GSX Connection

The GSX Connection settings allow you to integrate Jamf Pro with Apple's Global Service Exchange (GSX) to look up and populate the following purchasing information for computers and mobile devices:

  • Purchase date

  • Warranty expiration date

Note:

GSX may not always return complete purchasing information. Only the information found in GSX is returned.

To integrate Jamf Pro with GSX, you must first create a GSX account and obtain a certificate from Apple. Then you can configure the GSX Connection settings in Jamf Pro, which involves entering GSX account information, retrieving an API token from Apple, and uploading the Apple certificate.

You can also use Jamf Pro to test the GSX connection and upload a renewed Apple certificate when needed.

Configuring the GSX Connection Settings

Requirements

To configure the GSX Connection settings, you need:

  • A GSX account with the “Manager” role, access to Web Services, and access to coverage/warranty information

  • An Apple certificate (.pem or .p12)

For instructions on creating a GSX account and obtaining an Apple certificate, see the Integrating with Apple’s Global Service Exchange (GSX) article.

  1. In Jamf Pro, click Settings in the top-right corner of the page.
  2. In the Global Management section, click GSX Connection .
  3. Click Edit .
  4. Select Enable Connection to GSX.
    Note:

    This setting and others on this pane may already be configured if Jamf Pro was used to generate a CSR.

  5. Enter the username and account number, including the leading zeros, for the GSX account.
  6. Provide your API token in the API Token field by doing the following:
    1. Click the “Log in to your Apple GSX account” link below the API Token field.
    2. Log in to your Apple GSX account.
    3. Click Copy to clipboard to copy your API Token.
    4. In Jamf Pro, paste your API Token into the API Token field.
      Note:

      The API token is not displayed after you finish configuring the GSX connection or when you edit an existing GSX connection. This is because the API token changes with every request and will always be different.

  7. In the Certificate-based Authentication section, click Upload.
  8. The URI field will be populated automatically.
  9. Follow the onscreen instructions to upload the Apple certificate (.pem or .p12).
    Note:

    The keystore password will be the same as the export password that was set when the certificate was created.

  10. Click Save .

After the GSX connection is in place, you can look up and populate purchasing information for a single computer or device by editing its inventory information, or for multiple computers or devices by using a mass action.

Testing the GSX Connection

  1. In Jamf Pro, click Settings in the top-right corner of the page.
  2. In the Global Management section, click GSX Connection .
  3. Click Test .
  4. Click Test again.

A message displays, reporting the success or failure of the connection.

A successful connection will display information similar to the following:

[Accept: application/json, Content-Type: application/json, X-Apple-SoldTo: 0000000000, X-Apple-ShipTo: 0000000000] GET https://partner-connect.apple.com/gsx/api/authenticate/check HTTP/1.1
Response: OK

Renewing the Apple Certificate

You can use Jamf Pro to upload a renewed Apple certificate without removing the existing certificate so the connection with GSX is not lost. A notification is displayed 31 days prior to the expiration date of the Apple certificate.

  1. In Jamf Pro, click Settings in the top-right corner of the page.
  2. In the Global Management section, click GSX Connection .
  3. Click Edit .
  4. Click Renew.
  5. Follow the onscreen instructions to upload a renewed Apple certificate.