Other tools have since been developed that replace and improve on the functionality of all these tools. Please note that there may be other tools that currently rely on python-jss. Unfortunately, my initial efforts at fixing this have proved that I don’t understand the code well enough to make the necessary changes myself. This is awesome but complicated python code that I inherited from after they moved on to pastures un-Jamfed. The answer is unfortunately the same “no” for these tools.Īctually, JSSImporter, Spruce, jss_helper and JSSRecipeCreator all depend on the underlying code of python-jss. What about Spruce, python-jss, jss_helper and JSSRecipeCreator? My organisation took the decision to end its reliance on JSSImporter, and we are fully migrating our AutoPkg recipes to JamfUploader. The answer to this question is probably “no”, or at least not by me. Will JSSImporter be updated to use token-based authentication? After this happens, you will need to remain on a version of Jamf Pro that supports Basic Authentication (if you are an on-premises customer), or migrate to another workflow such as using JamfUploader, PatchBot or Munki. Jamf have stated that Basic Authentication will be removed as an option “later this year”. How long can I continue to use JSSImporter? Scroll to the bottom and ensure that the setting Allows Basic authentication in addition to Bearer Token authentication is enabled. To do this, navigate to Settings > Jamf Pro User Accounts & Groups, and click on the Password Policy button. If you use JSSImporter, you must ensure that Basic Authentication is enabled in your Jamf Pro settings. JSSImporter does not support token-based authentication. Can I use the JSSImporter processor token-based authentication? JamfUploader also continues to work on older versions of Jamf Pro which don’t yet support token-based authentication. If you are using Jamf Pro 10.36.0, it is safe to disable Basic Authentication. If you are a JamfUploader user, you don’t have to make any changes other than ensuring that the grahampugh-recipes repo has been updated. Yes! The JamfUploader processors for AutoPkg support token-based authentication. Can I use the JamfUploader processors for AutoPkg with token-based authentication? This post is designed to answer questions regarding the impact of these changes on the tools I maintain which rely on the Jamf Pro APIs. With version 10.36.0, released this week, Jamf have now introduced the option to disable Basic Authentication for the Classic API endpoints. Jamf introduced token-based authentication for its Classic API with version 10.35.0, whilst continuing to support the older Basic Authentication method. The bearer token expires after a period of time, after which you have to grab another. Subsequent API requests to other endpoints use this bearer token as authentication. This works by sending a regular Basic Authentication request to a specific token-generating API endpoint, which returns a “bearer token”. The newer API, known as the “Jamf Pro API” (and formerly known as the “UAPI”), has used token-based authentication since its introduction. The Jamf Pro Classic API traditionally uses Basic Authentication - that is, for every request, you supply the username and password of an account that has the permissions required. It’s time to plan your migration away from JSSImporter… About the Jamf Pro APIs
0 Comments
Leave a Reply. |