JumpCloud APIs

Directory Insights is JumpCloud's event logging and compliance feature. It shines a light on audit trails leading up to critical events so you know the what, where, when, how, and who of your directory activities.

You can use our RESTful API, PowerShell Module, and Admin Portal to access event logs, see activity happening in your directory, and monitor user authentications to the User Portal, SAML SSO applications, RADIUS, and LDAP. See Directory Insights to learn more.

Supplemental scripts and precompiled binaries can be found on our public Github Support Repository. 

Additional client code can be found in the following repos:

• jcapi-python
• jcapi-go
• jcapi-ruby

Accessing Your API Key

Considerations:

• API access will be disabled for Admins by default. 
• Only Admins with Billing role can enable API access. If you need to access your API key, contact your Admin with Billing to enable this for you. See Enable API Access to learn more.
  • Admins without API access enabled will receive the following error: “You don’t have permission to view or generate an API Key. Contact your Admin to have them enable this for you.”

To leverage any of JumpCloud's available API options, an API key is required during the configuration.

To access your API key:

1. Log in to the JumpCloud Admin Portal.
2. In the top-right, click your account initials and select My API Key.
3. If you haven’t generated an API key yet, you’ll have the option to Generate New API Key.
4. You’ll receive an API key, it has the prefix ‘jca_’ before it to help you search for it easier.

To set a Time to Live (TTL) for your API Key:

1. In the top-right of the Admin Portal, click your account initials and select My API Key.
2. Click the Expiration Date menu and select from the following options; 30 days, 60 days, 90 days, Custom, or No Expiration. Your selection will automatically save.
3. The Custom option allows you to set the expiration for as little as one hour, to as many as 365 days.
4. The API key expiration date is displayed here as well. You will be emailed daily that your API key is expiring starting 7 days from your API key expiration. Once your API key has expired, you will have to generate a new one, and update any existing integrations.

Generating a New API Key

It's very important to exercise strong security posture when handling your API key, as it gives unfiltered access to your JumpCloud instance through API calls. If you believe for any reason that your API key may have been shared or compromised, we suggest generating a new API key.

1. Log in to the JumpCloud Admin Portal.
2. In the top-right, click your account initials and select My API Key.
3. Click Generate New API Key to have a new API key generated and displayed.

This will impact any of the following integrations: 

• AD Import 
• HRIS integrations
  • BambooHR
  • Bob
  • Deel
  • Factorial
• Custom API Integrations
• JumpCloud Powershell Module
• Jumpcloud-Slack-App
• Directory Insights Serverless App
• ADMU
• 3rd party MDM Zero-touch packages
• Command Triggers
• Okta SCIM integration
• Entra ID SCIM integration
• Integrations built to create/update users and/or devices using 3rd party tools like Workato, Aquera, Tray,io, etc.
• Automations and custom apps, and any other use cases that involve an Admins JumpCloud API key. 

FAQ