What is a Cloud Identity Bridge?

Written by Vince Lujan on September 25, 2017

Share This Article

A cloud identity bridge describes exactly what you might think – a utility that extends user identities to bridge the gap between on-prem Active Directory® and cloud infrastructure. The latest iteration of this tool is JumpCloud’s Active Directory Integration. While JumpCloud’s unified cloud directory is able to act as a standalone directory, AD Integration was created for organizations that want to continue using Microsoft® Active Directory as their identity provider. AD Integration allows these organizations to maintain Active Directory as the authoritative source of truth, extending domain-bound identities to non-domain resources, such as web-applications, cloud infrastructure, non-Windows systems (Macs and Linux), and even unbound Windows systems.

Why Extend Identities to the Cloud?

Active Directory fails in the cloud

Hybrid infrastructure is the product of a world in transition from on-prem to cloud infrastructure. We’re at a point in history where traditional Windows on-prem infrastructure is becoming obsolete in favor of cloud replacements like SaaS applications (e.g. Salesforce, G Suite, GitHub, Slack), hosted infrastructure (e.g. AWS, GCP), non-Windows systems (e.g. Mac, Linux) – the list goes on.

Yet, while on-prem infrastructure is dying out, it’s not going down without a fight. Directory services are a foundational element of an organization’s infrastructure. While many startups are able to go full-cloud from the onset, unfortunately many well-established organizations are caught with one foot on-prem and one in the cloud. These organizations are ideal candidates for AD Integration.


Securely connect to any resource using Google Workspace and JumpCloud.

History of the Identity Bridge

identity management active directory

When AD was first released in 2000, there was no need for a cloud identity bridge. In fact, the concept of the cloud hadn’t really been fully developed yet. It was a point in time when web applications were only just being introduced and not widely implemented. Instead, most organizations leveraged Windows legacy applications and Windows-centric IT infrastructure, all of which was on-prem.

As web applications gained traction, IT admins ran into difficulties using AD to manage non-Windows resources and web services. The need to better manage access to web apps created an opportunity for SSO providers, as they are now called, to create cloud identity bridges to extend AD credentials to manage these new cloud resources.

Identity Management Cloud Modern

These solutions were layered on top of AD, and a wide array of SSO providers appeared to streamline access management for the myriad web-based apps suddenly considered essential to get work done. The trouble was IT admins had to then manage the SSO systems in addition to managing AD – adding complexity to an already complex solution. Furthermore, these SSO providers only provided access to apps – and not the wide array of non-Microsoft resources that AD struggled with, such as Mac and Linux systems. As a result, IT admins needed additional identity bridges to extend AD to these non-Windows systems.

IT admins quickly realized that managing everything would require multiple identity bridges, each of them siloed and with their own price tag. Some call this approach hybrid infrastructure, but that’s really just a fancy way to say, “whatever works.” This architecture is certainly not ideal, efficient, or elegant; but a lot of organizations simply aren’t able to “break up” with AD. If this sounds familiar, then JumpCloud’s comprehensive AD Integration solution could be the cloud identity bridge you’re looking for.

Comprehensive Cloud Identity Bridge for Active Directory®

JumpCloud’s AD Integration simplifies the process of extending your AD-managed identities to authenticate with hosted infrastructure and non-Windows resources not supported by AD directly. It works by synchronizing JumpCloud with your desired users and groups managed in AD to gain control over their access to networks, systems, data, and applications. Resources that are not directly bound to AD can now be managed using AD credentials. The result is that user identities are extended to all of the resources they need, both on-prem and in the cloud, while AD remains your master authority.

AD Integration is different from conventional SSO add-ons since it connects so much more than just apps, but also systems running disparate operating systems like Mac and Linux devices. JumpCloud’s multi-protocol approach and robust system management capabilities eliminate the inefficiency of managing a variety of different “extenders” just to get AD to work with your infrastructure. Instead, AD Integration empowers IT admins to leverage what is effectively a cloud-based Swiss army knife for extending Active Directory identities.

Benefits of AD Integration include:

  • Extend Active Directory to SaaS apps and cloud-based infrastructure.
  • Eliminate identity silos; maintain AD as the master authority of authentication.
  • Reduce the need for VPNs.
  • Better management of Mac and Linux systems.
  • More efficient onboarding and offboarding.
  • Write passwords back into AD from non-domain resources

Is Our Cloud Identity Bridge For You?

Extending Active Directory isn’t for everyone. If you’re able to, we fully encourage you to leverage a cloud-based directory exclusively. That is the most future-proof approach and one that never requires you updating or maintaining on-prem hardware and software.

Yet, for many, the roots of their existing AD infrastructure grow too deep to cut them off completely. If your organization has invested in on-prem Active Directory infrastructure and leverages multiple cloud resources, web-applications, and/or disparate operating systems, then the JumpCloud AD Integration is likely to be a good fit.

To learn more about how JumpCloud’s Active Directory Integration can benefit your organization, drop us a note. You can also sign up for a free cloud identity management account and see for yourself. Your first ten users are free forever.

Vince Lujan

Vince is a writer and video specialist at JumpCloud. Originally from the horse capital of New Mexico, Corrales, he has lived in Boulder, Colorado for three years. When Vince is not developing content for JumpCloud, he can usually be found at the Boulder Creek.

Continue Learning with our Newsletter