JumpCloud integrates with a variety of popular directory services to synchronize user accounts. These integrations let JumpCloud act as an authoritative directory with a single set of credentials that can be used across all directory services. When you integrate with a directory service, you can securely import existing user accounts as well as persistently replicate data across directories. You're in control of which users get replicated.
Prerequisites
- A JumpCloud administrator account
- JumpCloud Device Identity or higher package
- A Cloud Directory (Google, M365/Entra ID, HRIS, etc.) user account with the appropriate administrator permissions
Selecting a Directory to Integrate
You can integrate with various directories, including JumpCloud's LDAP services that you can attach to on-prem or legacy resources. Additionally, we offer synchronization with Google Workspace™, Microsoft 365™, and Active Directory®.
To integrate with a cloud directory:
- Log in to the JumpCloud Admin Portal.
- Go to DIRECTORY INTEGRATIONS > Cloud Directories.
- Click ( + ), then select a directory to integrate.
Syncing Directory Accounts
After you authenticate JumpCloud's connection to the directory, you can leverage JumpCloud's various synchronization methods, from user account import to continual bi-directional account synchronization. Be sure to read the documentation on the workflow for each directory integration. Step-by-step instructions for each of our supported directories are available:
Connecting the Directory
After you integrate and sync a directory, you can connect it to users and user groups. See Connect New Users to Resources.
You can see which users and groups are connected to a directory on the Directory panel's User Groups and Users tabs. Groups that are connected to the directory have a check next to their group name in the Directory panel User Groups tab list. Any users and groups that are connected to the directory are granted access to the directory.
- Directory panel User Groups tab:
All users connected to the directory have a check next to their name in the Users tab. All of these users are granted access to the directory.
- Directory panel Users tab:
Users may be connected to a directory through two methods:
- Connected through group membership
- The user has a check next to their name on the Directory panel Users tab.
- If you remove the user's connection, you are presented with the option to remove the user from the group granting access.
- Connected directly
- The user has a check next to their name on the Directory panel Users tab.
- If you remove the user's connection, the direct relationship between the directory and user is removed. The user may still have access granted to the system through group membership as previously described.