We've introduced Routing Policies to the external Identity Provider (IdP) configuration within JumpCloud.
What's changing:
- Prior to this change, configuring an external IdP like Google, Azure, or Okta would result in every User in your organization authenticating with this provider.
- After this change, once you configure an external IdP, you will need to also configure a Routing Policy.
- The Routing Policy is scoped to User Group(s). Only Users in these groups will authenticate with the associated external IdP.
- Any User not in a User Group associated with the Routing Policy will authenticate with JumpCloud (see FAQ for more info)
When is this changing:
- Starting today, you have to configure a Routing Policy (see the Creating a Routing Policy section below for instructions).
- If you have an existing external IdP, you will have a grace period to configure a Routing Policy before it's enforced. See your email alert for more information.
- During the grace period, the policy will NOT be enforced. Every User in your organization will continue to authenticate with the configured IdP until that date.
Creating a Routing Policy
- Log into your JumpCloud Admin Portal.
- Go to DIRECTORY INTEGRATIONS > Identity Providers.
- Under the IdP configuration information there is an Authentication section. Click +Routing Policy to add a new policy.
- Next to Create Routing Policy, toggle it on to enable the policy.
- Under General Info, enter a required Policy Name * and you can enter a Description if you’d like to.
- Under Assignment, search for the User Groups that you want to log into their user portal using their IdP credentials. See Get Started: User Groups to learn more.
- Next, under Identity Provider Routing, click the dropdown menu and select which IdP the User Authenticates with.
- Click Create.
- Your new routing policy will appear on the Identity Provider information page.
You may add the All Users group to the Routing Policy. This group was automatically created when you created your JumpCloud organization. It is a Dynamic group that, unless modified, will contain every User in your organization. Your organization may not have this group available. See our Community post on Dynamic Groups to learn more.
You have from now until Monday, April 15, 2024 to create a Routing Policy.
If you configure a Routing Policy during the grace period, it will be enforced on Monday, April 15, 2024. If you did NOT configure a Routing Policy during the grace period, every User in your organization will revert to authenticating with JumpCloud (see question below for more details) until a Routing Policy is configured.
These Users will login with JumpCloud.* They must have an Active password in order to access User Portal, SSO apps, etc. You may either set a password on Users, or send an activation email which will allow these users to set their own password. See Get Started: Users to learn more.
Please feel free to email [email protected], for any additional questions.
For urgent support needs, please contact JumpCloud Support.