About Jamf Connect Login

Jamf Connect Login

Jamf Connect Login is an application that allows you to manage authentication with the macOS loginwindow process. In addition, Jamf Connect Login can be used for the following:

  • Enabling authentication with identity provider (IdPs) credentials

  • Allowing just-in-time user creation

  • Enabling FileVault

  • Customizing the log in experience

You can configure Jamf Connect Login with configuration profiles sent via MDM or installed locally on a computer.

The following IdPs are supported in Jamf Connect Login:

  • Google Identity

  • IBM Cloud Identity

  • Microsoft Azure AD

  • Okta

  • OneLogin

  • PingFederate

Note: Jamf Connect Login features and user experience may vary based on the IdP used in your environment.

Basic Operation

The loginwindow on macOS runs through a sequential list of mechanisms. These mechanisms do the following:

  • Display a UI

  • Run scripts and other functions as root

  • Determine if a user can authenticate on a computer

On a standard installation of macOS 10.14, the loginwindow runs 16 built-in mechanisms when a user signs in on the computer. Jamf Connect Login replaces the macOS login UI, and then can add other mechanisms to support a variety of workflows.

For most workflows, Jamf Connect Login can be used to allow for user authentication with an identity provider (IdP), and then have local accounts created based on those credentials.

Note: Modifying the login process can have a negative impact on user experience. A working knowledge of macOS loginwindow mechanisms is essential to crafting workflows with Jamf Connect Login. Testing new workflows before implementing them in your production environment is recommended.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2020 Jamf. All rights reserved.