Configuring an Authentication Policy with Okta Identity Engine to Limit Access

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

In order to limit access with Okta Identity Engine, an authentication policy must be configured and added to your Jamf Connect application.

Requirements

  • Access to your organization's Okta Identity Engine admin console.

  • A configured Jamf Connect application in Okta Identity Engine

  1. Log in to your Okta Identity Engine admin console.
  2. Click Security > Authentication Policies.
  3. Click Add a policy.
  4. Create a name and description for the policy. A recommended name is Jamf Connect - Group Membership Check.
  5. In the Catch-all Rule section, click Actions.
  6. In the THEN section, modify the option for User must authenticate with to Password.

    If Password is unavailable, this configuration is incompatible with the use of a password in your Okta tenant due to Okta Global Session Policies. Without this, the configuration is incompatible with Jamf Connect. For more information, see Global session policies (okta Docs).

  7. Click Save.
  8. Navigate to the Applications tab.
  9. Locate your Jamf Connect application.
  10. Click Add.
  11. Click Close.

You can now test your configuration with Jamf Connect. For more information on creating a Jamf Connect configuration, see Creating a Configuration Profile using Jamf Connect Configuration.