Certified: June 03, 2025
Solution Summary
This guide describes JAMF Connect integration with RSA (or ID Plus) using OIDC. Use this information to determine which use case and integration type your deployment will employ.
Use Case
This guide describes the configuration steps involved in integrating JAMF Connect with RSA Cloud Authentication service using OIDC.
Integration Types
My Page SSO provides Single-Sign-On (SSO) to JAMF Connect users leveraging RSA self-service portal My Page. When integrated, users must authenticate with RSA to sign in JAMF Connect.
Relying Party integration allows JAMF Connect users’ web browsers to be automatically redirected to RSA Cloud Authentication Service for authentication. With Relying Party integration, Cloud Authentication Service can manage either additional authentication only or both primary authentication (for example, user ID and password) and additional authentication depending on the service provider's capability.
Supported Features
This section shows when integrated with RSA Cloud Authentication Service using OIDC, JAMF Connect users can authenticate with any of the following multi-factor authentications.
JAMF Connect Integration with RSA Cloud Authentication Service
| Authentication Methods | Relying Party | My Page SSO |
| Approve | ||
| LDAP Password | ||
| SecurID OTP | ||
| Authenticate OTP | ||
| Device Biometrics | ||
| SMS OTP | ||
| Voice OTP | ||
| FIDO Token | ||
| QR Code | ||
| Emergency Access Code |
JAMF Connect Integration with RSA Authentication Manager
| Authentication Methods | RSA MFA API (REST) | RADIUS | Authentication Agent |
|---|---|---|---|
| RSA SecurID | - | - | - |
| On Demand Authentication | - | - | - |
| Risk-Based Authentication | - | - | - |
| Supported | |
| - | Not supported |
| n/t | Not yet tested or documented, but may be possible |
| n/a | Not applicable |
Configuration Summary
This section contains instruction steps that show how to integrate JAMF Connect with RSA Cloud Authentication Service using all supported integration types. This document is not intended to suggest optimum installations or configurations. It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA and Jamf Connect components must be installed and working prior to the integration.
Integration Configuration
RSA Cloud Authentication Service
- JAMF Connect - My Page SSO Configuration using OIDC
- JAMF Connect - Relying Party Configuration using OIDC
RSA Terminology Changes
The following table describes the differences in the terminologies used in the different versions of RSA products and components.
| Previous Version | New Version | Examples/Comments |
| Company ID | Organization ID | |
| Account | Credential | |
| Token | OTP Credential | SecurID OTP Credential |
| Tokencode | OTP/Access Code | SecurID OTP, SMS OTP, Voice OTP Emergency Access Code, Disable Access Code |
| Hardware Token | Hardware Authenticator | |
| Device Serial Number | Binding ID | |
| Device | Credential/Authenticator | |
| Device Registration Code | Registration Code | |
| Authenticate App | Authenticator App |
Certification Details
RSA Cloud Authentication Service
Jamf Pro Server 11.17.1
Jamf Connect version 2.45
Known Issues
No known issues
