Requiring Zero Trust Network Access to Log In to Apps

Jamf Connect Documentation
Solution
Application
Jamf Connect
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

Use this configuration for each app that should require Jamf Connect's Zero Trust Network Access to be active before a user can log in.

  1. Click Applications in the Okta navigation bar.
  2. Click the desired application to reveal its details, then click the Sign On tab.
  3. Scroll down to Sign On Policy and select Add Rule.
  4. Provide a Name for the rule, such as Require Zero Trust Network Access.
  5. Under Conditions > Location, select In Zone.
  6. When the Network Zones field appears, type the name of the network zone that you created earlier (such as "Jamf Trusted IPs").
  7. In the Actions > Access section, ensure that Allowed is defined and Prompt for factor is unchecked.
  8. Click Save.
  9. Arrange the new rule towards top priority, as appropriate.
  10. Click Add Rule to create another sign-on rule that will block all other traffic.
  11. Provide a Name for the rule (such as "Block all others").
  12. Click Actions > Access, then select "Denied".
  13. Leave all other settings as their default values.
  14. Click Save.
  15. Ensure that the block rule is below the Zero Trust Network Access only rule in priority in the Sign On Policy table.
  16. Repeat these steps for other applications, as required.