jamf SSO through otka problems

mickgrant
Contributor III

so i'm having a strange issue with integrating our jamf cloud instance to otka for SSO.

when user-initiated enrolling devices with our myjss.jamfcloud/enrol URL we are prompted for our okta credentials, they are accepted, and then we receive a http 400 error instead of being prompted to download our profile.

BUT

if you open a new tab, and enter the enrolment URL again, it pushes straight to the JAMF profile download page... no need to credential again.
after that the enrolment all works as normal...

my question is has anybody else seen something like this and how did you fix it, so that we can get to the profile download page the first time...

4 REPLIES 4

tlarkin
Honored Contributor

The JAMFSoftwareServer.log will have some info or you can log into https://myjss.com/logging.html and see if anything useful comes out of this. Are you using Okta UD as well?

mickgrant
Contributor III

I'm not seeing anything related when i go to https://myjss.com/logging.html
and at the moment i don't believe we are using Okta UD...
though i noticed that the http 400 - bad saml request page isn't from the JSS its from the okta end

tlarkin
Honored Contributor

If you load your JSS URL and then add logging.html on the end of the URL it should pull up the logging interface.

1828e861ac7d4a3fa3f8cdfa14326b82

Was this ever resolved? Seeing some 400 bad request errors during customization enrollment with Okta.