Passthrough Authentication for Google Cloud ID

Flaurian
Contributor

Should I configure something else for enrolment customization to use the new feature “Passthrough Authentication for Google Cloud ID”, actually for Azure u have to add a URL to do it? If I understood it right, the “Google Allow Screen after the login” is gone and the password will be used for the local login for the macOS. I have still the feeling I forget something. 

Perhaps it's helpful to understand which configuration window I meant. 
Screenshot 2021-11-11 at 10.14.12.png
thanks for helping me 🙂 

2 REPLIES 2

mikevandelinder
Contributor
Contributor

@Flaurian invoking SSO authentication during enrollment customization is a separate integration and process from Connect's account provisioning workflow. If using Google in both enrollment customization and Connect, users will be asked to sign in to Google twice. There's no ability in the current workflows for the password entered for Google in enrollment customization (with single sign-on authentication) to then be used on the device as a local account password. Either Connect has to handle the password passthrough and account creation on its own, or Jamf Pro can create accounts through its PreStage settings.

Flaurian
Contributor

@mikevandelinderI don't know if I understood you correctly but the password is already forwarded to Jamf Connect if the user login via Google. This possibility is available with Jamf Connect v2.5 but my question is, with Azure it's just one login via enrollment customization and the jamf connect login later is skipped because it's forwarded. Now, I've still two logins (enrollment customization + jamf connect) and the login name + password is already set up but the user has to sign in a second time.