OneLogin

Jamf Connect Login provides support for OneLogin and can be used to replace the standard macOS loginwindow with a OneLogin web view. Using the OneLogin web view, you can then do the following:

  • Authenticate via a company app in OneLogin

  • Use multi-factor authentication (MFA) and support conditional access

  • Create a local account on a macOS computer

These capabilities and other customizations can be easily configured with configuration profiles sent via MDM or installed locally on the computer.

Configuring the OneLogin loginwindow

Deploying the OneLogin loginwindow with Jamf Connect Login involves the following steps:

  1. Add Jamf Connect Login as an app in OneLogin

  2. Create users and assign roles

  3. Configure and deploy Jamf Connect Login

Step 1: Add Jamf Connect Login as an App in OneLogin

You must integrate Jamf Connect Login with OneLogin by adding it as an app.

  1. Log in to your OneLogin owner account.

  2. Click Administration.

  3. At the top of the screen, navigate to Apps > Company Apps.

  4. Click Add App.

  5. In the search bar, search for "OpenID Connect (OIDC)", and then select the corresponding search result.

  6. On the Info pane, enter "Jamf Connect Login" in the Display Name field.

  7. On the Configuration pane, enter "https://127.0.0.1/jamfconnect" in the Redirect URI's field.

  8. On the SSO pane, do the following:
    Note: The SSO pane contains Jamf Connect Login's Client ID. This value will be used with the OIDCClientID key when configuring Jamf Connect Login preferences.

    1. Choose "Web" from the Application Type pop-up menu.

    2. Choose "None (PKCE)" from the Change Authentication Method pop-up menu.

  9. Click Save.

Step 2: Create Users and Assign Roles

Once Jamf Connect Login is added as an app in OneLogin, you can create users and roles for Jamf Connect Login as needed. Roles are a collection of apps, which can be assigned to users.

Note: Users are automatically assigned the "Default" role in OneLogin and are granted access to apps assigned to that role. To assign all default users, add Jamf Connect Login to the Default role.

You can grant users access to Jamf Connect Login via the following methods:

  • Manually assign the app to the user by using the Applications pane of the user's account settings.

  • Manually assign the user a role containing the app.

  • Automatically configure user roles with mapping.

For step-by-step instructions on how to create users and assign roles, see the following resources from OneLogin:

Step 3: Configure and Deploy Jamf Connect Login

Jamf Connect Login is deployed with a package installer, similar to other applications installed on macOS.

For more information on configuring Jamf Connect Login with Google ID, see the Configuration for IdPs using OpenID Connect.

For more information on deploying the Jamf Connect Login package installer, see the Deploying Jamf Connect Knowledge Base article.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.