Description
End users on computers running macOS 26.x with Jamf Connect may receive a prompt similar to "Self Service+ wants to use your confidential information stored in "Jamf Connect" in your keychain."
Removing the Prompt
This issue can be remediated on either Jamf Connect login 3.5 or 3.6+, depending on your organization's needs.
Jamf Connect Version | Rationale |
Jamf Connect login 3.5 | Your organization may prefer to stay on Jamf Connect login 3.5 in order to avoid issues with OIDCUsePassthroughAuth and OTP/MFA in Jamf Connect 3.6 and 3.7. |
Jamf Connect login 3.6 or later | Your organization may prefer to upgrade to 3.6+ in order to use custom branding. |
Remediation on Jamf Connect login 3.5
In Jamf Pro, go to Settings > Self Service > Branding and rename the “Application Header” to
“Self Service+”.(optionally to speed up the deployment) Create and run a policy in Jamf Pro that executes the following command:
selfservice branding brand --name "Self Service+"Either log out and log back in to Jamf Connect login, or the next time the keychain access prompt appears, authenticate and click Always Allow. There may be two keychain access prompts in quick succession.
Upgrading to Jamf Connect 3.6+
Update managed computers to Jamf Connect login 3.6 or later. For more information, see 🔗 Upgrading Jamf Connect/Self Service+ via Jamf Pro Policy.
Prompt end-users to either:
log out and log back in to Jamf Connect login
authenticate and click Always Allow when the keychain access prompts appear.
Keep in mind - if your organization is using Self Service+, it needs to install prior to Jamf Connect login. If deploying Jamf Connect login as a PreStage Enrollment package, download Self Service+ from Jamf Account and upload the package to your PreStage enrollment as well.