JumpCloud is an Official IdP for AWS SSO

Written by Brenna Lee on November 15, 2021

Share This Article

In any organization, users across most departments access critical applications every day, so it’s essential that the user authentication and sign-in processes are secure, efficient, and user-friendly. To further streamline the identity and access management (IAM) processes for organizations using both JumpCloud and AWS, JumpCloud is now officially a supported Amazon Web Services (AWS) Single Sign-On (SSO) partner. 

What this means: 

  • Organizations can connect their JumpCloud Directory Platform to AWS SSO one time to create a simplified sign-in and authentication experience for end users
  • IT can manage access to AWS centrally in AWS SSO
  • End users can sign-in using JumpCloud to access all of their assigned AWS accounts and resources

AWS is selective with the identity providers (IdPs) they choose to partner with, and now JumpCloud is one of six official options. To use the JumpCloud and AWS SSO integration, you don’t need to be enterprise-size — small and medium-sized enterprises can also reap significant benefits from this partnership.

Benefits of the JumpCloud and AWS SSO Integration

The primary benefits of the JumpCloud and AWS SSO official integration are:

  • Improved security and identity control across platforms
  • Significant time savings for admins
  • Increased visibility of AWS account access levels for all JumpCloud users
  • Ability to establish a single, familiar sign-in processes for users, and streamline access management processes for administrators
  • Simplified process to grant or revoke AWS access within JumpCloud

To deliver these benefits, this partnership grants JumpCloud organizations:

  1. Simplified AWS access management across multiple accounts
  2. A centralized place to control identities and access
  3. A streamlined sign-in experience for end users 
  4. Standards-based automation for provisioning users and groups into AWS SSO
  5. Allowance for additional measures of security such as multi-factor authentication (MFA) and conditional access policies to be layered on top of SSO
  6. Simplified access management through the use of JumpCloud groups — admins can manage access by adding or removing a user from the relevant group

How Does the JumpCloud and AWS SSO Integration Work?

JumpCloud’s use of the System for Cross-domain Identity Management (SCIM) protocol automates the process of provisioning users and groups into AWS SSO. Further, the Security Assertion Markup Language (SAML) protocol is used to authenticate JumpCloud users and provide seamless access to their AWS accounts. 

The connection is configured by going into your JumpCloud instance and using your AWS SSO SCIM endpoint and access token. When you set up the SCIM sync, you create a mapping of your user attributes in JumpCloud to the corresponding attributes in AWS SSO, which creates the expected attribute matches between each platform.

With the way this integration works, users can use their JumpCloud credentials to efficiently and securely sign-in to the:

  • AWS Management Console
  • AWS Command Line Interface (CLI)
  • AWS Console Mobile Application
  • AWS integrated services, including AWS IoT SiteWise Monitor and Amazon SageMaker Notebooks

Integrate Your JumpCloud Instance With AWS SSO

Give your users single-click access to all of their assigned accounts from the AWS SSO user portal without sacrificing the convenience of the sign-in experience they’re used to with JumpCloud.


Create your AWS SSO application in your JumpCloud account

Brenna Lee

Brenna is a Content Writer at JumpCloud that loves learning about and immersing herself in new technologies. Outside of the [remote] office, she loves traveling and exploring the outdoors!

Continue Learning with our Newsletter