Creating an Application for Limiting Access in Okta

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

In order to limit access in Okta, a specific Jamf Connect application must be created and configured via Okta Classic Engine or Identity Engine.

Requirements

  • Access to your organization's Okta Identity Engine or Okta Classic Engine admin console.

  • An existing Okta app integration with OpenID Connect 2.0.

  1. Log in to the Okta Admin Console.
  2. Click Applications.
  3. Click Create App Integration.
  4. Do the following in the Create a new app integration window:
    1. Select OIDC - OpenID Connect as the sign-in method.
    2. Select Native Application as the application type.
    3. Click Next.
  5. Configure the following app integration settings:
    1. Enter a name for your app, such as Jamf Connect - Access or Jamf Connect - Admin Rights, in the Application name field.
    2. (Optional) Upload an application logo.
    3. Select the Implicit (hybrid) code grant types.
    4. Enter the following text in the Sign-in redirect URIs field: https://127.0.0.1/jamfconnect
    5. Remove the Sign-out redirect URIs field by clicking the X next to the text field.
    6. (Optional) Assign users to the Jamf Connect application or select Skip group assignment for now.
    7. Click Save.
  6. Navigate to the Okta API Scopes tab and locate okta.users.read.
  7. Click Grant.
  8. Navigate to the Sign in tab and record the value of the Client ID. Save this value to be used later.

You can now configure an authentication policy with Okta Identity Engine or a Sign On policy with Okta Classic Engine.