How to Deploy Beyond Identity Authenticator via Jamf

Overview

This article describes how to deploy the Beyond Identity Authenticator application to macOS computers via Jamf. This article is not the only way to do it; this is a sample way to do it.
The process here uses a script to check once every day if the desired version is installed, and if not, it will call Jamf to execute the policy that will install the software.

Step 1: Download .pkg

1. Download the Beyond Identity Authenticator .pkg installer from the official source.

2. Save it to a location you can easily access later (for example, your Downloads folder).

Step 2: Upload .pkg to Jamf

1. Open All Settings menu

2. Select Computer Management

3. Open Packages

4. Click the + New button

5. Click the Choose File button

6. Select the downloaded file

7. Click the Save button

8. Wait until the package becomes available. You can check this by opening the uploaded package. Once the yellow banner is gone, the package is ready.

Step 3: Create Policy to Install the Package

1. Navigate to Computers

2. Select Policies
   

3. Click the + New button

4. Type “Install Beyond Identity Authenticator” as the Display Name

5. Check (or leave checked) the Enabled checkbox

6. Check the Custom checkbox

7. Type “install_bid” as the Custom Event

8. Select Ongoing for the Execution Frequency

9. Select the Packages tab

10. Click the Configure button

11. Click the Add button on your newly uploaded package

12. Select the Scope tab

13. Set All Computers as the Target Computers

14. Set All Users as the Target Users

15. Click the Save button
    

Step 4: Create a Script to Run the Installer

1. Open All Settings menu

2. Select Computer Management

3. Open Scripts
   

4. Click the + New button

5. Type “Check BI Authenticator Version and Install Minimum Required Version” as the Display Name

6. Use this sample script (line 18 is the minimum version check):

#!/bin/zsh
# un comment set -x for debug output
set -x

# Test if the app exists, if not run the installer and exit script
if [[ ! -e /Applications/Beyond\ Identity.app ]]
then echo "beyond identity does not exist, installing..."
/usr/local/bin/jamf policy -event install_bid
exit 0
fi

# Get Beyond Identity Authenticator current version via spotlight
get_bid_vers=$(mdls /Applications/Beyond\ Identity.app -name kMDItemVersion -raw)
test_touch=$(touch thisfile.txt)

# use is-at-least to validate we are running minimum desired version
autoload is-at-least
if is-at-least 2.46.0 "${get_bid_vers}"
then echo "required version detected, exiting..."
exit 0
else ${test_touch}
/usr/local/bin/jamf policy -event install_bid
fi

7. Click the Save button

Step 5: Create Policy to Execute the Script

1. Navigate to Computers

2. Select Policies
   

3. Click the + New button

4. Type “Check BI Authenticator Version and Update to Minimum Version” as the Display Name

5. Check (or leave checked) the Enabled checkbox

6. Check the Recurring Check-in checkbox

7. Check the Custom checkbox

8. Type “check_and_upgrade_BI_authenticator_version” as the Custom Event

9. Select Once every day for the Execution Frequency

10. Select the Script tab

11. Click the Configure button

12. Click the Add button on your new script

13. Select the Scope tab

14. Set All Computers as the Target Computers

15. Set All Users as the Target Users

16. Click the Save button