Skip to main content
Applies to BloodHound Enterprise and CE Represents an enabled Jamf Pro API client integration. API clients authenticate via OAuth client credentials and hold permissions through assigned API roles. They can perform programmatic actions including policy management, script operations, and self-modification.

Created by

process_api_client_nodes in lib/preprocess.py

Edges

The tables below list edges defined by the JamfHound extension only. Additional edges to or from this node may be created by other extensions.

Inbound Edges

Edge TypeSource Node TypesTraversable
jamf_Containsjamf_Tenant, jamf_Site

Outbound Edges

Edge TypeDestination Node TypesTraversable
jamf_Create_API_Client_and_Assign_Rolejamf_Tenant
jamf_Create_API_Client_and_Create_Rolejamf_Tenant
jamf_Create_API_Client_and_Update_Rolejamf_Tenant
jamf_CreateAccountsjamf_Tenant
jamf_CreateAPIRolesjamf_Tenant
jamf_CreateComputerExtensionsjamf_Computer
jamf_CreatePoliciesjamf_Computer
jamf_ScriptsNonTraversablejamf_Tenant
jamf_Update_Recurring_Scriptsjamf_Computer
jamf_Update_Roles_Assigned_To_Selfjamf_Tenant
jamf_Update_Self_and_Assign_Rolesjamf_Tenant
jamf_Update_Self_and_Create_Rolesjamf_Tenant
jamf_Update_Self_and_Update_Rolesjamf_Tenant
jamf_Update_SSO_Settingsjamf_SSOIntegration, jamf_Account, jamf_DisabledAccount, jamf_Group
jamf_UpdateAccountsjamf_Tenant
jamf_UpdateComputerExtensionsjamf_Computer
jamf_UpdatePoliciesjamf_Computer

Properties

Property NameData TypeDescription
displayNamestringDisplay name of the API client
namestringName of the API client
enabledbooleanWhether the API client is enabled
authorizationScopesstring[]API roles assigned to this client
privilegesstring[]Resolved list of all privileges from assigned roles
TierintegerSecurity tier classification

Relationship Diagram

Note: Some non-traversable edges have been omitted for clarity. The diagram shows all traversable edges and structurally important non-traversable edges.