Jamf Connect uses the OpenID Connect authentication protocol, which can be configured to support various types of authentication methods (grants) that dictate how the following components communicate:
- Resource Owner —
The user
- Client App —
Jamf Connect
- Authentication Server —
The cloud IdP
Jamf Connect uses the following OpenID Connect grant types:
- Authorization Code Grant —
Authenticates the user's cloud username and password in exchange for an authorization code, which Jamf Connect sends to your IdP token endpoint.
- Resource Owner Password Grant (ROPG) —
Authenticates the user's cloud username and password directly to your IdP's token endpoint. This authentication method is only used for password synchronization.