JumpCloud Mobile Admin App Overview

JumpCloud Admin lets a JumpCloud administrator or a help desk person resolve common helpdesk requests on-the-go. You can unlock user accounts, force a user password change, remove MFA requirements, and see event logs for each user.

Prerequisites

• iOS: version 13 or greater
• Android: version 8 or greater

Overview of JumpCloud Admin

The JumpCloud Admin mobile app gives an IT admin or support technician the ability to troubleshoot and handle quick requests from their phone. These tasks include unlocking a user’s account or resetting MFA. 

Larger workflows will continue to be handled from the JumpCloud portal.

Supported Functionality

• View status:
  • Admins can view an organizations’ users, and user states and statuses (locked out, suspended, and MFA).
  • Admins can view Settings to determine app version, terms and conditions, and opt out of usage and quality data collection.
• User lifecycle functions
  • Admins can suspend and restore a user’s account.
• Troubleshooting user lockouts
  • Admins can unlock a user’s account, reset a user’s MFA (TOTP, Push, WebAuthn), and force a password change.

Using the JumpCloud Admin Mobile App

1. Open the JumpCloud Admin app on your mobile device.
2. Log in with your JumpCloud admin credentials.
   1. If TOTP MFA is required, you must input your TOTP code to authorize the JumpCloud Admin mobile app.

Use Cases

1. Unlock a user’s account
2. Reset and re-enroll a user’s MFA
3. Remove a user’s MFA requirement 

Use Case 1: Unlock a User’s Account

Scenario: A user contacted the help desk because their JumpCloud account is locked. How do I unlock this user’s account?

1. On your mobile device, open the JumpCloud Admin app.
2. Log in with your JumpCloud admin credentials.

3. Tap on Accounts Locked Out and select the user you want to unlock. 
4. Scroll down to Directory Activities and review what triggered the lock. If you see suspicious behavior or patterns, investigate further.
5. If the account unlock request is legitimate, tap Unlock User Account. 

6. Manually notify the user that their account is unlocked.

Use Case 2: Reset a User’s MFA

Scenario: A user lost their mobile device, or upgraded their smartphone and forgot to re-register their MFA client, and now they can’t log in to their JumpCloud Portal because they lost access to JumpCloud Protect, Google Authenticator, Duo, or a similar OTP app. How do I reset the user’s MFA on their account so they can re-enroll MFA on next login?

1. On your mobile device, open the JumpCloud Admin app.
2. Log in with your JumpCloud admin credentials.

3. Tap on Total Users and select the appropriate user.

4. Scroll down to Directory Activities and investigate to determine if there is any suspicious activity.
5. If there is no suspicious activity, tap Reset TOTP MFA.
6. Manually notify the user that their account is unlocked.

Use Case 3: Remove a User’s MFA Requirement

Scenario: A user temporarily lost or misplaced their mobile device and can’t access the JumpCloud Portal because they don’t have access to JumpCloud Protect or a similar OTP app. How do I allow the user to sign in without MFA? 

1. On your mobile device, open the JumpCloud Admin app.
2. Log in with your JumpCloud admin credentials.

3. Tap on Total Users and select the appropriate user.

4. Scroll down to Directory Activities and investigate to determine if there is any suspicious activity.
5. If there is no suspicious activity, tap Remove MFA Requirement.

6. Manually notify the user that you removed their MFA login requirement.

7. When the time comes, re-enable MFA for the user.
   1. From the JumpCloud Admin Console, go to Users > User > Details > User Security Settings and Permissions and select Require Multi-factor Authentication on the User Portal.