IBM Cloud Identity

Jamf Connect Login provides support for IBM Cloud Identity and can be used to replace the standard macOS loginwindow with an IBM web view. Using the IBM web view, you can do the following:

  • Authenticate via a custom app in IBM Cloud Identity

  • Use multi-factor authentication (MFA) and support conditional access

  • Create a local account on a macOS computer

These capabilities and other customizations can be easily configured with configuration profiles sent via MDM or installed locally on the computer.

Configuring the IBM Cloud loginwindow

Deploying the IBM Cloud loginwindow with Jamf Connect Login involves the following steps:

  1. Add Jamf Connect Login as a custom application in IBM Cloud

  2. Create users and assign roles

  3. Configure and deploy Jamf Connect Login

Step 1: Add Jamf Connect Login as a Custom Application in IBM Cloud

You must integrate Jamf Connect Login with IBM Cloud by adding it as a custom application:

  1. Log in to IBM Cloud.

  2. In the upper-right corner, click the user icon, and then click Switch to admin.

  3. Click Applications.

  4. Click Add.

  5. Select Custom Application in the select Application Type window.

  6. Enter "Jamf Connect Login" in the text field at the top of the screen.

  7. Do the following on the General pane:

    1. Select Enabled.

    2. (Optional) Complete the Description field.

    3. Complete the Company Name field.

    4. Click Add Owner, and use the Select Users window to add users that you want to be application owners.

  8. Do the following on the Sign-on pane:
    Note: The Client ID field is filled automatically after completing the custom application process. This value will be used with the OIDCClientID key when configuring Jamf Connect Login preferences.

    1. Choose "Open ID Connect 1.0" from the Sign-on Method pop-up menu.

    2. Enter "https://127.0.0.1/jamfconnect" in the Application URL field.

    3. Select all Grant Type options.

    4. Enter "https://127.0.0.1/jamfconnect" in the Redirect URIs field.

    5. Under Token Settings, choose "JWT" (JSON Web Token) from the Access Token Format pop-up menu.

  9. Do the following on the API Access pane:

    1. Select Configure API Access.

    2. Switch the "Select All" toggle to On.

  10. On the Entitlements pane, select All users are entitled to this application.

  11. Click Save.

Step 2: Create Users and Assign Roles

Once Jamf Connect Login is added as a custom application in IBM Cloud Identity, you can create users and roles for Jamf Connect Login as needed.

For step-by-step instructions on how to create users and assign roles, see the following resources from IBM Cloud:

Step 3: Configure and Deploy Jamf Connect Login

Jamf Connect Login is deployed with a package installer, similar to other applications installed on macOS.

For more information on configuring Jamf Connect Login with Google ID, see the Configuration for IdPs using OpenID Connect.

For more information on deploying the Jamf Connect Login package installer, see the Deploying Jamf Connect Knowledge Base article.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.