Integrating with Microsoft Azure

Jamf School lets you enroll users from Microsoft Azure into Jamf School via an automated process by presenting a web clip onto the user device. This web clip enables authentication through Microsoft Azure, importing the user into Jamf School and linking the Azure account with the iPad.

Microsoft Azure Jamf School Management System implementation and setup details:

Step 1: Azure > Login

Log in with your Azure Admin account.

Step 2: Azure > Active Directory: Create an Application for Jamf School

  1. Within the Azure Active Directory folder, navigate to App registrations.

  2. Click New registration and add an application for Jamf School:

    • Name: Jamf School Management System

    • Application type: Web app / API

    • Sign-on URL: <schoolname>

  3. Click Register.

  4. Select your application, find the Application ID, and copy it to the clipboard.

  5. Generate a key, click Certificates and Keys, and create a new client secret. Give it a name and copy the key.
    Note: The key will be displayed when these settings are saved. Copy the key to the clipboard, as once you leave the page the key will not be visible.

  6. After creating the application, make a note of the endpoints which are automatically created. You can expose the endpoints by going back to “App Registrations” and clicking the “Endpoints” button at the top of the pane.

  7. Copy the following endpoints to the clipboard:

    • OAuth 2.0 Token Endpoint (v1)

    • OAuth 2.0 Authorization Endpoint (v1)

Step 3: Apply settings in Jamf School

  1. In Jamf School, navigate to Organization > Settings in the sidebar.

  2. Select the Authentication payload.

  3. Choose "Microsoft Azure" from the Authentication Method pop-up menu, and enter the appropriate values:

    • Key: Application Client Id, found in the Azure Application configuration

    • Secret: Application Secret, generated after setting a key and saving the Azure application

    • Authorization Endpoint: Application Endpoint, exposed when viewing the Azure application Endpoints

    • Token Endpoint: Application Endpoint, exposed when viewing the Azure application Endpoints

    • CallbackURL: Application Reply URL, found in the Azure Application configuration

Microsoft Azure Device and User Flow:

Step 1: Special Microsoft Azure web clip on user device

When a user starts with a new device and the device has not yet been associated with a user, the device will show a web clip that the user can activate. This enables the user to authenticate via Microsoft Azure.

Step 2: Select Microsoft Account

After clicking the web clip, the user is redirected to Microsoft Azure. This enables the user to log in.

Step 3: Jamf School sign-in permission

Accept the Jamf School sign-in and read your profile message.

Step 4: Jamf School Message

After a successful login, the user is registered in Jamf School and associated with the device.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.