General Requirements

To use Jamf Connect, you need the following:
  • Computers with macOS 10.15.4 or later

  • A Jamf Connect license and product download

    The license and product download are available in your Jamf Account. For instructions, see Installation and Licensing.

  • A cloud identity provider (IdP)


  • A method to deploy Jamf Connect packages and files on computers. An MDM solution, such as Jamf Pro, is recommended.
    Note:

    Jamf Now supports the Jamf Connect menu bar app, but does not support the login window. For more information about integrating Jamf Now with Jamf Connect, see Password Syncing via Jamf Connect Integration in the Jamf Now Documentation.

FileVault Requirements

If you want to use Jamf Connect to enable FileVault on computers with macOS 10.15 or later, you also need to install a configuration profile with the Privacy Preferences Policy Control payload. For instructions, see the FileVault Enablement with Jamf Connect.

Network Requirements

If your organization uses an 802.1x network, the authentication type must be compatible with the macOS login window to work with Jamf Connect. For example, a configuration profile for certificate-based authentication (such as EAP-TLS) must be installed at the computer-level.

Note:

User-level authentication to an 802.1x network (such as EAP-PEAP and EAP-TTLS) is not supported at the macOS login window with Jamf Connect. For more information about connecting to enterprise networks on macOS, see Connecting Apple devices to 802.1x networks in Apple Platform Deployment.

For more information about configuring enterprise networks with Jamf Pro, see the Implementing 802.1X Authentication Using Jamf Pro technical paper

Supported Cloud Identity Providers

The following cloud identity providers (IdPs) are supported by Jamf Connect. For more information about integrating with these IdPs, see Identity Provider Integrations.

  • Microsoft Azure AD--any subscription

  • Okta--any subscription. Additional Okta fees may apply for setups requiring a custom authorization server.

  • Google Identity--any subscription of Google Workspace (for businesses) or Google Workspace for Education.

    If you plan on creating and deploying an LDAP certificate for menu bar app password syncing, supported subscriptions include:
    • Business Plus
    • Enterprise

    • Education Fundamentals

    • Education Standard

    • Teaching and Learning Upgrade

    • Education Plus

  • IBM Security Verify--any subscription

  • OneLogin--any subscription

  • PingFederate--any subscription

If your organization uses an IdP that is not currently supported but can use OpenID Connect authentication, see Integrating with a Custom Identity Provider.