JumpCloud Directory

This guide is designed to assist administrators in integrating JumpCloud with the Scalekit platform using SCIM provisioning. By following these steps, you can automate user management tasks and ensure that access rights are consistently updated.

This registration sets up the following:

1. Endpoint: This is the URL where Scalekit will send requests to JumpCloud. It acts as a communication point between Scalekit and JumpCloud.
2. Bearer Token: This token is used by Scalekit to authenticate its requests to the endpoint, ensuring that requests are secure and authorized.

By setting up these components, you enable seamless synchronization between JumpCloud and Scalekit.

1. Create an endpoint and API token

   Open the Admin Portal and select the “SCIM Provisioning” tab. A list of Directory Providers will be displayed. Choose “JumpCloud” as your Directory Provider. If the Admin Portal is not accessible from the app, request instructions from the app owner.

   

   

   This action will generate an Endpoint URL and Bearer token for your organization, allowing the app to listen to events and maintain synchronization with your organization.

2. Add a new application in JumpCloud

   Go to the JumpCloud Admin Portal > SSO Applications and click on ”+ Add New Application.”

   

   Create a custom application by trying to do an non-existent application search.

   

   Click “Next” and choose the features you would like to enable. Since your application wants to provision new users and user updates from JumpCloud, select “Export users to this app (Identity Management)”

   

   Finally, enter the general info such as display name (this example uses “Provisioning via Scalekit”) and click “Save Application”

   

3. Configure provisioning settings

   Click on “Configure Application” and proceed to configure the application settings. This opens a modal with “Identity Management” selected. Enter the Endpoint URL and Bearer Token provided by Scalekit.

   

   “Test Connection” will send the user details to Scalekit (hence your app).

   Tip

   Explore the logs in Scalekit Dashboard > Organizations > Customer > Events. This will help you troubleshoot any issues with the connection or inspect the connection for better understanding.

4. Configure group management

   Jumpcloud verifies if Scalekit supports groups, “Group Management” section appears. JumpCloud uses groups as the primary way provision users to your application.

   

   Click “Activate” and then “Save”.

5. Assign users and groups

   To assign users to the newly integrated application:

   

   1. Go to “SSO Applications” and select the application you created. This opens an Modal. Select the User Group and click on “Save”.
   2. Click on the “User Groups” tab and select the apps you want to assign to this group of users.
   3. If you don’t have groups you can create one from “User Groups” tab. In this example, we have created a group called “YourApp Users” and assigned the “Provisioning via Scalekit” app to it.
   4. Click on “Save Group” to save the changes.
   5. Now try adding a user to the group. If you don’t have users, you can create one from “Users” tab.

   Tip

   Make sure to organize your users into groups for easier management and assignment of permissions.

6. Verify successful connection

   After completing these steps, verify that users and groups are successfully synced between Scalekit and JumpCloud. Check for any errors or issues in the connection logs.

   

   Note

   When an group is dis-associated from an app in JumpCloud (“Provisioning via Scalekit” app), JumpCloud sends an group update event to Scalekit that unassigns all the group users to your app. However, the group association is not removed in Scalekit automatically.