Jamf Pro Admin Console supported features

This table lists the features and functionality that are available with a Jamf Pro Admin Console integration.

Feature Description
Push new users

Users created in Okta are also created in Jamf Pro Admin Console.

Here are some important things to note:

  • You don't need to assign a role or a privilege when you create a user.
  • Username and email ID must be unique to create a user.
  • A new user account is granted full access level and administrator privileges.
Push profile updates

Updates to the Okta user profile are pushed to Jamf Pro Admin Console.

Here are some important things to note:

  • Don't use this feature to update a username. If you do, it triggers a conflict and you must unassign and reassign the user to the app.

  • You can update a user's first name, last name, and email ID, but not their phone number.

  • When a user has entitlements assigned in multiple government orgs, an update to the user profile in any government org that excludes these entitlements override existing settings across all instances.
Push user deactivation Users deactivated in Okta are also deactivated in Jamf Pro Admin Console.
Import new users Users created in Jamf Pro Admin Console can be imported into Okta.
Reactivate users Users reactivated in Okta are also reactivated in Jamf Pro Admin Console.
Push Password Updates

Updates made to a user's password in Okta are pushed to Jamf Pro Admin Console, unless the user's account is locked.

Password must have a minimum length of 15 characters with mandatory complexity including at least one uppercase letter, one lowercase letter, and one special character.
Import user schema The user schema in the Jamf Pro Admin Console is imported into Okta. Only mandatory fields are available.
Entitlement Management

You can manage app entitlements for Jamf Pro Admin Console in Okta. If the app supports Okta Identity Governance, then you need to enable it to manage entitlements.

Access Level, Privilege Level, and Site ID are optional. However, Site ID is only used when the Access Level is set to Site Access.
Push groups Groups and their members can be pushed to integrated apps. See Manage Group Push.

Here are some important things to note:

  • You can only create standard groups.

  • You can only update the display name for a group but not the description.

  • You can't manage group roles within Okta. To manage group roles, use the Jamf Pro Admin Console.

  • Groups created in Okta are assigned Full Access as the default Access Level.

  • You can only add members to a group if their Access Level is set to Group Access.

Related topics

Integrate Jamf Pro Admin Console with Okta