Mandatory JumpCloud API Key Rotation

Out of an abundance of caution relating to an ongoing incident, JumpCloud has decided to rotate all API Keys for JumpCloud Admins.

View Old API Keys Actively Being Used

You can use Directory Insights to see if old API keys are still in use.

To view old API Keys actively being used:

1. Log in to the JumpCloud Admin Portal.
2. In the left hand navigation, click INSIGHTS > Directory.
3. Select the appropriate Time Range to narrow events to the desired time period.
4. In the Event Type dropdown menu, select admin_old_api_key_attempt to filter the events.

5. A list of results will populate if there are any active, but old API keys being used.
6. Click the dropdown arrow next to the timestamp of an event to see a Summary.
7. Click the JSON tab to see the Admin’s Email Address, the User-Agent and Client IP address of the device that’s making the call to the JumpCloud API. 

To access your new API Key:

1. Log in to the JumpCloud Admin Portal as an Administrator or Command Runner.
2. In the Admin Portal, click your account initials displayed at the top-right and select My API Key from the drop-down.
3. Your new API key will be displayed in the resulting dialogue.

Once an Admin's API Key is rotated, the old API key associated to that Admin will no longer work. This will impact any of the following: 

• AD Import 
• HRIS integrations
  • BambooHR
  • Bob
  • Deel
  • Factorial
• JumpCloud Powershell Module
• Jumpcloud-Slack-App
• Directory Insights Serverless App
• ADMU
• 3rd party MDM Zero-touch packages
• Command Triggers
• Okta SCIM integration
• Azure AD SCIM integration
• Integrations built to create/update users and/or devices using 3rd party tools like Workato, Aquera, Tray,io, etc.
• Automations and custom applications, and any other use cases that involve an Administrators JumpCloud API key.