Skip to main content

JumpCloud Directory

Integrate JumpCloud with the host application for seamless user management

This guide helps administrators integrate JumpCloud with the host application using SCIM provisioning. Following these steps automates user management tasks and ensures access rights remain consistently updated.

This integration sets up:

  1. Endpoint: The URL where JumpCloud sends requests to the host application, establishing communication between JumpCloud and the host application.
  2. Bearer Token: The token JumpCloud uses to authenticate its requests to the endpoint, ensuring secure and authorized communication.

When configured correctly, these components enable seamless synchronization between JumpCloud and the host application.

1. Create an endpoint and API token

Open the Admin Portal and select the "SCIM Provisioning" tab. Select "JumpCloud" from the list of Directory Providers. If you can't access the Admin Portal, contact the application owner for instructions.

SCIM Provisioning
Setup

Selecting JumpCloud as the Directory Provider

SCIM Provisioning Setup

JumpCloud directory sync setup: Endpoint URL and one-time visible bearer token provided.

This generates an Endpoint URL and Bearer token for your organization, allowing the host application to listen to events and maintain synchronization with your organization.

2. Add a new application in JumpCloud

  1. Go to the JumpCloud Admin Portal > SSO Applications and click on "+ Add New Application."

Add New Application

Adding a new application in JumpCloud.

  1. Create a custom application by searching for a non-existent application.

Application
Selection

Creating a custom integration in JumpCloud

  1. Click "Next" and select the features you want to enable. To provision new users and user updates from JumpCloud, select "Export users to this app (Identity Management)"

Feature Selection

Enable JumpCloud to notify the host application of user changes

  1. Enter general information such as display name (you can use the application name) and click "Save Application"

Successful
addition

Successfully added the application in JumpCloud

3. Configure provisioning settings

Click on "Configure Application" and proceed to configure the application settings. This opens a modal with "Identity Management" selected. Enter the Endpoint URL and Bearer Token provided in the Admin Portal.

Configure Application
Settings

Configuring application settings in JumpCloud.

Clicking "Test Connection" sends user details to the host application.

tip

Explore the logs in the Admin Portal's Events section to troubleshoot any connection issues or inspect the connection for better understanding.

4. Group management

If the host application supports groups, JumpCloud will display a "Group Management" section. JumpCloud uses groups as the primary way to provision users to the host application.

Provisioning
Settings

Enabling provisioning settings in JumpCloud.

Click "Activate" and then "Save".

5. User and group assignment

To assign users to the host application:

User Assignment

Assigning users to the application in JumpCloud.

  1. Go to "SSO Applications" and select the application you created. This opens a modal. Select the User Group and click on "Save".
  2. Click on the "User Groups" tab and select the apps you want to assign to this group of users.
  3. If you don't have groups, create one from the "User Groups" tab. In this example, we've created a group called "YourApp Users" and assigned the application to it.
  4. Click on "Save Group" to save the changes.
  5. Try adding a user to the group. If you don't have users, create one from the "Users" tab.
tip

Organize your users into groups for easier management and assignment of permissions.

6. Verification

After completing these steps, verify that users and groups are successfully synced between the host application and JumpCloud. Check for any errors or issues in the connection logs.

Verification Process

Synced user log in the Admin Portal.

note

When a group is disassociated from the host application in JumpCloud, JumpCloud sends a group update event that unassigns all the group users from the host application. However, the group association may not be removed automatically in the host application.


Is this page helpful? Yes No