Enabling Multi Domain SSO for Jamf pro

rabiul
New Contributor II

Hi Jamf Nation, 

We are a group of companies and I have configured multiple sites for each company. 

Now I want to enable SSO for users so that they can use that to enroll their device (user initiated enrollment). While enabling SSO, I noticed that I am able to enable SSO for only one domain. How I can configure multiple domains for SSO in Jamf Pro? I am a newbie, so pardon me if I asked a silly question. 

Thanks in Advance

4 REPLIES 4

AJPinto
Honored Contributor III

You would need to handle that on your IDP side (Okta, Entra, etc). You would map both/all domains to your IDP using the appropriate steps, and when the user logs in to the IDP to authenticate enrollment the IDP will validate against the correct domain based on the mappings.

rabiul
New Contributor II

Is there any way to handle that on the Google Workspace side? We are using Google Workspace for the management. Or we need to implement Okta first and then add that to Jamf? 

AJPinto
Honored Contributor III

I have only worked with Okta and Entra, but from Googles documentation it looks like they do support multiple domains. I suggest reaching out to Google Support, or going to Google forums for assistance as folks over there will be more familar with how Google's IDP is setup.

 

https://support.google.com/a/answer/7502379

rabiul
New Contributor II

Got it. But we don't want to combine multiple domains into a single domain. I just talked with Google support and they mentioned I can try to combine the metadata file from each domain into a single file and then upload it to Jamf to check if that's working on not (considering the scenario that we don't have Okta yet). Will give it a try and update the thread. Btw, thanks for the suggestion @AJPinto