<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008ONDwmSAHOkta Classic EngineSingle Sign-OnAnswered2025-06-14T10:27:26.000Z2018-10-03T18:59:14.000Z2018-10-08T17:25:53.000Z

  • aleks.bulajic1.4896145077506367E12 (Okta, Inc.)

    Hi Michael,

     

    Thanks for reaching out to the Support community! We do have customers who have implemented SAML for Jamf Pro cloud successfully. We've seen the Access Denied error come up in the past when the application username format set in Okta did not match the username format of the accounts that exist on the JAMF Pro side.

     

    I would suggest validating the username format by opening your Jamf Pro app in Okta >> click the Assignments tab >> click the Pencil icon next to any assigned user >> ensure the Username matches the username on the JAMF Pro side.

     

    In case this does not resolve, I would suggest opening a new Support case as I or another Support Engineer will be able to help troubleshoot further.

     

    Thank you,

    Expand Post
    Selected as Best

  • aleks.bulajic1.4896145077506367E12 (Okta, Inc.)

    Hi Michael,

     

    Thanks for reaching out to the Support community! We do have customers who have implemented SAML for Jamf Pro cloud successfully. We've seen the Access Denied error come up in the past when the application username format set in Okta did not match the username format of the accounts that exist on the JAMF Pro side.

     

    I would suggest validating the username format by opening your Jamf Pro app in Okta >> click the Assignments tab >> click the Pencil icon next to any assigned user >> ensure the Username matches the username on the JAMF Pro side.

     

    In case this does not resolve, I would suggest opening a new Support case as I or another Support Engineer will be able to help troubleshoot further.

     

    Thank you,

    Expand Post
    Selected as Best

  • ulazx (ulazx)

    Aleks thanks for the information. The one piece that seemed to not be working was users in AD security groups as they would get access denied on the jamf side. I then changed a Sign-in setting in Okta to use Regex option with a value of .* and that fixed the issue. I am not 100% sure of the reasoning why it fixed the issue but it’s working. Would you have any explanation of why this setting would resolve my issue?
    Expand Post

  • aleks.bulajic1.4896145077506367E12 (Okta, Inc.)

    You're welcome, Michael, and thanks for the update. For the Regex option you're referring to, was this updated within the App Username Format field, or are you using it to pass SAML attribute statements?

This question is closed.
Loading
Has anyone integrated with Jamf Pro cloud successfully?