By Zach DeMeyer Posted February 13, 2019
Generic SAML Connector Attributes for Just-In-Time Provisioning
JumpCloud has upgraded the generic SAML connector to have the ability to send user attributes to SSO applications. This includes basic and custom user attributes, and may enable just-in-time provisioning (JIT), depending on the service provider. This is a highly anticipated feature and will greatly improve both the ability and ease of integrating JumpCloud with SSO applications.
Our generic SAML connector, which JumpCloud admins can use to connect to almost any web application supporting the SAML 2.0 protocol, can now send user attributes in order to perform specific operations, such as account provisioning into applications supporting this process. Using this, admins can propagate their basic user attributes, such as username or department, as well as any custom attributes to web applications that utilize them. Learn more via the link below to see how to leverage basic and custom attributes in the generic SAML connector. In the JumpCloud Admin Console, simply choose which attributes should be provisioned to the application and you’ll be set.
Configure Attribute Export to G Suite/Office 365
Do you need your JumpCloud user identities and their details replicated to other systems? Do you need to represent a user’s department in G Suite? Do you need to reflect a user’s phone number in Office 365?
Coming soon, we will increase the JumpCloud user attributes that can be exported to G Suite and O365, giving you control over which attributes are exported and ultimately controlled by JumpCloud. You will simply select which standard user attributes you wish to have exported and JumpCloud will ensure those attributes are automatically synced.
Attributes that can be exported include: Title, Work Phone, Employee ID, Department, and more. Selected attributes can be exported on an entire organization basis. You can learn more in our Knowledge Base, here for G Suite and here for O365.
New Capability: Unlock User Account
One of the most common support calls an IT admin receives is to request assistance when an end user locks themselves out of their system. Normally, this would result in a password reset and a lot of wasted time, which is stressful for both admin and the end user.
Now, JumpCloud admins can manually unlock a user account directly from their Admin Console without initiating a password reset. This Unlock User capability will help streamline the process when a JumpCloud user gets locked out of their system after too many login attempts. Admins will see this option within the user’s details in the Admin Portal or they may unlock users in bulk through new options in the User’s list view.
MFA Improvements: Password Resets and AD User MFA Support
We’ve released another round of updates to our multi-factor authentication (MFA) functionality to make adopting and using MFA easier than ever. In our latest release, we’ve simplified the password reset experience by ensuring that users no longer have to unnecessarily reset their MFA key while resetting their JumpCloud passwords.
Additionally, we’ve made the secure protection of JumpCloud MFA available for users that are managed by Active Directory using our AD Bridge. With this capability, AD-managed users can now be protected by MFA when logging into Macs, Linux servers, SSO applications, or the JumpCloud user portal.
New Security Resources for Your Team
JumpCloud is, first and foremost, a security company. Recently, JumpCloud CSO, Greg Keller, partnered with OpenView investor, Mackey Craven, and delivered a presentation on Security for SaaS Startups.
We also just released Security Training 101: Employee Education Essentials. This piece details several key security training guidelines, as well as a collection of true stories of situations where security training could have saved entire organizations.
RADIUS MFA Survey: Tell Us What You Think!
Are you using RADIUS today? Are you using MFA? Have you considered how they can be used together?
As JumpCloud product & engineering are working through enabling a second factor of authentication for our RADIUS services, we’d love to hear from you about your current/desired RADIUS and MFA usage. Please fill out our RADIUS & MFA survey in the link below. Your feedback is critical in shaping the future of our product.