Deprecations and Removals

Jamf Pro Release Notes 11.22.0
Solution
Application
Content Type
Technical Documentation
Release Notes
Utilities & Services
version
11.22.0
ft:locale
en-US
vrm_version
11.22.0

Deprecations Added in This Release

Support for MDM software updates via remote command
The ability to deploy software updates via remote command using the Management tab in an individual device record or via mass action will be removed in late 2026. Managed software updates will remain functional.

Deprecations Added in a Previous Release

DeprecationNotes
DigiCert PKI Platform 8 support

DigiCert PKI Platform 8 (mPKI8) end of issuance was 01 October 2025. Jamf Pro is undergoing a phased approach to this deprecation. The ability to create new mPKI8 integrations is removed. In a future release of Jamf Pro, all mPKI8 integrations and associated information (e.g., certificate deployment records) will be removed from the Jamf Pro database (estimated removal date: spring of 2026).

For more information on the end of issuance, see the following documentation from DigiCert:

Transitioning certificate issuance from PKI Platform 8 to DigiCert® ONE

Rackspace and Akamai cloud distribution point supportSupport for distribution points hosted in Rackspace or Akamai Cloud will be removed in a future release of Jamf Pro. If your environment uses a distribution point hosted by either of these providers, Jamf recommends migrating your content to a different hosting solution, such as the Jamf Cloud Distribution Service (JCDS). Contact Jamf Support for additional information.
Dynamic SCEP challenge for Entrust supportSupport for Entrust dynamic SCEP challenges will be removed in a future release of Jamf Pro. If you are currently using Entrust for certificate lifecycle management, Jamf recommends switching to a different supported provider, such as Active Directory Certificate Services (AD CS), DigiCert, or Venafi. Contact Jamf Support for additional information.
Self Service classic for macOS support

Self Service+ will eventually replace Self Service classic, and support for Self Service classic for macOS will end in March 2026.

Software identification (SWID) tagsThe functionality to use software identification (SWID) tags for licensed software records will be removed.
Maintenance pages
Computer inventory collection for fonts
Computer inventory collection for plug-ins
Functionality to make policies available offlineThis option, currently available only for policies set to the "Ongoing" frequency, will be removed from the Jamf Pro interface, and all policies will require a connection to the Jamf Pro server to check for triggers before running.
Sign QuickAdd Package functionality for user-initiated enrollment settingsThis functionality is only used in legacy enrollment workflows involving QuickAdd packages and does not affect the user-initiated enrollment workflow.
Azure AD Graph for Conditional AccessAzure AD Graph is deprecated. If you previously modified the conditionalAccessDomains.json file, Jamf recommends editing the file to add the "msGraphResourceUrl": "https://graph.microsoft.com/" property into GLOBAL settings and "msGraphResourceUrl": "https://graph.microsoft.us/" into US_GOVERNMENT settings. For more information on this deprecation, see the following documentation from Microsoft:

Migrate your apps from Azure AD Graph to Microsoft Graph

Cache name settingThis setting will be removed from the Single Sign-On Extensions payload in computer and mobile device configuration profiles because Apple deprecated them.
Password expiration and Replication time settingsThese settings will be removed from the Single Sign-On Extensions payload in computer configuration profiles because Apple deprecated them.
Skip Display Tone and Skip Home button sensitivity settingsThese settings will be removed from the Skip Setup Items payload for mobile device configuration profiles.
Home Button Sensitivity and True Tone Display settingsThese settings will be removed from the General payload for computer and mobile device PreStage enrollments.
Functionality to issue the Tomcat SSL/TLS certificate from Jamf Pro's built-in certificate authorityJamf Pro's functionality to issue the Tomcat SSL/TLS certificate from the JSS built-in certificate authority (CA) will be discontinued. The release version for this change has not been determined. Before this change occurs, it is recommended that all on-premise Jamf Pro instances leveraging this functionality switch to a publicly trusted third-party CA to issue the Tomcat SSL/TLS certificate. This will prevent the potential loss of MDM communication from Jamf Pro to enrolled devices. If needed, a Tomcat SSL/TLS server certificate for Jamf Pro may be issued from an internal certificate authority. The JSS built-in CA will maintain its current ability to manually issue server certificates to other servers.
The "DIGEST-MD5" authentication type option"DIGEST-MD5" will be removed from the authentication type options. This authentication type option displays when configuring an LDAP server to use Jamf Infrastructure Manager as a proxy server.
Computer Access Only and Mobile Device Access Only Limited Access settings

Jamf Pro web app instances with one of these settings configured will automatically be updated to the Computer and Mobile Device Access setting. Administrators will only be able to assign Full Access or Computer and Mobile Device Access privileges after the deprecation.

Personal device profilesPersonal device profiles will be removed from Jamf Pro in conjunction with User Enrollment.
Webhook responses for ComputerPolicyFinished and ComputerCheckIn

These webhook responses will be modified to include additional information. These changes may break integrations that currently utilize these event types.

Supervise Devices and Make MDM Profile Mandatory settings in a mobile device PreStage enrollment

The ability to supervise devices and require the user to install the MDM Profile during enrollment with a PreStage enrollment will be required and will be built-in functionality. These settings will be removed from the Jamf Pro user interface.

pomManagedClassroomScreenObservation key

This key will be removed from the Restrictions payload for mobile device configuration profiles. It will be replaced with the forceClassroomUnpromptedScreenObservation key.

IfLostReturnToMessage key

The grayscale key will be removed from the Accessibility payload for computer configuration profiles.

Support for non-certificate based client communication with the Jamf Pro serverThe Enable certificate-based authentication checkbox will be removed from Settings > Computer Management > Security.

Removals

Removed in version...Item Removed or DiscontinuedNotes
11.18.0APNs binary protocol optionApple no longer supports the binary protocol option for APNs, and the option was removed from Settings > Push Certificates > MDM Push Notification Certificate.
11.17.0Allow Basic authentication in addition to Bearer Token authentication checkboxThe setting that enables Jamf Pro users to use Basic authentication in addition to Bearer authentication in the Classic API has been removed from Jamf Pro. Jamf removed support for Basic authentication in the Classic API with Jamf Pro 11.5.0, but did not remove the checkbox at that time to allow for organizations to have additional time to prepare to use Bearer Token authentication. If the setting was enabled previously, it will remain enabled.