---
title: "Jamf"
slug: "jamf"
updated: 2024-04-22T17:32:31Z
published: 2024-04-22T17:32:31Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.safe.security/llms.txt
> Use this file to discover all available pages before exploring further.

# Jamf

## About this document

---

This document provides the step-by-step procedure to configure Jamf in SAFE.

## Introduction

---

SAFE integrates with Jamf, and fetches the security misconfiguration of the Jamf account in SAFE.

## Prerequisites

---

- Access required in **SAFE**:
  - SAFE Admin Access
- Access required in **Jamf:**
  - Jamf Admin Access
- Required User Inputs:
  - API Instance URL
  - Client ID
  - Client Secret
- Required Scope:
  - Read Patch Management Software Titles
  - Read SSO Settings
  - Read Push Certificates
  - Read Computers
  - Read Accounts
  - Read Patch Management Settings

## Generate Connection Details

---

- How to generate **Client ID**and**Client Secret**
  - Login to your Jamf account as **Admin**.
  - Click on the **Settings** from left navigation.
  - Search for “**API roles and clients**” and open it

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/1(30).png)
  - On the API Keys page, Click on the **New** button available at the top-right of the screen

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/2(27).png)
  - Enter the **Display Name**
  - Select the below permission from the dropdown
    - Read Patch Management Software Titles
    - Read SSO Settings
    - Read Push Certificates
    - Read Computers
    - Read Accounts
    - Read Patch Management Settings
  - Click on the save button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/3(26).png)
- System will create the **API roles and clients**

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/4(25).png)
- Click on the back button and click on the API Clients Tab.
- Click on the New button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/5(26).png)
- Enter a Display Name for the API Client.
- Select the API roles you created above, In the API roles field.
- Enter the Access Token Lifetime in seconds. It's important to regularly update the Access Token in SAFE according to its expiration date
- Click on the **Enable API client** button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/6(25).png)
- Click on the Save button.
- Click on the Generate client secret button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/7(24).png)
- Copy and save the **Client ID** and **Client secret**to use it while configuring **Jamf** in SAFE.
- It's important to regularly update the Client ID and Client Secret in SAFE according to its expiration date.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/8(26).png)
- How to get **API Instance URL**
  - Access the Jamf Instance, and capture the URL
  - **Copy** and **save** the *API Instance URL* to use it while configuring Jamf in SAFE.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/9(26).png)

## Configure Jamf in SAFE

---

- Log in to your SAFE account as **Admin**.
- Click on the **Integrations**option from the left navigation.
- Scroll to find the Jamf integration card or search for Jamf in the search bar.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/10(24).png)
- Hover over the **Jamf** integration card and click on the **Configure** button.
- Enter the****following:
  - API Instance URL
  - Client ID
  - Client Secret
- Enter the **Auto Sync Frequency**.
- Click on the **Test Connection** button.
- Once the connection is successful, click on the **Save** button.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/11(18).png)
- Once the configuration is saved successfully, click on the **Sync** **Now** button to trigger an on-demand sync.
- Upon a successful sync, the system pulls the Jamf assets and their findings in SAFE. You can track the status of the sync in the **History** table.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/12(16).png)

## View Results

---

- Go to the integration homepage
- Scroll to find the Jamf integration card or search for Jamf in the search bar.
- Click on the Jamf integration card for **Finding View** and **Asset View**.
  - **Finding View:** This tab displays all the findings details pulled from Jamf.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/13(12).png)
  - **Asset View:**This tab displays all the assets pulled from Jamf.

![](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/14(10).png)

## History

---

Learn More about Integration History [here](https://docs.safe.security/safe-4/docs/integration-history).

## SAFE's Outgoing IP Addresses

---

Click [here](https://docs.safe.security/safe-4/docs/safes-outgoing-ip-addresses) to find the outgoing IP addresses of SAFE. All traffic to any integrations in SAFE will see one IP address as the source IP of the incoming connection.