Jamf Connect is a Mac device authentication solution, that lets a user unbox their device, power it on and access all of their corporate applications and resources after signing on with a single set of cloud identity credentials.
Users feel safer knowing that even if someone gets the password, but they can't access the accounts without the code on phone, and sometimes if no networks also with dynamically changing pin it also helps to sign in to the account without issues. Push notification also would be a great design so users can easily access it.
Jamf Connect works particularly well in our lab environments where the central "source of truth" for student accounts is our Okta IdP. As Apple has recommended moving away from Active Directory binding (which was our previous source of truth for authentication) we needed a new central way to manage this function. Okta worked well for other services on campus, and it was a smooth integration to make it work with Jamf Connect for virtually all use cases on campus (we still have a couple of NAS/SAN systems that require Active Directory).
It is almost a certainty that we will continue to use Jamf Connect, even with Apple coming out with Platform Single Sign On. Jamf Connect provides several features that PSSO does not, such as "just in time" local account creation and automatic synchronization of enterprise credentials. It is unlikely that we would investigate other options at this time or in the near future.
The app makes it pretty straightforward to add accounts by scanning QR codes or entering setup keys manually. Even if you’re not super tech-savvy, the initial setup is usually smooth. Once set up, I can quickly open the app and get the 2FA codes I need without any delays or complications. The codes refresh automatically and are easy to copy over.
Jamf Connect is quite easy to use and has the necessary options on the login screen (such as WiFi network connection) for getting connected and authenticated. It has a simple to use menulet that allows password changes and resets as well as temporary elevation, all with very clear workflows. It also allows us to assign field staff to their client users' computers so that they can provide support without having to resort to LAPS accounts.
The only other product we evaluated was Xcreds from TwoCanoes software, which is essentially a one person shop. We already were Jamf Pro customers, and Jamf Connect fulfilled all of the requirements for this function along with providing professional customer support. Since we already had a relationship with Jamf, it made perfect sense to add this product to our toolkit, and keep technical support contained within one organization.
