After you have created an API client and assigned it one or more roles, you can generate a client secret which can then be used to generate access tokens.
Requirements
An API client created in Jamf Pro with at least one role assigned to it
A pop-up window appears with the client secret.
Note:
The client secret will only be displayed once. Make sure you save it to a secure location before dismissing the dialog.
After you have generated a client secret, it can be used by the /api/oauth/token endpoint of the Jamf Pro API to generate an access token.
The following is an example of what a request to the
/api/oauth/token endpoint might look like in a script.curl --location --request POST 'https://localhost:8443/api/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=6cabf059-21c9-44d6-bbde-02898f7430dd' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_secret=dzmsPks-FwXpks80jhQGZZrAV3H2_ER0NAk91RE-xOBZvfghd98EM1hF9msfkanl'{
"access_token": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI2Y2FiZjA1OS0yMWM5LTQ0ZDYtYmJkZS0wMjg5OGY3NDMwZGQiLCJhdWQiOiI2Y2FiZjA1OS0yMWM5LTQ0ZDYtYmJkZS0wMjg5OGY3NDMwZGQiLCJuYmYiOjE2ODgwNjc2NDMsInRva2VuLXV1aWQiOiIyYzZlYzYzZi02YmQ4LTRiOGQtOWNjYS00OWQ0MjMzMjY4NzAiLCJzdWJqZWN0LXR5cGUiOiJSRUdJU1RFUkVEX0NMSUVOVF9JRCIsImF1dGhlbnRpY2F0aW9uLXR5cGUiOiJDTElFTlRfQ1JFREVOVElBTFMiLCJzY29wZSI6WyJhcGktcm9sZToyIl0sImlzcyI6Imh0dHBzOi8vbG9jYWxob3N0Ojg0NDMiLCJleHAiOjE2ODgwNjgyNDMsImlhdCI6MTY4ODA2NzY0M30.2QGGXfVo8KgTGoZBIuE1d4bdnN0JqiZ5KXPO0pOkd9U",
"scope": "api-role:2",
"token_type": "Bearer",
"expires_in": 599
}