- 14 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Jamf Protect
- Updated on 14 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Jamf Protect is a cross-platform enterprise endpoint and network security solution that provides administrators and security professionals the ability to protect devices using a holistic offering of security capabilities. For detailed information, please refer to the Jamf’s official documentation.
Integration Method: API
Tables: Detection Finding (2004), Process Activity (1007)
This integration supports the following type of events.
Event | Description |
---|---|
Alerts | Retrieve a list of alerts objects. |
Note:
Jamf Protect doesn’t follow a traditional versioning system. Instead, it is a continuously updated cloud service.
Prerequisites
The user should have access to Jamf Protect’s dashboard.
The user should have access to the DataBee console.
Configuration Overview
Create an API Client with required permissions to fetch the data.
Create Jamf Protect Data Feed in the DataBee console with the required Client credentials.
DataBee Parameter
Jamf Parameter
Username
Client ID
Password
Password
Token URL(<instance>)
Access Token URL
Jamf Configuration
Log on to the Jamf Protect dashboard.
Under the Navigation Bar, click on Administrative.
Under Administrative, select API Clients.
On “API Clients” window, select Create API Client.
Add the ‘API Client Name’ and select Read Only role, then click on save.
Under the pop-up window you can find your API Client Password.
Note:
Make sure to copy and save API Client Password as it will not be shown again.
Under “API Client Summary” you can find your ‘Client ID’, ‘Access Token URL’ and ‘Jamf Protect API URL’. You can find your instance from Access Token URL or Jamf Protect API URL.
Example Access Token URL: Jamf Token
Here, in above example URL databeeinstance represents the instance value.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the Jamf Protect and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
API Base URL: this is the base URL that DataBee will interact with.
Authorization Method: Token Url Auth.
Token URL: replace <instance> with your instance value.
Username: paste the Client ID generated earlier.
Password: paste the password generated earlier
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
If you are facing an unauthorized error, it might be due to incorrect credentials. Please ensure that the client ID and password are pasted correctly. Since the password cannot be viewed after the first time, re-create the API client, paste the generated credentials into a text editor to verify that there are no spaces or unexpected characters, and then reconfigure the DataBee feed.