How To Setup RADIUS Authentication in Jamf Pro


  1. Registering the application in your tenant
  2. Creating Cloud Radius Instance
  3. Being a Subscription Owner or Network Administrator
  4. Being an MDM Administrator.

Introduction - How to Setup RADIUS Authentication in Jamf Pro

There are three ways to setup RADIUS authentication in Jamf Pro, one is using EAP-TLS (Certificate Authentication), another is using Your Entra ID Password with EAP-TTLS PAP, and the last one (which does not require Jamf Pro setup) is using PEAP-MSCHAPv2 Password Authentication using the RADIUS credentials created by your users (you can see how to enable self service user management using their Entra ID credentials). We recommend using EAP-TLS as it is more secure (and magical to the users) and does not require passwords.

How To Setup Entra ID Password Authentication in Jamf Pro

  1. Go to your Jamf Pro portal.
  2. Go to Network
  3. Network Interface. - Wi-Fi
  4. SSID: <Your SSID name; must match exactly including capitalization>
  5. Security Type: WPA/WPA2 Enterprise
  6. Protocols - Accepted EAP Types: TTLS
  7. Username - $EMAIL
  8. Inner Authentication: PAP
  9. Trusted Server Certificate Names: enter the IP address of your Cloud RADIUS instance

Now when the user connects to the Wi-Fi network, they will be prompted for their Entra ID password.