Jamf Connect Azure AD

New Contributor II

Currently implementing Jamf Connect and have encountered an issue with Conditional Access.  When logging in Jamf Connect displays the below error message.


Access has been blocked by Access policies.  The access policy does not allow token issuance.


After speaking with our Azure Administrator, I'm being told the Mac is being picked up by a CA that prevents Unknown devices from connecting.  The policy does allow Android, iOS, Windows and macOS devices to connect.  We're seeing the Mac having no "Device info" under 'Activity Details: Sign-ins'.

Device ID, Browser, Operating System are all Blank.

Has anyone else seen this?


Contributor III

are you connecting to intune at all? sounds like you need to spin up the device compliance integration with intune to provide that information. if youre currently using the legacy conditional access policy, thats been flaky a bit as of late device compl.png

Device Compliance is enabled and working as intended, we are still having the issue unfortunately.

New Contributor

We seem to be running into the same issue within our org - did you happen to find a way to address this?

New Contributor II

We believe it came down to 2 changes.

1. An update to Jamf Connect 2.28.1 - [PI113084]

2. Change to Policies - Jamf Connect and Microsoft Entra ID Conditional Access - Jamf Connect Documentation 2.30.0 | Jamf