Add Users to the Admin Portal

Users can be added in a number of ways, including manually, importing through a CSV file, API, or from another directory or application. Custom integrations are also available with a REST API or SCIM integration.

Adding Users Manually

To manually add a new user account

  1. Log in to the JumpCloud Admin Portal.
  2. Go to USER MANAGEMENT > Users. 
  3. Click ( + ), then select Manual user entry
  4. In the User Information section, specify information for the new user. Fields with (*) are required:
    • First Name – user’s first name.
    • Middle Name – user’s middle name.
    • Last Name – user’s last name.
    • *Username – JumpCloud account usernameConsider the naming conventions for users before you build your directory. See Unbind New Users from a Resource to learn more. 
      • This data can’t be changed after a user is connected to resources.
    • Local User Account – if you want to take over a current account on a system, then you can use this local user account to match that local name before you bind. Note: This field can’t be edited when bound to a system.
    • Display Name – user’s preferred full name. This name is stored by JumpCloud but is not used in user communications.
    • Managed Apple ID – unique ID that users need to enroll their personal iOS devices in MDM and access company resources. You can also use a script to upload a large number of MAIDs. See Run the MAID Import Script
    • *Company Email – user’s company email address. For Google Workspace and Microsoft 365, the JumpCloud account email must match the external directory.
    • Alternate Email – add a secondary email for user during onboarding users who don’t have access to their company email yet.
    • Description – an optional description for the user. This description can be used to capture details that are not documented in other user attributes. This attribute propagates to LDAP for any syncing users. 
  1. Specify additional User Security Settings and Permissions:
  • Password Settings  select this option to specify an initial password for the new user. Use this option if the user’s email address doesn’t exist yet. When the initial password is specified, the user doesn’t receive an email to complete system user activation and is activated immediately.
  • Account lockout threshold for devices – when enabled, device login failures will not trigger an account lockout.
  • Multi-Factor Authentication Settings – when this option is selected, the user is prompted for a TOTP token as a second factor to log in to the User Portal. MFA setup status is also displayed. See Configure MFA for your Organization to learn more.
  • JumpCloud Protect Mobile Push Status – shows the status of JumpCloud Protect on users’ mobile devices.
  • Security Keys (WebAuthn) – register any security keys.
  • Device Authenticator (WebAuthn) – shows if users can enroll from the User Portal.
  • Permission Settings
    • Enable as Global Administrator/Sudo on all device associations – when enabled, the user is given administrator/sudo privileges on all systems to which they are bound. When this option is cleared, administrator/sudo privileges can be managed for the user on a per device basis from the Devices tab.
    • Enable as LDAP Bind DN – when enabled, this user acts to bind and search to JumpCloud LDAP directory; one or more users can enable this option.
  1. Specify any Employment Information or Personal Information that your organization is required to store for employees.


You can prevent users from updating their User Portal profile information from General Settings. See Get Started: Admin Portal to learn more.

  1. Custom Attributes – if your organization requires that you store information for employees that isn’t provided in one of our standard user attributes, you can create custom attributes to capture this information by completing the following steps:
    • Click add new custom attribute to create a new attribute. Field names must be unique.
    • Enter an Attribute Name and Attribute Value.
    • Click save user.
  2. Public Keys – create and store any user SSH Public Keys.


There are scenarios where an account that isn’t tied to a specific user may be needed, such as binding to LDAP, adding admin accounts for devices, or test accounts. The standard user account type can be leveraged for these cases. You can create a user as you normally would, and specify in the Name or Description field that it’s to be used specifically as a service or test account. No further action is required to use these accounts for the cases outlined, and they will be treated as standard users. You may also want service accounts to authorize API integrations or automation, such as BambooHR. In this case, you would use an Admin account specifically created for this purpose with a role assigned that has only the necessary permissions. See Admin Portal Roles to learn more.

Importing Users via CSV File


  • Each imported user must be unique with their own unique email address.
  • CSV file headings are case sensitive and will fail if they don’t match JumpCloud’s required case settings. To see JumpCloud’s required case settings, download the CSV template (see the Tip under step 4 below) and update the headings of the file you want to import.
  • Users can be imported into the Admin Portal in either a ‘staged’ or ‘active’ user state. Note: Creating a password for a user is optional when importing users. If a user doesn’t have a password created, they will have a “Password Pending” status, regardless of their user state. If a user has a password created, they will have a “Password Active” status.
  • Users that are created with or without a password are not sent an activation email on CSV import.
  • Don’t import users that won’t be managed via JumpCloud. You have 48 hours after importing users to remove unwanted users. After 48 hours, you will be charged for the existence of any imported users. Please contact the account services team or your account manager with any questions.
  • You can also import users from a CSV file, see Import Users from CSV with the PowerShell Module. Keep in mind that the functionality between the two CSV import methods differs. Learn about the differences below.

To import users into JumpCloud from a CSV file into the Admin Portal

  1. Log in to the JumpCloud Admin Portal.
  2. Go to User Management > Users
  3. Click ( ), and select Import from CSV
  4. Click Upload CSV for Import.
  5. Tip: To see the heading case that JumpCloud expects for the CSV file you import, click Download CSV Template.
  6. Select a CSV file to import, and click upload
  7. Select the users you want to import, and click import users. You’ll get a confirmation that the import has successfully finished or has failed. 

Note: If you import more than 500 users, you’ll see an Import from CSV modal that includes a Job ID for the bulk import. After the bulk import completes, you’ll receive an email that contains information about the import job and a link to download results. The download link is available for 45 days.

Importing Users from the Admin Portal vs. Importing Users from the PowerShell Module

Keep the following differences in mind as you decide whether to import users from CSV into the Admin Portal or the PowerShell Module:

  • Users imported from CSV into the Admin Portal can’t automatically be connected to user groups. You can create group associations using the PowerShell Module.
  • Users imported from CSV into the Admin Portal can’t automatically be connected to systems. You can create system associations using the PowerShell Module.
  • Users imported from CSV into the Admin Portal can only be created with the following attributes:
    • First Name
    • Last Name
    • Username
    • Email
    • Password
  • You can import users from CSV with more than the previously mentioned attributes using the PowerShell Module.


For information on updating users via CSV, see Update Users From a CSV File.

Importing Users via API

JumpCloud provides a public REST API that can be utilized to create users, amongst many other capabilities. See Import users with a Custom API integration.

Obtaining Your API Key

To interface with any of JumpCloud's available API options, you have to provide your API key during the configurations. See Accessing Your API Key to learn more.

To add a user via the API

  1. Utilize the following POST request with curl or your preferred API client, such as Postman.

1curl -X POST  2-H 'Accept: application/json' 3-H 'Content-Type: application/json' 4-H 'x-api-key: {API_KEY}' 5-d '{ 6 "username":"{username}", 7 "email":"{email_address}", 8 "firstname":"{Name}", 9 "lastname":"{Name}" 10 }'

  1. Confirm that the user was successfully created by viewing the API response, a GET request on /systemusers, or by viewing the user in the Admin Portal.


Users can also be created in bulk with this POST request.

Importing Users via External Identity Sources

To add users via external identity sources (e.g., directories, applications), see JumpCloud's Integration Catalog for the most current list of supported applications.

Cloud directories:

HR Directories:

Identity Providers:

  • Onboard new users that have JumpCloud managed devices by integrating your existing Identity Provider (IdP) with JumpCloud (this feature is currently in Beta).

Custom SCIM Integrations:

  • Provision, update, and deprovision users and groups from JumpCloud in applications that support SCIM.


SCIM Provisioning differs in both its implementation and output from another type of web app provisioning, Just-in-Time.


See Troubleshoot: Unable to Add a New User

Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case