Issue Description
After selecting a user role via the Jamf Setup application, the mobile device extension attribute is not updated in device inventory and thus the Jamf Setup device configuration never kicks off as expected.
Troubleshooting Steps
Ensure the HTTP API method PATCH is allowed on the network. By default, this HTTP method may not be enabled in a security policy as it is not a standard GET, HEAD, or POST.
Assuming the EA is setup correctly and the name is correct in the managed app configuration as expected, the issue here has to do with the delivery of the API call over OAuth to the Jamf Pro server. Either API calls to the server itself is blocked, the specific method invoked (PATCH) is blocked, or something else network-related is preventing this request from hitting the Jamf Pro server.
To test this, we can run a basic `curl` command to test API connectivity in general. Assuming we confirm API calls are going through in general, we can run a PATCH command to target a test device and attempt to update it manually. If an HTTP 400/500 is returned, we know that something about this command or the OAuth token in-use is not working as expected.
Example:
curl -kv -X PATCH -H "Authorization: Bearer ${<bearerToken_here>}" "$url/api/v2/mobile-devices/5" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"updatedExtensionAttributes\":[{\"name\":\"jamfsetup\",\"type\":\"STRING\",\"value\":[\"student\"]}]}"