--- title: Jamf API Integration on Truto slug: jamf category: Default canonical: "https://truto.one/integrations/detail/jamf/" --- # Jamf API Integration on Truto **Category:** Default **Status:** Generally available ## Unified APIs ### Unified User Directory API - **Roles** — The Role object represents a role of a User. - **Users** — The User object represents a User. ### Unified MDM API - **Apps** — Core resource which represents a software application installed on a managed device. Installed software is typically mapped to installed applications, installed programs, packages, or inventory items depending on the underlying product. - **Devices** — Core resource which represents a managed device in an MDM or RMM system. Devices are typically mapped to endpoints, nodes, or assets depending on the underlying product. - **Users** — Users represent the people using the underlying MDM or RMM system. They are usually called employees, contractors, admins, etc. ## MCP-ready AI tools Truto exposes 25 tools for Jamf that AI agents can call directly. - **list_all_jamf_accounts** — List all account users or admin users in Jamf. Returns an array of account objects containing id and name fields for each account. - **get_single_jamf_account_by_id** — Get details of a specific account user or admin user in Jamf by id. Returns id, name, email, enabled status, access_level, privilege_set, site, and privileges related to JSS objects, settings, actions, and tools. - **delete_a_jamf_account_by_id** — Delete a specific account user or admin user in Jamf using its id. Returns a 200 OK response when the account is successfully deleted. - **update_a_jamf_account_by_id** — Update an existing account user or admin user in Jamf using the specified id. Returns updated fields including name, email_address, access_level, privilege_set, and enabled status. - **create_a_jamf_account** — Create a new account in Jamf using id. Requires id. Returns details such as name, email, full_name, access_level, and privilege_set in the response. - **list_all_jamf_users** — List all users in Jamf. Returns an array where each item includes size and user details such as id and name. - **get_single_jamf_user_by_id** — Get a specific user in Jamf by id. Returns fields such as id, name, full_name, email, phone_number, position, ldap_server, extension_attributes, sites, and links with related assets. - **delete_a_jamf_user_by_id** — Delete a user in Jamf by id. Requires id. Returns a confirmation of successful deletion. - **update_a_jamf_user_by_id** — Update an existing user in Jamf using id. This operation cannot be used to add computers, mobile devices, peripherals, or VPP assignments. Returns updated user details such as name, full_name, email, and phone_number. - **create_a_jamf_user** — Create a new user in Jamf by id. Requires id. The response includes created user details such as name, full_name, email, phone_number, and position. Cannot be used to add computers, mobile devices, peripherals, or VPP assignments. - **list_all_jamf_mobile_devices** — List all mobile-devices in Jamf. Returns id, name, serialNumber, wifiMacAddress, udid, phoneNumber, model, modelIdentifier, username, type, managementId, and softwareUpdateDeviceId for each device. - **get_single_jamf_mobile_device_by_id** — Get details for a specific mobile device in Jamf by id. Returns key fields including display_name, device_name, serial_number, model, and os_version. - **create_a_jamf_mobile_device** — Create a new mobile device in Jamf using id. Returns fields such as model_identifier for device type and os_name derived from API level for Android devices. id is required. - **update_a_jamf_mobile_device_by_id** — Update an existing mobile device in Jamf using id. Returns updated device details including general information, location, purchasing data, and extension attributes. The os_name field in android is derived from the API level and cannot be set. - **delete_a_jamf_mobile_device_by_id** — Delete a mobile device in Jamf by id. Requires id. Returns a success message on successful deletion. - **list_all_jamf_search_mobile_devices** — Search mobile devices in Jamf that match the provided match parameter. Requires match. Returns fields such as id, name, serial_number, os_version, model, managed, and location details in the response. - **list_all_jamf_mobile_device_applications** — List all mobile device applications in Jamf. Returns each application's id, name, display_name, bundle_id, version, and internal_app fields. - **get_single_jamf_mobile_device_application_by_id** — Get details of a specific mobile-device-application in Jamf using id. Returns key fields such as name, bundle_id, version, category, icon, and deployment_type for the application. - **delete_a_jamf_mobile_device_application_by_id** — Delete a mobile device application in Jamf by id. Requires id. Returns a confirmation upon successful deletion. - **update_a_jamf_mobile_device_application_by_id** — Update an existing mobile device application in Jamf using id. Requires id. Returns updated fields including general details, scope, self_service configuration, VPP settings, and app_configuration preferences (must use character entities). - **create_a_jamf_mobile_device_application** — Create a new mobile device application in Jamf using id. Returns details such as name, bundle_id, display_name, version, and configuration preferences. App configuration preferences must be listed using character entities. - **list_all_jamf_computer_inventory** — List paginated Computer Inventory records in Jamf. Returns key fields such as id, udid, general.name, general.platform, and hardware.model for each device. - **create_a_jamf_computer_inventory** — Create a new Computer Inventory record in Jamf. Returns id and href of the created record in the response. - **update_a_jamf_computer_inventory_by_id** — Update specific fields on a computer in Jamf using id. Returns the updated computer object including fields such as general, purchasing, userAndLocation, hardware, and operatingSystem details. - **delete_a_jamf_computer_inventory_by_id** — Delete a specific computer record in Jamf using id. Returns a 204 status when the computer is successfully removed or a 404 error if the computer id does not exist. ## How it works 1. **Link your customer's Jamf account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach Jamf.** The Proxy API is a 1-to-1 mapping of the Jamf API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Automate compliance checks across Apple device fleets** — Compliance automation platforms can pull computer and mobile device inventory from Jamf to verify OS patch levels, disk encryption status, and installed applications — proving SOC 2 or ISO 27001 readiness without manual spreadsheets. - **Sync Apple device inventory into a unified IT asset ledger** — ITAM platforms can continuously ingest Macs, iPhones, and iPads from Jamf alongside other MDM sources, giving IT teams a single pane of glass for hardware lifecycle tracking, procurement planning, and depreciation reporting. - **Automate user provisioning and offboarding in Jamf** — HR and identity platforms can create Jamf users at hire and update or remove them at termination, ensuring the Apple device management layer stays in sync with the employee lifecycle without manual IT intervention. - **Enrich helpdesk tickets with real-time device context** — Support and ticketing platforms can look up the reporting employee's Jamf user record and linked devices to surface model, OS version, and serial number directly in the ticket — reducing resolution time and back-and-forth with end users. - **Audit Jamf admin accounts for zero-trust security** — Security and GRC platforms can enumerate Jamf admin accounts and their privilege sets to detect over-provisioned access, orphaned accounts, or policy violations as part of continuous access reviews. ## What you can build - **Real-time Apple fleet compliance dashboard** — Pull computer inventory and mobile devices from Jamf via the Unified MDM API to flag unpatched OS versions, missing encryption, or blacklisted applications in a live compliance view. - **Automated employee onboarding to Jamf** — Create Jamf user records the moment a new hire is confirmed in your platform, so IT can map them to a device during zero-touch enrollment without any manual steps. - **Cross-platform device inventory sync** — Aggregate Jamf computer and mobile device data alongside other MDM sources using the Unified MDM API to maintain a single, always-current hardware asset register. - **Installed app audit and visibility report** — List mobile device applications managed in Jamf to detect outdated or unauthorized software across the fleet and surface actionable findings to security teams. - **Jamf admin access review workflow** — Enumerate all Jamf accounts and their privilege levels to power periodic access certification campaigns, automatically flagging accounts with excessive permissions. - **Contextual device sidebar for support tickets** — Look up a Jamf user by email and resolve their assigned mobile devices or computers to display serial number, model, and OS version inline within a helpdesk ticket. ## FAQs ### What authentication method does the Jamf integration use? Jamf supports API token-based authentication. Your end users provide their Jamf Pro instance URL and credentials (or an API client with appropriate permissions), and Truto handles token generation and refresh transparently. ### Which Unified APIs does the Jamf integration map to? Jamf maps to two Unified APIs: the Unified MDM API (covering Devices, Apps, and Users resources) and the Unified User Directory API (covering Users and Roles). This lets you read and write Jamf data using a standardized schema shared across other MDM and directory providers. ### Can I both read and write data to Jamf through Truto? Yes. The integration supports full CRUD operations on users, mobile devices, computer inventory, mobile device applications, and admin accounts — so you can list, create, update, and delete records as needed. ### How does Truto handle pagination when listing large Jamf datasets? Truto manages pagination automatically. When you call list endpoints like list_all_jamf_computer_inventory or list_all_jamf_mobile_devices, Truto handles page cursors and aggregation behind the scenes, returning complete result sets without requiring you to manage offsets. ### Can I search for specific mobile devices in Jamf? Yes. The integration exposes a dedicated search endpoint (list_all_jamf_search_mobile_devices) that lets you query mobile devices by specific criteria, which is useful for looking up a device by serial number or user association without fetching the entire inventory. ### What kind of device data can I access from Jamf through this integration? You can access computer inventory (Macs) and mobile devices (iPhones, iPads), including hardware details, OS version, and serial numbers. You can also list and manage mobile device applications, which gives visibility into the software deployed across the fleet.