
Example: edith.mackenzie@example.com and edith.mackenzie@acmesoft.co may be two different people at two different subsidiaries of the organization. When properly formatted for a local macOS user account, the UNIX short name will be "edith.mackenzie" for both users. Jamf Connect may allow users in this highly unlikely example to log in to the incorrect local user account if they also happened to have the exact same password.
To ensure users can only log in to their account, a multifactor authentication (MFA) method is recommended. Jamf does not accept any responsibility or liability for any damages or security exploitations due to identically provisioned account credentials.
In the Jamf Connect Configuration application, click the + icon. Select Okta as your identity provider and enter your Okta tenant URL as your authentication server. This URL will appear similar to this example: example.okta.com.
You can now test your authentication configuration with Jamf Connect.