Edit

Share via


Jamf

Jamf Pro provides comprehensive MDM data. You can use the Jamf plugin with Microsoft Security Copilot to streamline how your security analysts access data, simplify the process of gathering crucial information, and facilitate seamless collaboration between IT and Security teams.

Note

This article contains information about third-party plugins. This is provided to help complete integration scenarios. However, Microsoft does not provide troubleshooting support for third-party plugins. Contact the third-party vendor for support.

Know before you begin

Integration with Security Copilot requires an API Key. You must have the Analyst Viewer or Admin role assigned in Jamf to get your API key. You'll need to take the following steps before using the plugin.

  1. Sign into your Jamf Pro instance.

  2. Create your API client. See Jamf Pro Documentation 11.4.0: API Roles and Clients.

  3. Assign an API role to the client that has the Read Computers privilege.

    Screenshot showing how to assign an API role to a client with Read Computers permissions.

  4. Securely copy the client ID, client secret, and required scopes (scope number).

  5. Sign in to Microsoft Security Copilot.

  6. Access Manage Plugins by selecting the Plugin button from the prompt bar.

  7. Next to "Inventory Insights by Jamf, select the toggle to enable it.

  8. Provide the following information:

    • Jamf Pro Instance URL: https://your-instance.jamfcloud.com
    • ClientId: (Paste the copied client ID)
    • ClientSecret: (Paste the copied client secret)
    • TokenEndpoint: https://your-instance.jamfcloud.com/api/oauth/token
    • Scopes: api-role:2 (whatever API scope number is associated with the role you created)
    • AuthorizationContentType: application/x-www-form-urlencoded

    Sceenshot sowing Jamf settings to fill in for the Security Copilot plugin.

  9. Save your changes.

Sample Jamf prompts

After the Jamf plugin is configured, you can use it by typing Jamf in your Security Copilot prompt bar, followed by an action.

Here are some examples to try:

Does the mac H2WFP7BPF6NV have any suspicious applications installed?

What are all the user accounts on mac H2WFP7BPF6NV and what are their privilege levels?

Get complete inventory details for mac serial number H2WFP7BPF6NV.

Show hardware and security configuration for the mac with serial number H2WFP7BPF6NV.

List all installed applications on mac H2WFP7BPR6NV.

Check Filevault status for mac H2WFP7BPF6NV.

What are the firewall settings on mac H2WFP7BPQ6FV?

Provide feedback

To provide feedback, contact Jamf.

See also

Non-Microsoft plugins for Microsoft Security Copilot

Manage plugins in Microsoft Security Copilot