Provisioning With JumpCloud

This guide shows you how to set up a JumpCloud app with System for Cross-domain Identity Management (SCIM) provisioning. When done, you will have enabled an app with provisioning to securely automate and manage user identity information, such as user account creation, updates, and deactivation, between JumpCloud and StrongDM.

Prerequisites

Before you begin, ensure that you have the appropriate privileges and permissions:

You must be an Administrator in JumpCloud.
In StrongDM, you must have the Administrator permission level.

Steps

These instructions walk you through the process of adding a SCIM provisioning application in JumpCloud and getting your token from the StrongDM Admin UI. We recommend that you keep both JumpCloud and the Admin UI open in your browser so you can easily tab between them.

Add the StrongDM app in JumpCloud

Log in to the JumpCloud Console.
From the User Authentication sidebar menu, select SSO.

Note that the current Supported Functionality is only Identity Management.

On the SSO page, click the plus icon + to add a new app.
Search for and then select StrongDM.
Click configure and then click Save.
From the General Info tab, enter a Display Label and an optional Description.
Navigate to the Bookmark tab. In the URL field, enter the appropriate login URL depending on your tenant location and click activate.

Follow instructions in the tab for your organization's StrongDM region, not your location.

https://app.strongdm.com/app/login

Follow instructions in the tab for your organization's StrongDM region, not your location.

https://app.uk.strongdm.com/app/login

Follow instructions in the tab for your organization's StrongDM region, not your location.

https://app.eu.strongdm.com/app/login

Get a SCIM token from StrongDM

Log in to the StrongDM Admin UI.
Go to Settings > User Management and then the Provisioning section.
From the SCIM Provider dropdown, select Generic.
Click Activate SCIM.
Copy and save the generated token. You need this token when configuring provisioning for your JumpCloud app in the following section.

Set up identity management in JumpCloud

The default value for Base URL is https://app.strongdm.com/provisioning/generic/v2, but may vary based on your organization's StrongDM region.

From your StrongDM app in the JumpCloud Console, navigate to the Identity Management tab and click configure. Ensure the Enable management of User Groups and Group Membership in this application checkbox is selected.
In the Base URL field, enter https://app.strongdm.com/provisioning/generic/v2 .
In the Token Field, enter the StrongDM SCIM token (for example, aabb12fjfl445...jkhksjhf98345un) that you generated in the Admin UI.
Click Activate and click Save, if necessary.

From your StrongDM app in the JumpCloud Console, navigate to the Identity Management tab and click configure. Ensure the Enable management of User Groups and Group Membership in this application checkbox is selected.
In the Base URL field, enter https://app.uk.strongdm.com/provisioning/generic/v2 .
In the Token Field, enter the StrongDM SCIM token (for example, aabb12fjfl445...jkhksjhf98345un) that you generated in the Admin UI.
Click Activate and click Save, if necessary.

From your StrongDM app in the JumpCloud Console, navigate to the Identity Management tab and click configure. Ensure the Enable management of User Groups and Group Membership in this application checkbox is selected.
In the Base URL field, enter https://app.eu.strongdm.com/provisioning/generic/v2 .
In the Token Field, enter the StrongDM SCIM token (for example, aabb12fjfl445...jkhksjhf98345un) that you generated in the Admin UI.
Click Activate and click Save, if necessary.

Select user groups in JumpCloud

From your StrongDM app, navigate to the User Groups tab.
Select the checkbox next to each user group you want to have access to this app.
Click Save.

Note that JumpCloud syncs groups of users and not individual users.

Last updated 37 minutes ago

Was this helpful?