Skip to main content

Jamf Pro


Multi-factor authentication (MFA) is an extra layer of security used when logging into websites or apps to authenticate users through more than one required security and validation procedure that only they know or have access to.

Jamf Pro is the Enterprise Mobility Management software that can manage an organization's Apple Ecosystem. Acceptto integrates with Jamf Pro to improve the security of users' logins into the Jamf Pro through its Intelligent SSO-MFA solution.


  1. An Acceptto account with a configured Identity Provider and LDAP Agent (See this page for the instruction).

  2. A user with administrative privileges for the Jamf Pro portal.

Configure Jamf Pro as a SAML Service Provider#

  1. Login to your Jamf Pro tenant and navigate to System Setting > Single Sign-On.

    System settings

  2. On the Single Sign-On Settings page, click Edit.

    Edit System settings

  3. Check the Enable Single-Sign-On Authentication box. In the Identity Provider part, select Other and type a name in the blank part. Copy and note the Entity ID URL. This is the metadata URL of Jamf Pro, and is required for the Acceptto configuration in the next section.

    Enable SSO

  4. In the Identity Provider Metadata Source, select Metadata URL and paste your organization's Metadata URL on Acceptto. It should be<myorganization>/saml/download/metadata, where myorganization is your unique identifier in Acceptto cloud.

    System settings

  5. Keep the default settings in the User Mapping section.

    User Mapping

  6. Click on Save.

Acceptto SAML Configuration as Identity Provider (IdP)#

  1. Login to the Acceptto Dashboard with an administrative account and go to Applications.

  2. Create a new application by selecting the Create New Application.

    Acceptto admin panel applications

  3. In the New Application form, enter the following values under the General tab.

    • Name - The application name displayed in the admin panel and application portal and used for push notifications and audit logs. (e.g. Jamf)
    • Type - Select "SAML Service Provider" from the options
    • Out of Band Methods - Select the allowed methods for approving MFA requests
    • Message for MFA Requests - Enter the user-facing message for Push, SMS, and email MFA requests (optional)

    Acceptto app settings

  4. Under the SAML Service Provider Configuration tab, enter the following values:

    • Issuer or Entity ID– Enter the EntityID of your Jamf Pro instance, which you can find in the Jamf metadata file.
    • Sign in URL - The URL used to log in to your Jamf Pro instance.
    • NameID Format - Select "Email address" from the dropdown menu. Name Identifier - Select "Email" from the dropdown menu.
    • Assertion Consumer Service (ACS) URL - Enter the URL on the service provider to where the identity provider will redirect to with its authentication response.
    • Single Logout URL - The URL used to log out of your Jamf Pro instance.

SAML settings

  1. Click Save to create the Application.

Test Your Setup#

  1. Open the Jamf Pro login URL through a browser of choice. You will be redirected to the Acceptto SSO page.

    Acceptto sign in

  2. After successful authentication, you’ll see the Acceptto MFA options. Select your desired method and accept the authentication request.

    Acceptto MFA

  3. After successful authentication, you will be redirected to the Jamf Pro landing page.

    Jamf Pro Dashboard


If you have any problems logging into Jamf Pro with Acceptto SSO and need to edit the settings; you can open the failover login page at


If you require assistance, please email us at


Want to learn more about our MFA solutions? Contact our Professional Services for a Demo today.


All product names, trademarks, and registered trademarks are the property of their respective owners.

All company, product, and service names used in this document are for identification purposes only. The use of these names, trademarks, and brands do not constitute an endorsement by the Acceptto Corporation.