{"id":105634,"date":"2024-03-28T15:28:07","date_gmt":"2024-03-28T19:28:07","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=105634"},"modified":"2024-04-01T10:19:07","modified_gmt":"2024-04-01T14:19:07","slug":"routing-policies-for-identity-providers","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers","title":{"rendered":"Routing Policies for Identity Providers"},"content":{"rendered":"\n<p>Admins can specify which users authenticate with an existing Identity Provider (IdP) instead of having JumpCloud manage their user\u2019s identities. Create a routing policy to enable only specifically assigned users to log into JumpCloud resources using their IdP credentials.&nbsp;<\/p>\n\n\n\n<p><strong>Prerequisites<\/strong>:<\/p>\n\n\n\n<ul>\n<li>The user group(s) that you want to apply this routing policy to should already exist, see <a href=\"https:\/\/jumpcloud.com\/support\/get-started-user-groups\">Get Started: User Groups<\/a>.<\/li>\n\n\n\n<li>You need to have an IdP already configured in order to add a routing policy to it. See our configuration documentation to learn more:\n<ul>\n<li><a href=\"https:\/\/jumpcloud.com\/support\/configure-okta-as-an-identity-provider\">Configure Okta as an Identity Provider<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/jumpcloud.com\/support\/configure-azure-as-identity-provider\">Configure Entra ID as an Identity Provider<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/jumpcloud.com\/support\/configure-google-workspace-identity-provider\">Configure Google Workspace as an Identity Provider<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><strong>Considerations<\/strong>:<\/p>\n\n\n\n<ul>\n<li>You can only create one IdP in JumpCloud.<\/li>\n\n\n\n<li>Routing policies apply to authentication requests from User Portal, Self Service Account Provisioning, and SSO apps. They will not apply to LDAP or RADIUS authentication requests.&nbsp;<\/li>\n\n\n\n<li>We recommend enabling externally managed passwords when federated authentication is enabled to prevent users from creating or updating their password in JumpCloud.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Creating a Routing Policy<\/h2>\n\n\n\n<p><strong>To create a routing policy:<\/strong><\/p>\n\n\n\n<ol>\n<li>Log into your <a href=\"https:\/\/console.jumpcloud.com\/\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to <strong>DIRECTORY INTEGRATIONS<\/strong> &gt; <strong>Identity Providers<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Under the IdP configuration information there is an <strong>Authentication<\/strong> section. Click <strong>+Routing Policy<\/strong> to add a new policy.&nbsp;<\/li>\n\n\n\n<li>Next to <strong>Create Routing Policy<\/strong>, toggle it on to enable the policy.&nbsp;<\/li>\n\n\n\n<li>Under <strong>General Info<\/strong>, enter a required <strong>Policy Name *<\/strong> and you can enter a <strong>Description<\/strong> if you\u2019d like to.&nbsp;<\/li>\n\n\n\n<li>Under <strong>Assignment<\/strong>, search for the User Groups that you want to log into their user portal using their IdP credentials.\u00a0See <a href=\"https:\/\/jumpcloud.com\/support\/get-started-user-groups\">Get Started: User Groups<\/a> to learn more. <\/li>\n\n\n\n<li>Next, under <strong>Identity Provider Routing<\/strong>, click the dropdown menu and select which IdP the User Authenticates with.&nbsp;<\/li>\n\n\n\n<li>Click <strong>Create<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Your new routing policy will appear on the Identity Provider information page.&nbsp;<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Managing the Routing Policy&nbsp;<\/h2>\n\n\n\n<p><strong>To manage the routing policy:&nbsp;<\/strong><\/p>\n\n\n\n<ol>\n<li>On the <strong>Identity Providers<\/strong> page, under <strong>Authentication<\/strong> is where the routing policy information is listed. It displays the name of the policy, how many user groups it\u2019s applied to, and its status.&nbsp;<\/li>\n\n\n\n<li>Click <strong>Configure<\/strong> to make any changes like edit the name, description, and add or remove any user groups.&nbsp;<\/li>\n\n\n\n<li>If you want to disable this routing policy, but keep the configuration details intact, you can click <strong>Configure<\/strong> next to the routing policy. On the next page, next to the name of the policy, toggle it off to disable the policy, then click <strong>Update<\/strong>.&nbsp;<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Admins can specify which users authenticate with an existing Identity Provider (IdP) instead of having JumpCloud manage their user\u2019s identities. [&hellip;]<\/p>\n","protected":false},"author":207,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2845],"support_tag":[3155],"coauthors":[2843],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Routing Policies for Identity Providers - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to configure a routing policy in JumpCloud to specify which users authenticate with a federated external identity provider (IdP).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Routing Policies for Identity Providers\" \/>\n<meta property=\"og:description\" content=\"Learn how to configure a routing policy in JumpCloud to specify which users authenticate with a federated external identity provider (IdP).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-01T14:19:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/07\/202405-MISC-JumpCloudHelpCenter-SiteDisplay-min-2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"890\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"sashaharrington\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers\",\"url\":\"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers\",\"name\":\"Routing Policies for Identity Providers - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"datePublished\":\"2024-03-28T19:28:07+00:00\",\"dateModified\":\"2024-04-01T14:19:07+00:00\",\"description\":\"Learn how to configure a routing policy in JumpCloud to specify which users authenticate with a federated external identity provider (IdP).\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Routing Policies for Identity Providers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Routing Policies for Identity Providers - JumpCloud","description":"Learn how to configure a routing policy in JumpCloud to specify which users authenticate with a federated external identity provider (IdP).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers","og_locale":"en_US","og_type":"article","og_title":"Routing Policies for Identity Providers","og_description":"Learn how to configure a routing policy in JumpCloud to specify which users authenticate with a federated external identity provider (IdP).","og_url":"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers","og_site_name":"JumpCloud","article_modified_time":"2024-04-01T14:19:07+00:00","og_image":[{"width":890,"height":525,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/07\/202405-MISC-JumpCloudHelpCenter-SiteDisplay-min-2.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"2 minutes","Written by":"sashaharrington"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers","url":"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers","name":"Routing Policies for Identity Providers - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"datePublished":"2024-03-28T19:28:07+00:00","dateModified":"2024-04-01T14:19:07+00:00","description":"Learn how to configure a routing policy in JumpCloud to specify which users authenticate with a federated external identity provider (IdP).","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/routing-policies-for-identity-providers#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Routing Policies for Identity Providers"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/105634"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/207"}],"version-history":[{"count":3,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/105634\/revisions"}],"predecessor-version":[{"id":108197,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/105634\/revisions\/108197"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=105634"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=105634"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=105634"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=105634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}