Trying to upload compliance editor guidance to Jamf Pro

Hi all,

I'm trying to upload a guidance from Compliance Editor to Jamf pro. I'm at the portion where it's asking for a client ID and secret. I haven't used the jamf API before and I know you need to create a API role first, but I'm not sure what privileges I would need for a compliance editor upload.

Page 1 / 1

The guide (link at the bottom of that page) gives a list of the required API permissions, under the section: Uploading to Jamf Pro > Use safe practices

It shows this require permissions matrix.

Thanks. That answered my question.

Problem now is it's still saying it's failing to generate a token and to verify my username and password. I've copied and pasted the client id and secret into the requisite fields so I'm not sure where I'm going wrong...

Feel free to use my zsh code:

# Jamf API URL

jamfURL="https://[yourserver].jamfcloud.com"



# API Credentials

client_id="xxxxxxx"

client_secret="xxxxxxx"



# TOKEN ACQUSITION



getAccessToken() {

    response=$(

        /usr/bin/curl \\

            --silent \\

            --location \\

            --request POST "${jamfURL}/api/oauth/token" \\

            --header "Content-Type: application/x-www-form-urlencoded" \\

            --data-urlencode "client_id=${client_id}" \\

            --data-urlencode "grant_type=client_credentials" \\

            --data-urlencode "client_secret=${client_secret}"

    )

    access_token=$(echo "$response" | plutil -extract access_token raw -)

    token_expires_in=$(echo "$response" | plutil -extract expires_in raw -)

    token_expiration_epoch=$(($current_epoch + $token_expires_in - 1))

}



checkTokenExpiration() {

    current_epoch=$(date +%s)

    if [[ token_expiration_epoch -ge current_epoch ]]; then

        echo "Token valid until the following epoch time: " "$token_expiration_epoch"

    else

        echo "No valid token available, getting new token"

        getAccessToken

    fi

}



invalidateToken() {

    responseCode=$(

        /usr/bin/curl \\

            -w "%{http_code}" \\

            -H "Authorization: Bearer ${access_token}" $jamfURL/api/v1/auth/invalidate-token \\

            -X POST \\

            -s -o /dev/null

    )

    if [[ ${responseCode} == 204 ]]; then

        echo "Token successfully invalidated"

        access_token=""

        token_expiration_epoch="0"

    elif [[ ${responseCode} == 401 ]]; then

        echo "Token already invalid"

    else

        echo "An unknown error occurred invalidating the token"

    fi

}

Ignore that.... Looking at too many windows to realise you were using their tool.....

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded