Custom Branding

You can customize the Jamf Connect login window and menu bar app for your organization. Custom branding creates a consistent and familiar user experience for users in your organization.

You can customize the following:

  • Images and icons

  • Messages

  • Menu bar item names

  • In-app user help resources

Keep the following in mind when customizing Jamf Connect:

  • The login window and menu bar app are configured with similar but independent settings in different Jamf Connect preference domains.

  • Custom images and icons can be deployed to computers using a policy or via the Enrollment Packages payload in a PreStage Enrollment with Jamf Pro 10.19 or later. Re-packaging Jamf Connect is not recommended. For more information about deploying packages with Jamf Pro, see Policy Management and Computer PreStage Enrollments in the Jamf Pro Administrator's Guide.

Packaging Files and Images with Composer

You can use Composer to package custom files and images used by Jamf Connect. Create a package source by creating a folder on your computer where you want your custom files to be installed during Jamf Connect deployment, and then use drag-and-drop to create the new package source and build the package in Composer.

Requirements

Procedure

  1. Open Finder.

  2. Press Command-Shift-G to prompt a Finder search window.

  3. Enter the file path that you want to use to store your Jamf Connect files and images during deployment, and then click Go.

    Note: Storing images and icons at /usr/local is recommended.

  4. Create a new folder in your chosen location. If creating the folder at /usr/local or another privileged space, you may be prompted to authenticate as an administrator to create the folder.

  5. Name the folder "jamfconnect" or something similar.

  6. Add your custom files and images to the folder.

  7. Open and authenticate to Composer, and then drag your created file from the Finder to Composer's sidebar. A new package source should appear. images/nation-cdn-resources.jamf.com/b7ad1a95c55a44fc8bce7c57bc65d789

  8. Navigate to your Jamf Connect folder in Composer and configure the following ownership settings:

    1. Choose "root (0)" from the Owner pop-up menu.

    2. Choose "wheel (0)" from the Group pop-up menu.

    3. Click the Action button images/docs.jamf.com/composer/10.23.0/user-guide/images/download/thumbnails/49217948/C_Gear.png to the right of the X-column, and select "Apply Owner and Group to jamfconnect and All Enclosed Items" in the pop-up menu.

  9. For each file type in your folder, apply the following permissions:

    File Type

    Permissons

    Parent Folder

    images/download/thumbnails/81929567/Screen_Shot_2020-12-14_at_10.02.40_AM.png

    Images

    images/download/thumbnails/81929567/Screen_Shot_2020-12-14_at_10.04.11_AM.png

    Login window scripts

    images/download/thumbnails/81929567/Screen_Shot_2020-12-14_at_10.05.58_AM.png

    Menu bar app scripts

    images/download/thumbnails/81929567/Screen_Shot_2020-12-14_at_10.02.40_AM.png

  10. In the toolbar, click Build as PKG images/docs.jamf.com/composer/10.23.0/user-guide/images/download/thumbnails/49217961/C_Build_as_PKG.png .

  11. Select a location to save the package and click Save.

Your PKG with Jamf Connect files and images can now be deployed using a policy or via the Enrollment Packages payload in a PreStage Enrollment with Jamf Pro 10.19 or later.

Note: Packages must be signed using a certificate that is trusted by the computer at the time of enrollment. Signing the package with a certificate generated from either the Jamf Pro built-in CA or from an Apple Developer Program account is recommended. For more information about signing certificates, see the following Knowledge Base articles:

For more information about deploying packages with Jamf Pro, see the following sections of the Jamf Pro Administrator's Guide:

Login Window Custom Branding Settings

Domain: com.jamf.connect.login

Description: Used to customize the Jamf Connect login window for your organization

Key

Description

Example

BackgroundImage

Background Image

Path to a locally stored image to use as a background for the login window. This image file must be stored in a location that can be read from the login window.

<key>BackgroundImage</key>

<string>/usr/local/shared/background.jpg</string>

LoginLogo

Login Logo

Path to a locally stored image to use as a logo during password validation or local password creation.

Notes:

  • A 250 x 250 pixel image is recommended.

  • Do not include a backslash "\" in your file path.

  • The image file and its file path must be assigned a permissions set that can be read from the login window, such as 444.

<key>LoginLogo</key>

<string>/usr/local/images/logo.png</string>

LoginWindowMessage

Login Window Message

A custom message to display in the lower-center of the login window.

<key>LoginWindowMessage</key>

<string>Log in with your company username and password.</string>

Login Window User Help Settings

Domain: com.jamf.connect.login

Description: Used to allow users to access resources with a help button, join a Wi-Fi network in the login window, and use the power control buttons.

Key

Description

Example

AllowNetworkSelection

Allow Network Selection

When set to true, this preference key allows users to configure and confirm their network connection preferences from the login window. To access this feature, users can click the Wi-Fi icon in the top-right of the login window.

Note: To ensure the security of computers, users cannot select an open Wi-Fi network at the login window.

<key>AllowNetworkSelection</key>

<false/>

HelpURL

Help URL

Specify a URL to display at the login window that directs a user to a resource for onboarding or enrollment help.

<key>HelpURL</key>

<string>yourcompany.help.com</string>

HelpURLLogo

Help Icon

A custom image to use as a help icon.

Note: To enable this feature, the HelpURL key must be used.

<key>HelpURLLogo</key>

<string>/usr/local/shared/helplogo.png</string>

LocalHelpFile

Backup Help File

A path to a local file, such as a network troubleshooting or onboarding guide, that users can access by clicking the help icon in the Jamf Connect login window.

This file is only displayed if the computer cannot connect to the internet or access the URL specified with the HelpURL key.

Note: Supported file types include PDF and HTML.

<key>LocalHelpFile</key>

<string>/usr/local/shared/JamfConnectHelp.pdf</string>

OIDCLocalAuthButton

Local Login Button

(OpenID Connect only) Custom text to use for the "Local Login" button

<key>OIDCLocalAuthButton</key>

<string>Local Login</string>

OIDCHideShutdown

Hide Shut Down Button

Hide the Shut Down button from users at the login window

<key>OIDCHideShutdown</key>

<false/>

OIDCHideRestart

Hide Restart Button

Hide the Restart button from users at the login window

<key>OIDCHideRestart</key>

<false/>

Menu Bar Custom Branding Settings

Domain: com.jamf.connect

Dictionary: Appearance

Description: Used to customize Jamf Connect for your organization

Key

Description

Example

MenubarIcon

Light Mode Icon

The file path to a custom icon for the Jamf Connect menu bar icon when Light Mode is enabled.

A 16x16 pixel image is recommended.

<key>MenubarIcon</key

<string>/usr/local/icon.png</string>

MenubarIconDark

Dark Mode Icon

The file path to a custom icon for the Jamf Connect menu bar icon that displays when Dark Mode is enabled.

A 16x16 pixel image is recommended.

<key>MenubarIconDark</key

<string>/usr/local/darkicon.png</string>

ShowWelcomeWindow

Show Welcome Window

Display the Welcome window each time Jamf Connect is opened.

<key>ShowWelcomeWindow</key>

<true/>

Menu Bar Sign-in Settings

Domain: com.jamf.connect

Dictionary: SignIn

Description: Used to configure the sign-in user experience and multifactor authentication (MFA) options for Okta.

Key

Description

Example

AutoAuthenticate

Enable Automatic Sign-in

Determines if Jamf Connect will automatically attempt to sign in the user if there are saved credentials in the user's keychain.

<key>AutoAuthenticate</key>

<false/>

AutoMFA

Automatically Push Last MFA Method

(Okta only) Determines the user's most recently used multifactor authentication (MFA) method is automatically pushed during sign-in.

<key>AutoMFA</key>

<false/>

RequireSignIn

Require Sign-in

Determines if the Sign In window kept open on computers until users successfully authenticate.

<key>RequireSignIn</key>

<false/>

SignInLogo

Sign-in Logo

The file path to a locally stored image to use as a logo. Larger images will be automatically scaled down to an appropriate width whiling maintaining aspect ratio. Do not include a backslash "\" in your file path.

<key>SignInLogo</key>

<string>/usr/local/images/logo.png</string>

UsernameLabel

Username Field Label

Custom text for the Username field in the Sign In window

<key>UsernameLabel</key>

<string>Username:</string>

PasswordLabel

Password Field Label

Custom text for the Password field in the Sign In window

<key>PasswordLabel</key>

<string>Password:</string>

WindowTitle

Sign In Window Title

Custom title for the Sign In window

<key>WindowTitle</key>

<string>Connect</string>

MFARename

MFA Option Names

(Okta only) Custom names for each MFA option used with Okta authentication in your organization. For more information, about the types of MFA options you can configure with Jamf Connect and Okta, see Multifactor Authentication.

For more information about Okta MFA options, see the following Okta documentation: https://support.okta.com/help/s/setting-up-mfa-for-end-users?language=en_US

<key>MFARename</key>
<dict>
<key>push</key>
<string>Okta Verify app: Push Notification</string>
<key>question</key>
<string>Okta Verify app: Security Question</string>
<key>token:hardware</key>
<string>USB Security Key</string>
<key>okta:token:software:totp</key>
<string>Okta Verification Code</string> <key>google:token:software:totp</key>
<string>Google Verification Code</string>
<key>web</key>
<string>Duo Mobile app</string>
</dict>

MFAExcluded

Hidden MFA Options

(Okta only) A list of MFA options that you do not want to display to users

<key>MFAExcluded</key>
<array>
<string>push</string>
<string>question</string>
<string>token:hardware</string>
<string>token:software:totp</string>
<string>web</string>
</array>

OneTimePasswordMessage

One-time Password Message

(Okta only) Text displayed when a user must enter a one-time password (OTP) as a multifactor authentication (MFA) method

<key>OneTimePasswordMessage</key>

<string>Enter your verification code</key>

Related Information

For related information about additional advanced menu bar customization settings, see Menu Bar App Preferences

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2021 Jamf. All rights reserved.