Description
In Jamf Account, if you have the necessary privilege to see Organization in the left sidebar, there is a Users & contact page which contains the Jamf ID Users, IdP User (if applicable), and Contacts for your organization.
This article provides additional clarity to the Contacts and Users workflows beyond the content provided in the Jamf Account Documentation.
Understanding Users vs Contacts
Tab | Description | Actions Available |
Contacts | Contacts do not have access to Jamf Account, but can be assigned roles for organization operations. |
|
Jamf ID User | Jamf ID users have access to Jamf Account and other Jamf tools, and can be assigned roles and privileges. |
|
IdP User | IdP users have access to Jamf Account and other Jamf tools, and can be assigned roles and privileges. This table contains users from your IdP who've logged into a Jamf application at least once. |
|
An email can show under Contacts in Jamf Account but will not appear under the Jamf Id user or IdP user tab if they've never signed in to Jamf Account (or a Jamf product that uses Jamf ID/IdP credentials for SSO setup in Jamf Account). An IdP user can exist that isn't also a Contact.
Adding a new team member to your organization in Jamf Account
When you have a new member of your Jamf team that may need to access resources in Jamf Account or log in to a Jamf product using Jamf ID, we can add them following one of the options below.
The user/email will show under the Jamf ID user tab once they have logged in to Jamf Account after you've completed the steps below.
Email addresses that are already a Jamf ID
In Jamf Account, go to Organization and select Users & contacts.
On the Jamf ID users tab, click Invite Jamf ID.
Enter in the users existing Jamf ID (must match exactly).
Click Invite.
If that Jamf ID is currently assigned to a different organization, they will receive an email from communications@jamf.com with the subject Organization Update Request, asking them if they want to switch organizations. The user will need to click the link in the email and confirm the change.
If the Jamf ID is not assigned to an organization it will automatically be added as a contact.
Email addresses that are not already a Jamf ID
In Jamf Account, go to Organization and select Users & contacts.
Click the Jamf ID users tab.
Click Create Jamf ID.
Fill out the form:
First and Last Name
Email (this will be their Jamf ID email moving forward)
Language
Timezone
If you want them to setup MFA
Click Save.
The email listed will receive an invite asking them to verify their Jamf ID. Once verified and they log in to Jamf Account they will get the role set as default under Organization > Settings (you must have a custom role created to show here).
Adding Contacts
If you need a user on file for your organization for administrative purposes that does not need to log in to Jamf Account or have a Jamf ID linked to your organization, you can add them as a Contact.
In Jamf Account, go to Organization and select Users & contacts.
Click the Contacts tab.
Click Add Contact.
Fill out the form:
Name
Email - this must match the existing Jamf ID email exactly
If they should receive Marketing emails
Phone number (if applicable)
Role at your company: None, Decision Maker, Primary Technical, End User, Finance.
Note this is used for administrative purposes only and does not impact what they can do in Jamf Account or the other Jamf Products.
Click Save.
Removing a team member from your organization in Jamf Account
Jamf ID Users and Contacts
You can remove access to company resources for employees leaving your organization following the steps below:
In Jamf Account, go to Organization and select Users & contacts.
From the Jamf ID Users tab click Remove From Organization or from the Contacts tab click Remove.
Click Remove to confirm.
The user will still be able to log in to Jamf Account with the same Jamf ID; however, they will no longer be linked to your organization. They will only have access to their individual information in Jamf Account.
IdP users
Manage user access within your IdP and be sure to adjust any user accounts within Jamf Pro, Jamf School, macOS Security Portal, Jamf Security Cloud Portal, Jamf Safe Internet, or JETP.