"JAMF" was blocked from use because it is not from an identified developer

Jamf is a trusted and identified developer... When Jamf installs there is a valid certificate and a prompt to trust with user enrollment and with Prestage and DEP this is auto-trusted as the devices are supervised. Let me look into this and get back but I am sure someone else in this community has solved this. I will say I have not seen what your exactly saying with the update to macOS. 

Over the years we've gone from El Capitan to Sierra, High Sierra, Mojave, Catalina and Big Sur. I have never seen an unidentified developer message relating to Jamf.

This is probably specific to your environment, but High Sierra has also been EOL for quite a while so it's possible that the certificate chains relating to Developer IDs and GateKeeper have expired or the OS predates the current ones?

If you have an AppleCare Enterprise support agreement it would be worth creating a ticket with Apple, referencing your Jamf support case so they can tie it together.

@jtrant jtrant, good mention on High Sierra being EOL. 

It's happening on Catalina, not High Sierra. The only reason I mention High Sierra is that they are upgraded from it. But in any case, surely whether JAMF is an identified developer is down to materials installed by JAMF, not something that comes with the operating system? So since JAMF effectively puts the client on by itself, replacing older versions of the client as necessary, I don't see how it could have put itself on there and forgotten to include whatever makes it an identified developer.

I'm wondering if this is due to the very old version of Jamf Pro you're running. Version 10.21 is now 10 versions behind and about 1-1/2 years old.

macOS Catalina has stricter security requirements than High Sierra and may not tolerate the older Jamf software, like the jamf binary, that you're deploying.

The jamf binary is code signed. What information do you get back when you run this on one of your Catalina Macs where you're seeing the unidentified developer message?

codesign -dv --verbose=4 /usr/local/jamf/bin/jamf

Also, can you post a screenshot of the message you're receiving. It may be more revealing as to what's happening.

Indeed it is, but it is considerably newer than Catalina! At least, it was 2 years ago that we first played with Catalina. I can't go any newer, because I still have to support my estate of High Sierra computers which are installed via imaging, and I have read in multiple places that JAMF imaging stops working in 10.22 or 10.23.

Is it the code signing that determines whether they are an identified developer? I'll try that command and post screenshots of the message on Monday. Thanks for the thoughts.

(My comment about Catalina being older than this version of JAMF was because it will, at some point, have been the cutting edge new version while Catalina was the current version of OS X. People will not have had any newer versions of JAMF they could turn to. So if this was a problem with the JAMF version, I would have expected to find everybody trying to implement Catalina complaining about having problems like this back then. I don't find anybody.)

Well, this was unexpected.

On Friday, I did a clean install of Catalina (rather than upgrading High Sierra). This morning, I don't have the problem. So whatever it is, it has to do with coming from High Sierra. So I guess I'll table this for the time being. (Not least because I now can't test the codesign command because my test machine doesn't have the problem right now)

Thanks to everyone who replied.