Before you can interact with the Jamf Protect API, you must create an API client in Jamf Protect. Creating an API Client generates configuration and endpoint information, such as a client ID and API client password, which can be used for the following:
-
To obtain an access token
-
Register your Jamf Protect tenant with Jamf Pro.
Before creating an API client, consider the permissions necessary for that client. You can create a new role and assign the minimum required permissions for the API Integration, or you can assign the Read Only role to the client. The Read Only role will automatically include any future read-only permissions. The following permissions are the current recommended minimum permissions required for an API client.
Read only: Plans
Read only: API Clients
Read only: Downloads
These permissions are subject to change, and can be updated at any time. For more information about assigning custom roles, see User Roles and Groups.
You can have up to five API clients in Jamf Protect. To add an additional API client, you must delete one of the existing clients.
- Copy the API client password for later use.Important:
This value will not be displayed again by Jamf Protect.
Your API client configuration and endpoint information displays.
If you plan to use an API client to integrate with Jamf Pro or test with the Altair GraphQL Client application, make sure to copy the client ID in the API Client Configuration pane and the Jamf Protect API URL in the Token and API Endpoints pane.