Frontline Inventory & Help Desk Management
Frontline Inventory & Help Desk Management

Provisioning Asset Mgmt in Jamf Pro

Print

This guide explains how Jamf Pro administrators can create and authorize the credentials Frontline Asset Management needs for a nightly, read-only inventory sync. Depending on your Jamf Pro version, you will either create a classic API service account or an API role and client for bearer token authentication. After you gather the required credentials and enter them in Management > Integration Settings > Jamf Integrations, Asset Management can connect to Jamf Pro and run the nightly sync.

Prerequisites

  • Jamf Pro administrator rights: The user completing setup must have permission to create users, roles, and API clients in Jamf Pro.
  • Supported Jamf Pro versions: Use the bearer token setup for versions 10.26–10.48, or the classic API setup for versions 10.34 and earlier. OAuth 2.0 client credentials for version 10.49 and later are not currently supported.

Step-by-Step Configuration

Note: Jamf Pro labels and page layouts may change over time. The required setup remains the same: Create an API role with read access to computers, mobile devices, sites, and users, then provide either Classic API credentials or bearer token credentials to Frontline Asset Management. Once those credentials are saved, the nightly sync can run successfully.

Create a Service Account or API Role and Client

Classic API Setup

Use this option for Jamf Pro environments that rely on Classic API authentication.

  1. Navigate to Jamf Pro > Settings > System > User Accounts and Groups.
  2. Click New, then Create Standard Account.
  3. In the “Account” tab, complete only the following fields:
    • Username: assetmgmt_sync
    • Access Level: Full Access
    • Privilege Set: Administrator
    • Access Status: Enabled
    • Full Name: Asset Management Sync Account (optional)
    • Email Address: Optional
    • Password/Verify Password: Use a strong 15-character password and store it securely.
    • Force PW Change: Unchecked
  4. Click Save, then store the username and password for use in Asset Management.

jamf sync.png

Bearer Token Setup (Jamf Pro 10.26–10.48)

Use this option for Jamf Pro versions that support API roles and clients with bearer token authentication.

  1. Navigate to Settings > System > API Roles & Clients.
  2. Open API Roles, then click New.
  3. Name the role AssetMgmt Bearer Role.
  4. Under “Privileges,” enable read access for Computers, Mobile Devices, Sites, and Users.
  5. Click Save.
  6. Open API Clients, then click New.
  7. Enter the following values:
    • Client Name: AssetMgmt Integration Client
    • Role: AssetMgmt Bearer Role
    • Enabled: Checked
  8. Click Save, then click Generate New Client Secret and Create secret.
  9. Copy and securely store the “Client ID” and “Client Secret.”

Configure in Asset Management

manage integration settings.png

After you create the Jamf credentials, enter them in Frontline Asset Management.

  1. Go to Management > Integration Settings > Jamf Integrations.
  2. In Username/Client ID, enter the Classic API username. If you are using bearer token authentication, leave this field blank unless your district’s setup requires otherwise.
  3. In Password/Client Secret, enter the classic API password or the bearer token credential provided by Jamf.
  4. In Service Endpoint, enter your Jamf Pro URL, such as https://district.jamfcloud.com.
  5. Click Save. The status text displays “Ready to synchronize…”
  6. Click Initiate OneTime Sync to verify the connection and run the first import.
Was this article helpful?