Configuring Okta Identity Engine with Jamf Connect

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

Jamf Connect supports an integration with Okta Identity Engine (OIE) as your cloud identity provider.

Requirements

  • Access to your organization's Okta Identity Engine admin console.

  • The Interaction Code grant must be enabled at the organization and application level. Additionally, the grant must be enabled on a per-authorization level for any custom authorization servers. For more information, see Verify that the Interaction Code grant type is enabled (okta Developer).

  1. Log in to your Okta Identity Engine admin console.
  2. Click Settings > Account.
  3. Navigate to the Embedded widget sign-in support.
  4. Click Edit.
  5. Enable the option titled Allow admins to configure the Interaction Code grant type for apps and authorization servers that they manage.
  6. Click Save.
  7. Click Applications.
  8. Click Create App Integration.
  9. Do the following in the Create a new app integration window:
    1. Select OIDC - OpenID Connect as the sign-in method.
    2. Select Native Application as the application type.
    3. Click Next.
  10. Configure the following app integration settings:
    1. Enter a name for your app, such as Jamf Connect, in the Application name field.
    2. (Optional) Upload an application logo.
    3. Select the Interaction Code grant type.
    4. Enter the following text in the Sign-in redirect URIs field: https://127.0.0.1/jamfconnect
    5. Remove the Sign-out redirect URIs field by clicking the X next to the text field.
    6. (Optional) Assign users to the Jamf Connect application or select Skip group assignment for now.
    7. Click Save.
  11. In the General tab, locate your client ID. Save this value to be used later as the OIDCClientID value in Jamf Connect.
  12. Navigate to the Okta API Scopes tab and locate okta.users.read.
  13. Click Grant.
  14. (Optional) Navigate to the Sign on tab and locate the User authentication section.
  15. (Optional) Click Edit and select an authentication policy.
  16. Click Save.

You can now test your authentication configuration with Jamf Connect. For more information on creating a Jamf Connect configuration, see Creating a Configuration Profile using Jamf Connect Configuration.