This guide provides a complete workflow for integrating with Microsoft Endpoint Manager and Azure Active Directory (Azure AD) to enforce compliance on institutionally owned iOS and iPadOS devices managed by Jamf Pro. This integration allows you to connect multiple Jamf Pro instances to a single Azure AD tenant.

Integrating with Microsoft Endpoint Manager to enforce compliance involves the following steps:

1. Configure the connection between Jamf Pro and Microsoft Endpoint Manager.

2. Deploy the Microsoft Authenticator app to users and have them register with Azure AD.

3. Create a Conditional Access policy in Azure AD.

Jamf Pro delivers the compliance status of mobile devices to Azure AD. This allows you to identify unmanaged and non-compliant devices.

The following diagram shows a high-level flow of the integration architecture: