SSO Identity Provider Components (Single Login)

📘

Notice

Some configuration needs to be done within the Identity Provider's framework in order for the application to authenticate successfully. The steps required for each Identity Provider may differ.

Microsoft Azure Portal

Please review Microsoft's Azure Developer Guide for a detailed and expansive explanation of the Microsoft Azure framework.

App Registration - applications using the Single Login workflow will need to be registered within Azure's App Registrations section. Please refer to the Jamf Setup Configuration Guide for step-by-step instructions. Important items to note or define in this section are Directory/Tenant ID, Application/Client ID, redirect URI, and Roles.

Roles - Roles are defined within the App Registration section and assigned to users and groups within the Enterprise Application Settings section of Azure. For Jamf Setup, these roles are used to help identify the end-user's role within the organization. If multiple roles are available, Jamf Setup will prompt the end-user to select from the list of roles to define their role for that login session. These role values are mapped to an extension attribute in Jamf.

Enterprise Application Settings - Roles are assigned to Azure AD users and groups within the Enterprise Application Settings of the registered application.