Jamf Nation Idea: Remove Jamf Account SSO dependency for new features (Ex: Blueprints, Compliance)

🍿

I also work in an org that is not too happy about this, and how short sighted it is. I get leaning on Jamf Account for smaller organizations that may not have fully fleshed out identity management, but enterprise on the other hand has absolutely no need for a function like this and it is only increasing the threat surface.

In the very least Jamf should allow the admin to configure both an IDP and Jamf Account and let them select which one Jamf will use to authenticate the console while still allowing Jamf Account to map back to Jamf Services. Not like Jamf does not already have you log in with your Jamf Account in to a few places in settings already to enable functions.

Yes.

I was about to do this and ran into this roadblock. A competitor has access to the one item I needed without such hoops.

Yep, my Cyber team said No when I brought this to them to discuss making the change. Jamf has been dropping the ball lately, and they've got another thing coming down the pipe (according to our AO) that may end up resulting in us leaving the platform.

Agreed. It's extremely disappointing that this rather large requirement is in the way of us using these new features. We don't want to have to setup yet again more SSO integrations, and our Cyber team have refused it.

Seriously Jamf do better! Despite your explanation this is not what we want, and we don't want enormous blocks like this in the way of us using features!

Jamf posted this on their blog. Posting here for others:

Configuring SSO in Jamf Account
Discover the future of Jamf platform access, how to set up OIDC-based Single Sign-On and answers to frequently asked questions.

March 21 2025 by
Mike VanDelinder

https://www.jamf.com/blog/jamf-account-idp-configuration/

Read that blog and stopped right at - 

Platform capabilities are not available for:

• Jamf Premium Cloud Plus (StateRAMP or GovCloud)