Frontline Inventory & Help Desk Management
Frontline Inventory & Help Desk Management

Provisioning Asset Mgmt in Jamf Pro

Print

This guide shows Jamf Pro administrators how to create an API user (Classic API) or Bearer token role, capture the required credentials, and authorize Frontline Asset Management (AM) to run a nightly, read-only inventory sync.

Prerequisites

  • Jamf Pro Admin Rights: User must have full Jamf System Admin access to complete required steps, including the ability to create users and roles.
  • Jamf Pro Version: 10.26–10.48 (Bearer token) or ≤10.34 (Classic API). OAuth 2.0 Client Credentials (10.49+) are not yet supported.

Step-by-Step Configuration

Note: Jamf’s UI may change, but the essentials remain the same: Create an API role with the required read privileges for computers, mobile devices, sites, and users, then either a service account (username and password) for the classic API or an API client to generate a bearer token. Enter the Jamf Pro URL and those credentials into Frontline Asset Management, and the nightly sync will run successfully.

Create a Service Account (Classic API) or Bearer Token Role

Classic API Setup

  1. Navigate to Jamf Pro > Settings > System > User Accounts and Groups.
  2. Click New, then Create Standard Account
  3. In the "Account" tab, fill in only these fields (Administrator privilege autogrants all classic API rights):
    • Username: assetmgmt_sync
    • Access Level: Full Access
    • Privilege Set: Administrator
    • Access Status: Enabled
    • Full Name: Asset Management Sync Account (optional)
    • Email Address: (optional)
    • Password/Verify Password: Strong 15-character password (store securely)
    • Force PW Change: Unchecked
  4. Click Save and store the username and password for Asset Management.

jamf sync.png

Bearer Token Setup (Jamf Pro 10.26–10.48)

  1. Navigate to Settings > System > API Roles & Clients.
  2. Go to API Roles, then New.
  3. Name the role AssetMgmt Bearer Role.
  4. Under Privileges, enable "Read for Computers, Mobile Devices, Sites, and Users."
  5. Click Save.
  6. Navigate to API Clients, then New.
  7. Enter the following:
    • Client Name: AssetMgmt Integration Client
    • Role: AssetMgmt Bearer Role
    • Enabled: Checked
  8. Click Save > Generate New Client SecretCreate secret.
  9. Copy the Client ID and Client Secret (the bearer token appears once; store it securely).

Configure in Asset Management

manage integration settings.png

  1. Go to Management > Integration Settings > Jamf Integrations.
  2. In the Username/Client ID field, enter the classic API username, or leave it blank if you are using a bearer token.
  3. In the Password/Client Secret field, enter the classic API password or the full bearer token.
  4. In the Service Endpoint field, enter your Jamf Pro URL (e.g., https://district.jamfcloud.com).
  5. Click Save. The status text will show "Ready to synchronize…"
  6. Click Initiate OneTime Sync to verify the connection and import your first data set.
Was this article helpful?