Having a roadblock and currently under testing. The intended workflow is zero-touch with okta's user. Device ADE > Can't pass creating a user from jamfconnect using okta's user. I was able to authenticate with okta on the first page using SSO, enrollment customization config. I was able to login locally using pre-push user. The jamfconnect config was good and checked by jamf support, until now I don't have a good answer from support, and my ticket still open.
The prestage configuration push is not working as well, I have to scope the device. Please advise if you successfully deploy jamfconnect with okta.
Jamfconnect configuration:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>OIDCProvider</key>
<string>Okta</string>
<key>OIDCClientID</key>
<string>0XXXXXXXXXX</string>
<key>OIDCRedirectURI</key>
<string>https://127.0.0.1/jamfconnect</string>
<key>AuthServer</key>
<string>company.okta.com</string>
<key>OIDCAccessClientID</key>
<string>0XXXXXXXXXX</string>
<key>OIDCAdminClientID</key>
<string>01XXXXXXXXX</string>
<key>CreateJamfConnectPassword</key>
<true/>
<key>LocalFallback</key>
<true/>
<key>CreateAdminUser</key>
<true/>
<key>LicenseFile</key>
<string>KEY-XXXXXXX</string>
<key>Migrate</key>
<true/>
<key>LoginWindowMessage</key>
<string>>>> Company <<<</string>
<key>AllowNetworkSelection</key>
<true/>
<key>EnableFDE</key>
<true/>
<key>DenyLocal</key>
<false/>
</dict>
</plist>
thanks,
Ron
