New Features and Enhancements

Google Secure LDAP Integration Enhancements

The following enhancements have been made to Google Secure LDAP integration:
  • The user interface has been improved, including the addition of some new icons.

  • A banner has been added to the top of the Google Cloud Identity Provider Configuration page to indicate the current connection status. For example, the following banner indicates a successful connection:

    The connection is automatically tested when you navigate to the configuration page or when you click Save on the configuration page.

  • The Mappings Test page has been redesigned. You now enter search criteria in a pane on the left and your search results are displayed in a pane on the right. The results are displayed vertically instead of in a horizontal table. Status notes will be displayed at the bottom of the Search Results pane to indicate whether the selected user is a member of the selected group.

    To access this feature, navigate to Settings > System Settings > Cloud Identity Providers, click the instance name you want to test, and then click Test .

Enhancements to Download/Download and Install Updates Remote Command for Computers

Jamf Pro now allows you to choose between downloading and installing the latest macOS version based on device eligibility or a specific macOS version when updating macOS on computers using a mass action.


Updating to a specific macOS version requires computers with macOS 10.15 or later.

Enhancements to the Adjust Shared iPad Settings Remote Command for Mobile Devices

In addition to Storage Space Type, you can now set the following:
  • Type of session on a device—You can enforce temporary sessions so users can log in only as guests (iPadOS 14.5 or later).

    To allow typical user sessions, users must log in with their Managed Apple IDs.

  • Session timeout—You can specify the period of inactivity on a device before a session is automatically closed (iPadOS 14.5 or later).
Consider the following:
  • This command was previously called Set Shared iPad User Space.

  • In mass actions, this command is called Set Shared iPad Settings.

  • Session-related attributes display in the General category of the inventory information.

For more information about Shared iPad, see the "MDM Commands" section in Prepare Shared iPad in Apple Platform Deployment.

Jamf Connect Deployment Settings Redesign

The settings for automated Jamf Connect deployment and updates have been redesigned for clearer messaging and more intuitive form controls. The page previously named "Jamf Connect Configuration Profiles" (Settings > Jamf Applications > Jamf Connect) has been renamed to "Jamf Connect Deployment and Update Settings". For each Jamf Connect configuration profile, use a toggle to choose whether or not Jamf Pro will automatically deploy Jamf Connect to computers in the scope. If set to Yes, Version and Update Type fields display to configure.

When you are finished, click Next. Jamf Pro now displays a confirmation pop-up dialog summarizing the actions it will take based on the settings you have configured. This allows you to scan for any unintentional consequences before saving.

Click Confirm to save the changes. Jamf Pro deploys and updates Jamf Connect on computers in the scope as described.

Safelist Apps from Jamf Parent and Jamf Teacher Restrictions

You can now safelist apps from being restricted by the Jamf Parent and Jamf Teacher apps. This allows you to ensure that apps required by your organization are not inadvertently restricted on student devices by the Parent or Teacher apps. To safelist an app, navigate to Settings > Jamf Parent or Jamf Teacher > Safelisted Apps. Then click Edit, add apps using the form controls, and click Save. Devices with the Parent or Teacher app in your environment are unable to restrict these apps on student devices.

Other Changes and Improvements

  • Connection Timeout is now removed from the Azure AD cloud identity provider settings. It defaults to 5 seconds.

    When upgrading Jamf Pro, the previously configured connection timeout is automatically set to 5.

  • The configuration profile TV Remote payload for mobile devices is now redesigned.

    When upgrading Jamf Pro, any previously created configuration profiles that include the redesigned payload settings are automatically migrated. Use the Jamf Pro user interface to review the settings. The migrated configuration profiles are not automatically redistributed.

  • Changes made to Settings > Jamf Applications > Jamf Parent now appear in the change management log.

Jamf Pro API Changes and Enhancements

The Jamf Pro API is open for user testing. The base URL for the Jamf Pro API is /api. You can access documentation for both the Jamf Pro API and the Classic API from the new API landing page. To access the landing page, append "/api" to your Jamf Pro URL. For example:


In future releases, Jamf Pro API endpoints that have been deprecated for over a year will be removed. It is recommended that you update your applications to use the latest versions of these endpoints. See the API documentation for a complete list of endpoints.

The following endpoints were added:
  • GET /v1/volume-purchasing-locations

  • POST /v1/volume-purchasing-locations

  • GET /v1/volume-purchasing-locations/{id}

  • DELETE /v1/volume-purchasing-locations/{id}

  • PATCH /v1/volume-purchasing-locations/{id}

  • GET /v1/volume-purchasing-locations/{id}/history

  • POST /v1/volume-purchasing-locations/{id}/reclaim

  • POST /v1/volume-purchasing-locations/{id}/revoke-licenses

Further Considerations

  • Privileges associated with new features in Jamf Pro are disabled by default.

  • It is recommended that you clear your browser's cache after upgrading Jamf Pro to ensure that the Jamf Pro interface displays correctly.

  • Known issues for Jamf Pro can be accessed from the Jamf Pro product page in Jamf Account.