Okta + Jamf

Add best-in-class identity management to your enterprise endpoint management solution with the powerful integration between Okta and Jamf.

Okta Single Sign-On (SSO) and Multi-factor Authentication (MFA) integrates with Jamf Pro and Jamf Connect to provide seamless and secure authentication to managed Apple devices and company resources.

• Apple Platform SSO (PSSO) for managed desktop applications
  • Jamf Pro offers support for Platform Single Sign-On (PSSO), streamlining Okta Verify and FastPass activation on a macOS device. With PSSO, users can access all relevant applications on a Mac device by signing in only once, reducing the number of requests for users to enter the same credentials repeatedly for every app. 
• Enrollment SSO for bring your own device (BYOD) applications
  • Enrollment SSO reduces the number of sign-ins required of a user when enrolling into MDM. By installing Okta Verify, new employees will no longer have to worry about repeated authentication during and after the enrollment process.

Jamf Pro can access users and groups stored in Okta through Okta’s LDAP interface, eliminating the requirement to connect Jamf Pro to Active Directory. In addition, when enabled, Jamf Pro can assign customized content and policies to devices that belong to users who are members of particular LDAP groups.

To ensure only Jamf-managed Mac devices can access enterprise services, Jamf delivers a payload down to Mac devices that Okta then inspects prior to allowing access.

Jamf Protect's endpoint protection, detection, and response capabilities integrate with Okta’s Identity Threat Protection (ITP) to enrich an organization’s understanding of user risk with deep, multi-platform device security context. Crucial device context and network security insights are fed into ITP, enabling real-time risk assessment and automated response actions such as:

• Re-evaluating access policies
• Enforcing step-up authentication
• Logging events when a user's device becomes non-compliant or compromised

• Enhanced Zero Trust Security
  • Combine user authentication and device compliance to ensure only trusted users on secure devices can access resources.
• Streamlined IT Operations
  • Automate provisioning, user enrollment, and device compliance checks, reducing IT workload and manual intervention.
• Improved User Experience
  • Enable seamless access to applications without compromising security, ensuring a frictionless experience for end users.
• Secure Hybrid and Remote Work
  • Extend enterprise-level security to Apple devices, regardless of location, to support distributed teams effectively.
• Real-Time Device Compliance Enforcement
  • Continuously validate device trust to prevent access from unmanaged or compromised endpoints, mitigating security risks.