Jamf Integration (Access Review)

Jamf Access Review helps you monitor and review administrative access within your Jamf environment. Unlike the Jamf Staff Device Management integration, this integration focuses on syncing Jamf administrative users, account statuses, roles, and authentication settings for access review workflows.

Sprinto integrates with Jamf Access Review using OAuth 2.0 authentication through Truto. Once connected, Sprinto automatically syncs Jamf user access information to support access review controls and compliance monitoring.

Permissions Required

The integration requires a Jamf account with full administrator access.

Sprinto uses these permissions to:

• Fetch Jamf administrative users.

• Sync roles and permission levels.

• Identify active and inactive users.

• Capture authentication-related information such as MFA status (if available).

Data Used by Sprinto

Sprinto syncs the following data from Jamf Access Review:

• Primary email address.

• Username.

• User account status.

• Roles and permission levels.

• MFA or 2FA status (if available).

Prerequisites

Before integrating Jamf Access Review with Sprinto, ensure that:

• You are logged in to the Sprinto Admin portal.

• You have administrator access to your Jamf account.

• You have access to retrieve OAuth 2.0 credentials from Jamf.

• Your Jamf environment allows OAuth-based API authentication.

• You have your Jamf URL available.

How to Connect Jamf Access Review to Sprinto

Step 1: Open the Jamf Integration

1. Log in to Sprinto.

2. Navigate to Settings → Integrations.

3. Under the All tab, search for Jamf.

4. Click Connect next to Jamf.

A side drawer opens showing available Jamf integrations.

Step 2: Select Jamf Access Review

1. In the drawer, locate Jamf – Access Review.

2. Click Connect next to the Access Review option.

Sprinto opens a second drawer displaying:

• Controls automated through the integration.

• Checks automated through the integration.

• Required permissions.

• Data accessed by Sprinto.

Step 3: Review Permissions and Continue

1. Review the permissions required and data accessed.

2. Click Next.

Step 4: Review the Integration Instructions

Sprinto displays the integration instructions panel.

1. Review the setup steps shown on screen.

2. Confirm that you have administrator access to your Jamf account.

3. Select the I have admin access to my Jamf account checkbox.

4. Click Connect to Jamf.

This opens the OAuth connection modal.

Step 5: Enter OAuth Credentials

In the OAuth setup modal, enter the following details:

• Client ID

• Client Secret

• Jamf URL

Click Connect to complete the integration.

Retrieve OAuth Credentials From Jamf

To retrieve your Jamf OAuth credentials and connection information, refer to the official setup instructions.

Authentication Method

Jamf Access Review uses OAuth 2.0 authentication.

Unlike Jamf Device Management, which uses username and password credentials, Jamf Access Review connects using OAuth client credentials.

APIs Used by Sprinto

Sprinto connects to Jamf Access Review using Truto's integration layer.

Authentication and Connection APIs

• POST /api/v1/auth/token — Authenticates the integration using OAuth.

• Validation endpoint — Verifies connection health.

User Directory APIs

• GET /unified/user-directory/users — Retrieves Jamf users.

• GET /unified/user-directory/users/{id} — Retrieves detailed user information.

Credential Management APIs

• POST /integrated-account/refresh-credentials — Refreshes OAuth credentials when required.

What Data Is Synced

Sprinto syncs the following information from Jamf:

Post-Connection Flow

After the integration is complete:

1. Sprinto validates the OAuth connection.

2. Jamf users are synced automatically.

3. Access review monitors are enabled.

4. Sprinto begins tracking user status and access changes.

5. User permissions become available for compliance workflows.

Monitors Created Automatically

The integration can create the following monitors:

• JAMF_ACCESS_REMOVED_ON_EXIT — Tracks whether Jamf access is removed for exited users.

• JAMF_USER_MFA_ENABLED — Tracks MFA enablement for Jamf users.

Key Difference Between Jamf Device Management and Jamf Access Review

Important Notes

• Jamf Access Review is separate from Jamf Device Management.

• Sprinto uses Truto to standardise Jamf user access data.

• OAuth tokens are refreshed automatically where supported.

• Rate limits follow Truto's API thresholds.

• Depending on configuration, Sprinto may sync only Jamf administrators or all Jamf-linked users.

Troubleshooting

Connection Fails

• Confirm the connecting account has Jamf administrator permissions.

• Verify the Client ID, Client Secret, and Jamf URL are correct.

• Ensure OAuth access is enabled in Jamf.

No Users Are Synced

• Verify that user filtering is configured correctly.

• Confirm whether the integration is set to fetch admin users only.

• Contact Sprinto support if user sync remains incomplete.

OAuth Token Expiration

• Sprinto refreshes OAuth credentials automatically.

• If token refresh fails, reconnect the integration manually.

Frequently Asked Questions

Does Jamf Access Review monitor devices?

No. Jamf Access Review monitors administrative users and permissions only.

Is this different from Jamf Staff Device Management?

Yes. Jamf Staff Device Management focuses on managed devices, while Jamf Access Review focuses on user access and permissions.

What authentication method does Jamf Access Review use?

Jamf Access Review uses OAuth 2.0 Client Credentials.

What type of users are synced?

Sprinto syncs Jamf users and can optionally be configured to sync only administrative users.

Does Sprinto refresh OAuth tokens automatically?

Yes. OAuth tokens are refreshed automatically whenever supported by the integration provider.

Support

If you encounter any issues or need assistance with your integration, contact the Sprinto support team at [email protected].