Jamf

Visualize Jamf admins, users, groups, devices, and profiles, map Jamf users to employees, and monitor changes through queries and alerts.

Installation

Installation

To use this integration, JupiterOne requires your Jamf hostname to interact with the API as well as authentication credentials. These authentication credentials can either be a Client ID and Client Secret for an API Client, or a user's username and password used to authenticate with Jamf.

The JupiterOne integration uses the Classic API to fetch Jamf data.

The JupiterOne integration uses the Bearer Authentication token to authorize the APIs.

Required Permissions:

• Read - Jamf Pro User Accounts & Groups
• Read - Users
• Read - Mobile Devices
• Read - Computers
• Read - Advanced Computer Searches
• Read - macOS Configuration Profiles

Configuration in JupiterOne

To install the Jamf integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Jamf. Click New Instance to begin configuring your integration, providing the following:

• Account Name used to identify the Jamf account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName option is enabled.

• Description to assist in identifying the integration instance, if desired.

• Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

• Authentication method in which to authenticate with Jamf. OAuth is the new preferred mechanism.

• Hostname of your Jamf organization.

• Client ID of the API Client you have created within Jamf, should the OAuth authentication method be selected.

• Client Secret of the API Client you have created within Jamf, should the OAuth authentication method be selected.

• Username used to authenticate with Jamf when having selected Basic for authentication method.

• Password associated with the username to authenticate with Jamf via the Basic authentication method.

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.

Data Model

Entities

The following entities are created:

Resources	Entity _type	Entity _class
Account	jamf_account	Account
Admin	jamf_user	User
Computer	jamf_computer	Host
Computer (deprecated entity)	user_endpoint	Device, Host
Computer Group	jamf_computer_group	Group
Group	jamf_group	UserGroup
macOS Configuration Profile	jamf_osx_configuration_profile	Configuration
Mobile Device	jamf_mobile_device	Host
Mobile Device (deprecated entity)	mobile_device	Device
User	device_user	User

Relationships

The following relationships are created:

Source Entity _type	Relationship _class	Target Entity _type
device_user	OWNS	jamf_mobile_device
device_user	OWNS	mobile_device
device_user	OWNS	jamf_computer
device_user	OWNS	user_endpoint
jamf_account	HAS	jamf_group
jamf_account	HAS	jamf_user
jamf_account	HAS	device_user
jamf_account	HAS	jamf_osx_configuration_profile
jamf_account	MANAGES	jamf_mobile_device
jamf_account	HAS	mobile_device
jamf_account	MANAGES	jamf_computer
jamf_account	HAS	user_endpoint
jamf_computer	USES	jamf_osx_configuration_profile
jamf_computer	INSTALLED	macos_app
jamf_computer_group	HAS	jamf_computer
jamf_computer_group	HAS	user_endpoint
jamf_group	HAS	jamf_user
jamf_local_account	USES	jamf_computer
jamf_local_account	USES	user_endpoint
user_endpoint	USES	jamf_osx_configuration_profile
user_endpoint	INSTALLED	macos_app

Types

Device User

device_user inherits from User

Property	Type	Description	Specifications
customPhotoUrl	string
emailAddress	string
enableCustomPhotoUrl	boolean
fullName	string
ldapServer	string
os *	array of strings
phoneNumber	string
position	string
totalVppCodeCount	number

---

Jamf Account

jamf_account inherits from Account

Property	Type	Description	Specifications
name *	string

---

Jamf Computer

jamf_computer inherits from Host

Property	Type	Description	Specifications
assetTag	string
barcode1	string
barcode2	string
building *	string
department *	string
deploymentStatus	string | array
encrypted	boolean
enrolledOn	number
firewallEnabled	boolean
gatekeeperEnabled	boolean
jamfVersion	string
lastCloudBackup	number
lastReportedOn	number
locationEmail	string
managed *	boolean
name *	string
netbootServer	string
networkAdapterType	string
realName	string
systemIntegrityProtectionEnabled	boolean
username	string

---

Jamf Computer Group

jamf_computer_group inherits from Group

Property	Type	Description	Specifications
name *	string

---

Jamf Group

jamf_group inherits from UserGroup

Property	Type	Description	Specifications
accessLevel	string
privilegeSet	string

---

Jamf Mobile Device

jamf_mobile_device inherits from Host

Property	Type	Description	Specifications
activationLockEnabled	boolean
blockLevelEncryption	boolean
capacity	number
cloudBackupEnabled	boolean
dataProtectionEnabled	boolean
email	string
fileLevelEncryption	boolean
hasPasscode	boolean
jailbroken	string
lastBackupOn	number
locatorServiceEnabled	boolean
managed	boolean
passcodeCompliant	boolean
passcodeLockGracePeriodEnforced	string
phoneNumber	string
profileCompliant	boolean
supervised	boolean
username	string

---

Jamf Osx Configuration Profile

jamf_osx_configuration_profile inherits from Configuration

Property	Type	Description	Specifications
allComputers *	boolean
allJSSUsers *	boolean
categoryName *	string
description *	string
distributionMethod *	string
level *	string
redeployOnUpdate *	string
siteName *	string
userRemovable *	boolean

---

Jamf User

jamf_user inherits from User

Property	Type	Description	Specifications
accessLevel	string
active *	boolean
admin *	boolean
directoryUser	boolean
emailAddress	string
enabled	string
forcePasswordChange	boolean
fullName	string
permissions	array of strings
privilegeSet	string

---