> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# jamf_SSOIntegration

> Represents the Single Sign-On (SSO) integration configured in the Jamf Pro tenant. When enabled, the SSO provider can map attributes to authenticate as any Jamf account or group, making it a Tier 0 node with significant security implications.

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

Represents the Single Sign-On (SSO) integration configured in the Jamf Pro tenant. When enabled, the SSO provider can map attributes to authenticate as any Jamf account or group, making it a Tier 0 node with significant security implications.

## Created by

`process_sso_node` in `lib/preprocess.py`

## Edges

<Note>
  The tables below list edges defined by the Jamf extension only. Additional edges to or from this node may be created by other extensions.
</Note>

### Inbound Edges

| Edge Type                                                                                | Source Node Types                                                                                                                                                                                                                                                                                                                                                  | Traversable |
| ---------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------- |
| [jamf\_Contains](/opengraph/extensions/jamf/edges/jamf_contains)                         | [jamf\_Tenant](/opengraph/extensions/jamf/nodes/jamf_tenant), [jamf\_Site](/opengraph/extensions/jamf/nodes/jamf_site)                                                                                                                                                                                                                                             | ✅           |
| [jamf\_Update\_SSO\_Settings](/opengraph/extensions/jamf/edges/jamf_update_sso_settings) | [jamf\_Account](/opengraph/extensions/jamf/nodes/jamf_account), [jamf\_DisabledAccount](/opengraph/extensions/jamf/nodes/jamf_disabledaccount), [jamf\_Group](/opengraph/extensions/jamf/nodes/jamf_group), [jamf\_ApiClient](/opengraph/extensions/jamf/nodes/jamf_apiclient), [jamf\_DisabledApiClient](/opengraph/extensions/jamf/nodes/jamf_disabledapiclient) | ✅           |

### Outbound Edges

| Edge Type                                                           | Destination Node Types                                                                                                                                                                                     | Traversable |
| ------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |
| [jamf\_SSO\_Login](/opengraph/extensions/jamf/edges/jamf_sso_login) | [jamf\_Account](/opengraph/extensions/jamf/nodes/jamf_account), [jamf\_DisabledAccount](/opengraph/extensions/jamf/nodes/jamf_disabledaccount), [jamf\_Group](/opengraph/extensions/jamf/nodes/jamf_group) | ✅           |

## Properties

| Property Name       | Data Type | Description                      |
| ------------------- | --------- | -------------------------------- |
| ssoEnabled          | boolean   | Whether SSO is enabled           |
| idpUrl              | string    | Identity Provider URL            |
| idpProviderType     | string    | Type of identity provider        |
| entityId            | string    | SAML entity ID                   |
| groupAttributeName  | string    | Attribute name for group mapping |
| groupRdnKey         | string    | RDN key for group lookups        |
| siteID              | string    | Site ID (always "-1" for global) |
| Tier                | integer   | Security tier classification (0) |
| name                | string    | Name of the SSO integration      |
| enrollmentSsoConfig | string    | Enrollment SSO configuration     |

## Relationship Diagram

```mermaid theme={null}
flowchart TD
    SSOIntegration[fa:fa-address-card jamf_SSOIntegration]
    Account[fa:fa-circle-user jamf_Account]
    DisabledAccount[fa:fa-circle-user jamf_DisabledAccount]
    Group[fa:fa-people-group jamf_Group]
    Tenant[fa:fa-cloud jamf_Tenant]

    SSOIntegration -->|jamf_SSO_Login| Account
    SSOIntegration -->|jamf_SSO_Login| DisabledAccount
    SSOIntegration -->|jamf_SSO_Login| Group

    Tenant -->|jamf_Contains| SSOIntegration

    style SSOIntegration fill:#FFFFFF,stroke:#333,stroke-width:3px,color:#000
    style Account fill:#0098BB,stroke:#333,stroke-width:1px,color:#000
    style DisabledAccount fill:#909090,stroke:#333,stroke-width:1px,color:#000
    style Group fill:#F0FC03,stroke:#333,stroke-width:1px,color:#000
    style Tenant fill:#00C08D,stroke:#333,stroke-width:1px,color:#000
```