JumpCloud Directory

Integrate JumpCloud with the host application for seamless user management

This guide helps administrators integrate JumpCloud with the host application using SCIM provisioning. Following these steps automates user management tasks and ensures access rights remain consistently updated.

This integration sets up:

1. Endpoint: The URL where JumpCloud sends requests to the host application, establishing communication between JumpCloud and the host application.
2. Bearer Token: The token JumpCloud uses to authenticate its requests to the endpoint, ensuring secure and authorized communication.

When configured correctly, these components enable seamless synchronization between JumpCloud and the host application.

1. Create an endpoint and API token

Open the Admin Portal and select the "SCIM Provisioning" tab. Select "JumpCloud" from the list of Directory Providers. If you can't access the Admin Portal, contact the application owner for instructions.

Selecting JumpCloud as the Directory Provider

JumpCloud directory sync setup: Endpoint URL and one-time visible bearer token provided.

This generates an Endpoint URL and Bearer token for your organization, allowing the host application to listen to events and maintain synchronization with your organization.

2. Add a new application in JumpCloud

1. Go to the JumpCloud Admin Portal > SSO Applications and click on "+ Add New Application."

Adding a new application in JumpCloud.

2. Create a custom application by searching for a non-existent application.

Creating a custom integration in JumpCloud

3. Click "Next" and select the features you want to enable. To provision new users and user updates from JumpCloud, select "Export users to this app (Identity Management)"

Enable JumpCloud to notify the host application of user changes

4. Enter general information such as display name (you can use the application name) and click "Save Application"

Successfully added the application in JumpCloud

3. Configure provisioning settings

Click on "Configure Application" and proceed to configure the application settings. This opens a modal with "Identity Management" selected. Enter the Endpoint URL and Bearer Token provided in the Admin Portal.

Configuring application settings in JumpCloud.

Clicking "Test Connection" sends user details to the host application.

tip

Explore the logs in the Admin Portal's Events section to troubleshoot any connection issues or inspect the connection for better understanding.

4. Group management

If the host application supports groups, JumpCloud will display a "Group Management" section. JumpCloud uses groups as the primary way to provision users to the host application.

Enabling provisioning settings in JumpCloud.

Click "Activate" and then "Save".

5. User and group assignment

To assign users to the host application:

Assigning users to the application in JumpCloud.

1. Go to "SSO Applications" and select the application you created. This opens a modal. Select the User Group and click on "Save".
2. Click on the "User Groups" tab and select the apps you want to assign to this group of users.
3. If you don't have groups, create one from the "User Groups" tab. In this example, we've created a group called "YourApp Users" and assigned the application to it.
4. Click on "Save Group" to save the changes.
5. Try adding a user to the group. If you don't have users, create one from the "Users" tab.

tip

Organize your users into groups for easier management and assignment of permissions.

6. Verification

After completing these steps, verify that users and groups are successfully synced between the host application and JumpCloud. Check for any errors or issues in the connection logs.

Synced user log in the Admin Portal.

note

When a group is disassociated from the host application in JumpCloud, JumpCloud sends a group update event that unassigns all the group users from the host application. However, the group association may not be removed automatically in the host application.