Jamf announced support for Platform Single Sign-On (SSO) with Okta
September 2023 by Marc Jacob
Jamf announced support for Platform Single Sign-On (SSO) with Okta. Since 2018, Jamf Connect has been a key solution for organizations that needed to bring cloud identity to the Mac for account provisioning. Customers of Okta and Jamf will be the first to take advantage of Platform SSO, Apple’s new identity technology that was first showcased at WWDC 2022. This first-to-market support will give end users a more seamless and secure experience during both the initial onboarding and ongoing authentication processes.
Okta customers can enable Platform SSO in their environment by purchasing Okta Device Access, which includes their new Desktop Password Sync capability. As part of a zero-touch deployment workflow on a new Mac, Okta Verify is automatically installed in the background. The user authenticates with their Okta credentials, which can be enhanced with additional multi-factor authentication (MFA), preventing unauthorized users from activating a new device with a stolen password. Jamf Pro’s integration with Enrollment Customization pre-fills account details, prompting the user to set a local account password. Platform SSO updates this password by syncing with the Okta password, which enhances data security and reduces password resets and employee downtime.
A better, more secure day-to-day authentication experience
With Platform SSO, end users can access all Okta-protected applications on a device with Okta FastPass, which enabled phishing resistant and passwordless authentication. Additionally, the MFA process with FastPass can be configured to require biometrics (Touch ID or Face ID) in addition to multi-factor authentication methods like SMS and authenticator app notifications.
Jamf and Okta building support together for Apple-native technology
Jamf is known for lock-step support and innovation with Apple. Jamf was early to ship support for the creation and management of Platform SSO profiles, making it compatible with any identity provider that also offers Platform SSO support. Okta, as the first identity provider to support Platform SSO, can now provide a single sign-on extension host app, allowing Jamf to offer our shared customers the full benefits of this new offering.
This latest integration comes shortly after Jamf announced support for Enrollment Single Sign-on, which enables mobile users to enjoy fast and secure authentication with Face ID or Touch ID to access company apps on personally-owned mobile devices using Okta. This was a major step forward to simplifying the account-driven user enrollment onboarding process while dramatically enhancing login security on BYO devices.