diff --git a/public/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-scim-config.png b/public/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-scim-config.png new file mode 100644 index 00000000..f026754a Binary files /dev/null and b/public/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-scim-config.png differ diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx index d5446e2e..bc36e6f2 100644 --- a/src/components/NavigationDocs.jsx +++ b/src/components/NavigationDocs.jsx @@ -169,6 +169,7 @@ export const docsNavigation = [ { title: 'Microsoft Entra ID', href: '/how-to/microsoft-entra-id-sync' }, { title: 'Okta', href: '/how-to/okta-sync' }, { title: 'Google Workspace', href: '/how-to/google-workspace-sync'}, + { title: 'JumpCloud', href: '/how-to/jumpcloud-sync'}, ] }, { diff --git a/src/pages/how-to/idp-sync.mdx b/src/pages/how-to/idp-sync.mdx index b4491bf0..af01b851 100644 --- a/src/pages/how-to/idp-sync.mdx +++ b/src/pages/how-to/idp-sync.mdx @@ -38,4 +38,5 @@ For detailed setup and configuration steps, select an IdP from the section below * [Entra ID (Azure AD)](/how-to/microsoft-entra-id-sync) * [Okta](/how-to/okta-sync) * [Google Workspace](/how-to/google-workspace-sync) +* [JumpCloud](/how-to/jumpcloud-sync) diff --git a/src/pages/how-to/jumpcloud-sync.mdx b/src/pages/how-to/jumpcloud-sync.mdx new file mode 100644 index 00000000..28212238 --- /dev/null +++ b/src/pages/how-to/jumpcloud-sync.mdx @@ -0,0 +1,123 @@ +# Provision Users and Groups From JumpCloud + +JumpCloud is a comprehensive cloud-based directory platform that provides identity, access, and device management capabilities. +It offers features like single sign-on (SSO), multi-factor authentication (MFA), and centralized user management +to help organizations secure and manage access to their resources. + +NetBird's JumpCloud integration enhances user management by allowing you to utilize JumpCloud as your identity provider. +This integration automates user authentication in your network, adds SSO and MFA support, and simplifies network access management +to your applications and resources. + +The integration process consists of two stages: first, you'll work with the NetBird support team to set up Single Sign-On (SSO) +from NetBird's login page using JumpCloud credentials. Next, you'll configure SCIM (System for Cross-domain Identity Management) +to synchronize users and groups seamlessly. + +## Get Started with NetBird-JumpCloud Integration + +To set up SSO and SCIM provisioning, go to `Integrations` in the NetBird admin console's left menu to access the Identity Provider integration page. Click the `Connect JumpCloud` button to get started with the JumpCloud-NetBird integration. This will open a pop-up window with detailed instructions on synchronizing NetBird and JumpCloud. + +![NetBird JumpCloud Integration](/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-integration-start.png) + +## Prerequisites + +Before you begin the integration process, ensure you have the necessary [admin permissions in JumpCloud](https://jumpcloud.com/support/admin-portal-roles). You need a JumpCloud user account with one of the following roles: + +* Administrator (minimum required) +* Administrator with Billing + +These roles have the required permissions to configure SSO applications and manage SCIM provisioning. + +## Setting Up SSO with JumpCloud + +Before configuring SCIM provisioning, you must first set up Single Sign-On (SSO) with JumpCloud. Please follow the detailed setup instructions in our [Single Sign-On guide for JumpCloud](/how-to/single-sign-on#jump-cloud). + +Once SSO is configured and you can successfully log in to NetBird using your JumpCloud credentials, you can proceed with the SCIM setup below. + +## Enabling JumpCloud SCIM in NetBird + + + +### Configure SCIM Application in JumpCloud + +In your [JumpCloud admin console](https://console.jumpcloud.com/), go to `SSO Applications`, select your `NetBird` +application, and then select the `Identity Management` tab. + +In the **Configuration Settings** section, enter the following SCIM Service Provider details: + +* **API Type**: `SCIM API` (default) +* **SCIM Version**: `SCIM 2.0` (default) +* **Base URL**: `https://api.netbird.io/api/scim/v2` +* **Token Key**: Paste the Bearer token you copied from NetBird +* **Test User Email**: Provide a new, unused email address for testing (e.g., `test@yourdomain.com`) + +![JumpCloud SCIM Configuration](/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-scim-config.png) + +* Click `Test Connection` to verify the SCIM connection + +If the connection is successful, you'll see a success message. Click `Activate` to enable SCIM provisioning. + +![JumpCloud SCIM Test Success](/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-scim-test-success.png) + +## Configuring SCIM Provisioning to NetBird + +On NetBird, click `Continue →`. You'll see instructions for configuring SCIM provisioning options. + +![NetBird Configure SCIM Provisioning](/docs-static/img/how-to-guides/jumpcloud-sync/netbird-configure-provisioning.png) + +Back in JumpCloud, configure the provisioning settings: + +* Under the `Identity Management` tab in your NetBird application +* Enable the following options: + * **Create Users**: Automatically create users in NetBird when assigned in JumpCloud + * **Update User Attributes**: Sync user profile changes from JumpCloud to NetBird + * **Deactivate Users**: Remove access when users are unassigned in JumpCloud + * **Push Groups**: Synchronize JumpCloud groups to NetBird + +![JumpCloud Enable Provisioning Options](/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-enable-provisioning.png) + +Click `Save` when you're done. + +## Assigning NetBird Application to JumpCloud Users and Groups + +In NetBird, click `Continue →` to see the steps for assigning users and groups. + +![NetBird Assign Users and Groups](/docs-static/img/how-to-guides/jumpcloud-sync/netbird-assign-users-groups.png) + +In JumpCloud admin console: + +* Navigate to your NetBird SSO application +* Click on the `User Groups` tab +* Select the groups that should have access to NetBird + +![JumpCloud Assign Groups](/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-assign-groups.png) + +You can also assign individual users by clicking on the `Users` tab: + +* Click `+` to add users +* Search for and select users to assign to NetBird +* Click `Save` + +![JumpCloud Assign Users](/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-assign-users.png) + +## Push JumpCloud Groups to NetBird + +To synchronize groups from JumpCloud to NetBird: + +* In your NetBird application in JumpCloud +* Go to the `Identity Management` tab +* Under `Group Management`, select `Push Groups` +* Choose which groups to sync to NetBird + +![JumpCloud Push Groups](/docs-static/img/how-to-guides/jumpcloud-sync/jumpcloud-push-groups.png) + +Once configured, JumpCloud will automatically push the selected groups to NetBird. + +## Verify Synchronization + +Return to NetBird and click `Finish Setup`. You can verify the synchronization by navigating to `Team > Users` in the NetBird console. + +![NetBird Verify Users](/docs-static/img/how-to-guides/jumpcloud-sync/netbird-verify-users.png) + +The users and groups listed in NetBird should match those you configured in JumpCloud. + +![NetBird Users Synced](/docs-static/img/how-to-guides/jumpcloud-sync/netbird-users-synced.png) \ No newline at end of file