Add Users to the Admin Portal

Users can be added in a number of ways, including manually, importing through a CSV file, API, or from another directory or application. Custom integrations are also available with a REST API or SCIM integration.

Prerequisites

  • Before adding users, ensure that you have configured the default user state for new users to your preference. See Manage User States

Considerations

  • When adding a user to the Admin Portal, the email address is automatically converted to lowercase

Adding Users Manually

Note:

There are scenarios where an account that isn’t tied to a specific user may be needed, such as binding to LDAP, adding admin accounts for devices, or test accounts. The standard user account type can be leveraged for these cases. You can create a user as you normally would, and specify in the Name or Description field that it’s to be used specifically as a service or test account. No further action is required to use these accounts for the cases outlined, and they will be treated as standard users. You may also want service accounts to authorize API integrations or automation, such as BambooHR. In this case, you would use an admin account specifically created for this purpose with a role assigned that has only the necessary permissions. See Admin Portal Roles to learn more.

To manually add a new user account:

  1. Log in to the JumpCloud Admin Portal.
  2. Go to USER MANAGEMENT > Users. 
  3. Click ( + ), then select Manual user entry
  4. In the User Information section, specify information for the new user. Fields with (*) are required:
    • First Name – user’s first name
    • Middle Name – user’s middle name
    • Last Name – user’s last name
    • *Username – JumpCloud account usernameConsider the naming conventions for users before you build your directory. See Unbind New Users from a Resource
      • This data can’t be changed after a user is connected to resources
    • Local User Account – if you want to take over a current account on a device, then you can use this local user account to match that local name before you bind. Note: This field can’t be edited after a user is bound to the device
    • Display Name – user’s preferred full name. When this field is used, this display name is reflected on the bound device’s login and lock screens, as well as the login for some SSO applications
    • Managed Apple ID – unique ID that users need to enroll their personal iOS devices in MDM and access company resources
    • *Company Email – user’s company email address formatted in lowercase. For Google Workspace and Microsoft 365, the JumpCloud account email must match the external directory
    • Alternate Email – add a secondary email for user during onboarding users who don’t have access to their company email yet
    • Description – an optional description for the user. This description can be used to capture details that are not documented in other user attributes
      • This attribute propagates to LDAP for any syncing users
  5. Specify additional User Security Settings and Permissions:
    • Externally Managed Password – select a Password Authority for the user. Learn more in Externally Managed Passwords
    • Password Recovery Email – Enter another email address the user can use for password resets. Learn more in Manage Password and Security Settings
    • Password Settings  select this option to Specify initial password for the new user. Use this option if the user’s email address doesn’t exist yet. When the initial password is specified, the user doesn’t receive an email to complete system user activation and is instead activated immediately
    • Account lockout threshold for devices – when Bypass account lockout policy for user’s managed device is selected, device login failures will not trigger an account lockout
    • Multi-Factor Authentication Settings – when Require Multi-factor Authentication on the User Portal is selected, the user is prompted for a TOTP token as a second factor to log in to the User Portal. MFA setup status is also displayed. See Require MFA for Users
    • Permission Settings:
      • Enable as Global Administrator/Sudo on all device associations – when enabled, the user is given administrator/sudo privileges on all systems to which they are bound. When this option is cleared, administrator/sudo privileges can be managed for the user on a per device basis from the Devices tab
      • Enable as LDAP Bind DN – when enabled, this user acts to bind and search to JumpCloud LDAP directory; one or more users can enable this option
  6. Specify any Employment Information or Personal Information that your organization is required to store for employees

Tip:

You can prevent users from updating their User Portal profile information from General Settings. See Get Started: Admin Portal.

  1. Custom Attributes – if your organization requires that you store information for employees that isn’t provided in one of our standard user attributes, you can create custom attributes to capture this information by completing the following steps:
    • Click add new custom attribute to create a new attribute. Field names must be unique
    • Enter an Attribute Name and Attribute Value
  2. Click save user.
    • If the default state for new users is Active, an Activation Email modal appears. Click send to send the email immediately, or skip to send the email later
    • If the default state for new users is Staged, a New User Created! modal appears. You can choose to schedule the user’s activation date, activate the user immediately, or activate the user later. Learn more about these options in Manage User States
    • Click Save to save the user and return to the users list, or click Save And Create Another to save this user and start another user account creation.

Importing Users via CSV File

Considerations

  • Each imported user must be unique with their own unique email address
  • CSV file headings are case sensitive and will fail if they don’t match JumpCloud’s required case settings. To see JumpCloud’s required case settings, download the CSV template (see the Tip under step 4 below) and update the headings of the file you want to import
  • Users can be imported into the Admin Portal in either a ‘staged’ or ‘active’ user state. Note: Creating a password for a user is optional when importing users. If a user doesn’t have a password created, they will have a “Password Pending” status, regardless of their user state. If a user has a password created, they will have a “Password Active” status
  • Users that are created with or without a password are not sent an activation email on CSV import
  • Don’t import users that won’t be managed via JumpCloud. You have 48 hours after importing users to remove unwanted users. After 48 hours, you will be charged for the existence of any imported users. Please contact the account services team or your account manager with any questions
  • You can also import users from a CSV file, see Import Users from CSV with the PowerShell Module. Keep in mind that the functionality between the two CSV import methods differs. Learn about the differences below

To import users into JumpCloud from a CSV file into the Admin Portal

  1. Log in to the JumpCloud Admin Portal.
  2. Go to User Management > Users
  3. Click ( ), and select Import from CSV
  4. Click Upload CSV for Import.

Tip:

To see the heading case that JumpCloud expects for the CSV file you import, click Download CSV Template.

  1. Select a CSV file to import, and click upload
  2. Select the users you want to import, and click import users. You’ll get a confirmation that the import has successfully finished or has failed. 

Note: If you import more than 500 users, you’ll see an Import from CSV modal that includes a Job ID for the bulk import. After the bulk import completes, you’ll receive an email that contains information about the import job and a link to download results. The download link is available for 45 days.

Importing Users from the Admin Portal vs. Importing Users from the PowerShell Module

Keep the following differences in mind as you decide whether to import users from CSV into the Admin Portal or the PowerShell Module:

  • Users imported from CSV into the Admin Portal can’t automatically be connected to user groups. You can create group associations using the PowerShell Module
  • Users imported from CSV into the Admin Portal can’t automatically be connected to systems. You can create system associations using the PowerShell Module
  • Users imported from CSV into the Admin Portal can only be created with the following attributes:
    • First Name
    • Last Name
    • Username
    • Email
    • Password
  • You can import users from CSV with more than the previously mentioned attributes using the PowerShell Module

Note:

For information on updating users via CSV, see Update Users From a CSV File.

Importing Users via API

JumpCloud provides a public REST API that can be utilized to create users, amongst many other capabilities. See Import Users with a Custom API Integration.

Obtaining Your API Key

To interface with any of JumpCloud's available API options, you have to provide your API key during the configurations. See Accessing Your API Key.

To add a user via the API

  1. Utilize the following POST request with curl or your preferred API client, such as Postman.

1curl -X POST https://console.jumpcloud.com/api/systemusers  2-H 'Accept: application/json' 3-H 'Content-Type: application/json' 4-H 'x-api-key: {API_KEY}' 5-d '{ 6 "username":"{username}", 7 "email":"{email_address}", 8 "firstname":"{Name}", 9 "lastname":"{Name}" 10 }'

  1. Confirm that the user was successfully created by viewing the API response, a GET request on /systemusers, or by viewing the user in the Admin Portal.

Tip:

Users can also be created in bulk with this POST request.

Importing Users via External Identity Sources

To add users via external identity sources (e.g., directories, applications), see JumpCloud's Integration Catalog for the most current list of supported applications.

Cloud directories:

HR Directories:

Identity Providers:

  • Onboard new users that have JumpCloud managed devices by integrating your existing Identity Provider (IdP) with JumpCloud

Custom SCIM Integrations:

  • Provision, update, and deprovision users and groups from JumpCloud in applications that support SCIM

Important:

SCIM Provisioning differs in both its implementation and output from another type of web app provisioning, Just-in-Time.

Troubleshooting

See Troubleshoot: Unable to Add a New User

Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case