|
| 1 | +# Provision Users and Groups From JumpCloud |
| 2 | + |
| 3 | +JumpCloud is a comprehensive cloud-based directory platform that provides identity, access, and device management capabilities. |
| 4 | +It offers features like single sign-on (SSO), multi-factor authentication (MFA), and centralized user management |
| 5 | +to help organizations secure and manage access to their resources. |
| 6 | + |
| 7 | +NetBird's JumpCloud integration enhances user management by allowing you to utilize JumpCloud as your identity provider. |
| 8 | +This integration automates user authentication in your network, adds SSO and MFA support, and simplifies network access management |
| 9 | +to your applications and resources. |
| 10 | + |
| 11 | +The integration process consists of two stages: first, you'll work with the NetBird support team to set up Single Sign-On (SSO) |
| 12 | +from NetBird's login page using JumpCloud credentials. Next, you'll configure SCIM (System for Cross-domain Identity Management) |
| 13 | +to synchronize users and groups seamlessly. |
| 14 | + |
| 15 | +## Get Started with NetBird-JumpCloud Integration |
| 16 | + |
| 17 | +To set up SSO and SCIM provisioning, go to `Integrations` in the NetBird admin console's left menu to access the Identity Provider integration page. Click the `Connect JumpCloud` button to get started with the JumpCloud-NetBird integration. This will open a pop-up window with detailed instructions on synchronizing NetBird and JumpCloud. |
| 18 | + |
| 19 | + |
| 20 | + |
| 21 | +## Prerequisites |
| 22 | + |
| 23 | +Before you begin the integration process, ensure you have the necessary [admin permissions in JumpCloud](https://jumpcloud.com/support/admin-portal-roles). You need a JumpCloud user account with one of the following roles: |
| 24 | + |
| 25 | +* Administrator (minimum required) |
| 26 | +* Administrator with Billing |
| 27 | + |
| 28 | +These roles have the required permissions to configure SSO applications and manage SCIM provisioning. |
| 29 | + |
| 30 | +## Setting Up SSO with JumpCloud |
| 31 | + |
| 32 | +Before configuring SCIM provisioning, you must first set up Single Sign-On (SSO) with JumpCloud. Please follow the detailed setup instructions in our [Single Sign-On guide for JumpCloud](/how-to/single-sign-on#jump-cloud). |
| 33 | + |
| 34 | +Once SSO is configured and you can successfully log in to NetBird using your JumpCloud credentials, you can proceed with the SCIM setup below. |
| 35 | + |
| 36 | +## Enabling JumpCloud SCIM in NetBird |
| 37 | + |
| 38 | + |
| 39 | + |
| 40 | +### Configure SCIM Application in JumpCloud |
| 41 | + |
| 42 | +In your [JumpCloud admin console](https://console.jumpcloud.com/), go to `SSO Applications`, select your `NetBird` |
| 43 | +application, and then select the `Identity Management` tab. |
| 44 | + |
| 45 | +In the **Configuration Settings** section, enter the following SCIM Service Provider details: |
| 46 | + |
| 47 | +* **API Type**: `SCIM API` (default) |
| 48 | +* **SCIM Version**: `SCIM 2.0` (default) |
| 49 | +* **Base URL**: `https://api.netbird.io/api/scim/v2` |
| 50 | +* **Token Key**: Paste the Bearer token you copied from NetBird |
| 51 | +* **Test User Email **: Provide a new, unused email address for testing (e.g., `[email protected]`) |
| 52 | + |
| 53 | + |
| 54 | + |
| 55 | +* Click `Test Connection` to verify the SCIM connection |
| 56 | + |
| 57 | +If the connection is successful, you'll see a success message. Click `Activate` to enable SCIM provisioning. |
| 58 | + |
| 59 | + |
| 60 | + |
| 61 | +## Configuring SCIM Provisioning to NetBird |
| 62 | + |
| 63 | +On NetBird, click `Continue →`. You'll see instructions for configuring SCIM provisioning options. |
| 64 | + |
| 65 | + |
| 66 | + |
| 67 | +Back in JumpCloud, configure the provisioning settings: |
| 68 | + |
| 69 | +* Under the `Identity Management` tab in your NetBird application |
| 70 | +* Enable the following options: |
| 71 | + * **Create Users**: Automatically create users in NetBird when assigned in JumpCloud |
| 72 | + * **Update User Attributes**: Sync user profile changes from JumpCloud to NetBird |
| 73 | + * **Deactivate Users**: Remove access when users are unassigned in JumpCloud |
| 74 | + * **Push Groups**: Synchronize JumpCloud groups to NetBird |
| 75 | + |
| 76 | + |
| 77 | + |
| 78 | +Click `Save` when you're done. |
| 79 | + |
| 80 | +## Assigning NetBird Application to JumpCloud Users and Groups |
| 81 | + |
| 82 | +In NetBird, click `Continue →` to see the steps for assigning users and groups. |
| 83 | + |
| 84 | + |
| 85 | + |
| 86 | +In JumpCloud admin console: |
| 87 | + |
| 88 | +* Navigate to your NetBird SSO application |
| 89 | +* Click on the `User Groups` tab |
| 90 | +* Select the groups that should have access to NetBird |
| 91 | + |
| 92 | + |
| 93 | + |
| 94 | +You can also assign individual users by clicking on the `Users` tab: |
| 95 | + |
| 96 | +* Click `+` to add users |
| 97 | +* Search for and select users to assign to NetBird |
| 98 | +* Click `Save` |
| 99 | + |
| 100 | + |
| 101 | + |
| 102 | +## Push JumpCloud Groups to NetBird |
| 103 | + |
| 104 | +To synchronize groups from JumpCloud to NetBird: |
| 105 | + |
| 106 | +* In your NetBird application in JumpCloud |
| 107 | +* Go to the `Identity Management` tab |
| 108 | +* Under `Group Management`, select `Push Groups` |
| 109 | +* Choose which groups to sync to NetBird |
| 110 | + |
| 111 | + |
| 112 | + |
| 113 | +Once configured, JumpCloud will automatically push the selected groups to NetBird. |
| 114 | + |
| 115 | +## Verify Synchronization |
| 116 | + |
| 117 | +Return to NetBird and click `Finish Setup`. You can verify the synchronization by navigating to `Team > Users` in the NetBird console. |
| 118 | + |
| 119 | + |
| 120 | + |
| 121 | +The users and groups listed in NetBird should match those you configured in JumpCloud. |
| 122 | + |
| 123 | + |
0 commit comments