BED-8516: Added API client auth for Jamf collector#307
Merged
Conversation
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
WalkthroughThis PR updates the OpenHound Jamf collector documentation to introduce OAuth API client authentication as the recommended method alongside username/password authentication, and to reflect a new credentials configuration structure under ChangesJamf Collector Authentication and Configuration Documentation
Estimated code review effort🎯 2 (Simple) | ⏱️ ~8 minutes Suggested labels
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
jeff-matthews
commented
Jun 8, 2026
Contributor
Author
|
@coderabbitai review |
Contributor
✅ Action performedReview finished.
|
jeff-matthews
added
the
data-collection
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/openhound/collectors/jamf/collect-data.mdx`:
- Around line 44-48: The environment-variable prefix in the Jamf collector docs
is incorrect; replace instances of SOURCES__SOURCE__JAMF__CREDENTIALS with the
correct convention SOURCES__JAMF__CREDENTIALS to match the
[sources.source.<collector>.credentials] mapping used elsewhere, and update the
warning and surrounding text so examples and instructions consistently reference
SOURCES__JAMF__CREDENTIALS.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: e6cd28c8-e5ac-4e75-988b-c3164ba017a1
📒 Files selected for processing (2)
docs/openhound/collectors/jamf/collect-data.mdxdocs/openhound/collectors/jamf/overview.mdx
Comment on lines
+44
to
+48
| Credentials for the Jamf collector are configured under the `[sources.source.jamf.credentials]` section of the secrets file, or via environment variables that use the `SOURCES__SOURCE__JAMF__CREDENTIALS` prefix. | ||
|
|
||
| | Parameter Name | Environment Variable | Description | | ||
| |----------------|---------------------------------|------------------------------------------------------------------------------------| | ||
| | `username` | \{PREFIX\}__USERNAME | The username of the account used to authenticate to the Jamf Pro API. | | ||
| | `password` | \{PREFIX\}__PASSWORD | The password of the account used to authenticate to the Jamf Pro API. | | ||
| | `host` | \{PREFIX\}__HOST | The full host/url of the Jamf Pro tenant. For example: `https://jamf.example.com`. | | ||
| <Warning> | ||
| The credentials configuration structure changed in a recent release of the OpenHound Jamf collector. If you are upgrading from an earlier version, move existing `username`, `password`, and `host` values from `[sources.source.jamf]` into `[sources.source.jamf.credentials]` and update any matching environment variables to use the new `SOURCES__SOURCE__JAMF__CREDENTIALS` prefix. | ||
| </Warning> |
Contributor
There was a problem hiding this comment.
Fix the Jamf environment-variable prefix to match the documented OpenHound credentials convention.
SOURCES__SOURCE__JAMF__CREDENTIALS appears inconsistent with the established [sources.source.<collector>.credentials] mapping pattern shown elsewhere (SOURCES__<COLLECTOR>__CREDENTIALS). As written, users may set the wrong env vars and fail auth/config loading.
Suggested doc fix
-Credentials for the Jamf collector are configured under the `[sources.source.jamf.credentials]` section of the secrets file, or via environment variables that use the `SOURCES__SOURCE__JAMF__CREDENTIALS` prefix.
+Credentials for the Jamf collector are configured under the `[sources.source.jamf.credentials]` section of the secrets file, or via environment variables that use the `SOURCES__JAMF__CREDENTIALS` prefix.
...
- The credentials configuration structure changed in a recent release of the OpenHound Jamf collector. If you are upgrading from an earlier version, move existing `username`, `password`, and `host` values from `[sources.source.jamf]` into `[sources.source.jamf.credentials]` and update any matching environment variables to use the new `SOURCES__SOURCE__JAMF__CREDENTIALS` prefix.
+ The credentials configuration structure changed in a recent release of the OpenHound Jamf collector. If you are upgrading from an earlier version, move existing `username`, `password`, and `host` values from `[sources.source.jamf]` into `[sources.source.jamf.credentials]` and update any matching environment variables to use the new `SOURCES__JAMF__CREDENTIALS` prefix.📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
Suggested change
| Credentials for the Jamf collector are configured under the `[sources.source.jamf.credentials]` section of the secrets file, or via environment variables that use the `SOURCES__SOURCE__JAMF__CREDENTIALS` prefix. | |
| | Parameter Name | Environment Variable | Description | | |
| |----------------|---------------------------------|------------------------------------------------------------------------------------| | |
| | `username` | \{PREFIX\}__USERNAME | The username of the account used to authenticate to the Jamf Pro API. | | |
| | `password` | \{PREFIX\}__PASSWORD | The password of the account used to authenticate to the Jamf Pro API. | | |
| | `host` | \{PREFIX\}__HOST | The full host/url of the Jamf Pro tenant. For example: `https://jamf.example.com`. | | |
| <Warning> | |
| The credentials configuration structure changed in a recent release of the OpenHound Jamf collector. If you are upgrading from an earlier version, move existing `username`, `password`, and `host` values from `[sources.source.jamf]` into `[sources.source.jamf.credentials]` and update any matching environment variables to use the new `SOURCES__SOURCE__JAMF__CREDENTIALS` prefix. | |
| </Warning> | |
| Credentials for the Jamf collector are configured under the `[sources.source.jamf.credentials]` section of the secrets file, or via environment variables that use the `SOURCES__JAMF__CREDENTIALS` prefix. | |
| <Warning> | |
| The credentials configuration structure changed in a recent release of the OpenHound Jamf collector. If you are upgrading from an earlier version, move existing `username`, `password`, and `host` values from `[sources.source.jamf]` into `[sources.source.jamf.credentials]` and update any matching environment variables to use the new `SOURCES__JAMF__CREDENTIALS` prefix. | |
| </Warning> |
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@docs/openhound/collectors/jamf/collect-data.mdx` around lines 44 - 48, The
environment-variable prefix in the Jamf collector docs is incorrect; replace
instances of SOURCES__SOURCE__JAMF__CREDENTIALS with the correct convention
SOURCES__JAMF__CREDENTIALS to match the [sources.source.<collector>.credentials]
mapping used elsewhere, and update the warning and surrounding text so examples
and instructions consistently reference SOURCES__JAMF__CREDENTIALS.
* chore: align certification status with v9.3.0 enhancement * chore: restore notes * fix: table with column descriptions
* wip: initial draft of built-in extensions * style: normalize built-in extension terminology * wip: make update conditions easier to understand * chore: apply suggestions from CR review * docs: apply suggestions from PM review * docs: added top-level section for ext mgmt models
* docs: added full path highlighting * chore: add full path highlighting example screenshot * wip: cross reference entity panel * style: wrap images in frames * style: replace badges with enterprise svg * docs: added layout behavior enhancements * docs: apply suggestions from PM review * docs: add lable clipping behavior and option to disable * chore: removed hacky console workaround for disabling path highlighting and label clipping
* wip: initial draft of v9.3.0 release notes * wip: removed old, mis-tagged issue for PZM * wip: removed old AzureHound fixed issue * wip: add no-op stub for AzureHound * wip: copyedit jamf api client feature * chore: moved AzureHound fixed issue to latest release * wip: copyedit fixed issue descriptions * wip: copyedit administration enhancements * wip: add TODOs for enhancements that require supporting doc updates * chore: removed mis-tagged issues * wip: copyedit full-path highlighting * wip: copyedit layout defaults * wip: copyedit layout defaults * wip: minor copyediting * wip: copyedit attack path type names * chore: removed previously shipped cypher result layouts enhancement * wip: copyedit certification statuses * wip: copyedited built-in extensions * wip: added post-processing performance enhancements * wip: initial draft of v9.3.0 summary * chore: align summary and v9.3.0 release notes * fix: broken links * chore: normalized pre-installed extension terminology * style: use title case * chore: bump openhound version * style: refine headings * docs: clarify editionavailability for supported extensions * chore: change enterprise designation
slokie-so
approved these changes
Jun 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request (PR) adds the API client auth methods to the Jamf collector docs for OpenHound.
I'll add release notes for this breaking change in a separate PR.
Related to SpecterOps/openhound-jamf#7
Staging
Summary by CodeRabbit
Summary
[sources.source.jamf.credentials]), including TOML examples for both methods.username,password, andhostsettings from the prior location.