Skip to main content

Hello :) 

because I'm still struggling with Jamf Connect for testing Onelogin. I'm using the latest version of Jamf Configurator (2.9.0) Please note, for my test instance, I didn't configure MFA for Onelogin. 

I don't know if it's the OIDCTenant or something else why it's not working but I tested already these things for OIDCTenant. 

Error message from Jamf Configurator: " Unable to load Identity Provider "

Error message from Onelogin: "OIDC authorization code for Jamf Connect FAILED" 

 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CreateJamfConnectPassword</key>
<true/>
<key>OIDCClientID</key>
<string>Onelogin-Client-ID</string>
<key>OIDCClientSecret</key>
<string>Secret</string>
<key>OIDCDiscoveryURL</key>
<string>https://<mycompanyname>.onelogin.com/oidc/2/.well-known/openid-configuration</string>
<key>OIDCIgnoreCookies</key>
<false/>
<key>OIDCProvider</key>
<string>OneLogin</string>
<key>OIDCROPGID</key>
<string>Onelogin-Client-ID</string>
<key>OIDCRedirectURI</key>
<string>https://127.0.0.1/jamfconnect</string>
<key>OIDCTenant</key>
<string>Onelogin-Client-ID</string>
</dict>
</plist>

We put MFA even it's not configured. We tried 1 thing at a time, using the most basic configuration, at the end, we removed the DiscoveryURL and Secret. 

<key>ROPGSuccessCodes</key>
<array>
<string>MFA</string>
</array>

  


We put MFA even it's not configured. We tried 1 thing at a time, using the most basic configuration, at the end, we removed the DiscoveryURL and Secret. 

<key>ROPGSuccessCodes</key>
<array>
<string>MFA</string>
</array>

  


Thanks for ur answer but if I remove "DiscoveryURL and Secret" I'm unable to SignIn to OneLogin. I already tested it to add "MFA" as ROPGSuccessCodes but no chance - same result. 

 


Thanks for ur answer but if I remove "DiscoveryURL and Secret" I'm unable to SignIn to OneLogin. I already tested it to add "MFA" as ROPGSuccessCodes but no chance - same result. 

 


What was your OIDC test result in the Jamf Connect Configuration? We use the most basic setup. 

 


What was your OIDC test result in the Jamf Connect Configuration? We use the most basic setup. 

 


Thanks, @YanW I solved it finally with the Jamf Support team. It looks like for me, they missed keeping the Onelogin documentation up2date. 

In case, u configured OneLogin as an OIDC connection u have to change the authentication method to "POST" not to "none". Afterward, I got tokens and I configured also ROPG / Discovery URL / Secret 


Thanks, @YanW I solved it finally with the Jamf Support team. It looks like for me, they missed keeping the Onelogin documentation up2date. 

In case, u configured OneLogin as an OIDC connection u have to change the authentication method to "POST" not to "none". Afterward, I got tokens and I configured also ROPG / Discovery URL / Secret 


Thanks for posting this! 

It helped me fix my configuration. I was getting an error with JAMF connect that was corrected by switching from NONE to POST on the onelogin side.

You rock!!


Hello Everyone, 

When we signed into Jamf Connect menubar we're getting MFA error, does anyone have a idea about this error. 

Attached the screenshot for reference. 


Hello Everyone, 

When we signed into Jamf Connect menubar we're getting MFA error, does anyone have a idea about this error. 

Attached the screenshot for reference. 


Is any one else still having trouble with this.



The one thing that I think I am getting stuck on is where do I find the Tenant line.  I have all the other boxes fill out and have the authentication set to Post.