JumpCloud SCIM Provisioning Configuration Guide

This guide shows you how to set up a JumpCloud app with System for Cross-domain Identity Management (SCIM) provisioning. When done, you will have enabled an app with provisioning to securely automate and manage user identity information, such as user account creation, updates, and deactivation, between JumpCloud and StrongDM.

Prerequisites #

Before you begin, ensure that you have the appropriate privileges and permissions:

• You must be an Administrator in JumpCloud.
• In StrongDM, you must have the Administrator permission level.

Steps #

These instructions walk you through the process of adding a SCIM provisioning application in JumpCloud and getting your token from the StrongDM Admin UI. We recommend that you keep both JumpCloud and the Admin UI open in your browser so you can easily tab between them.

Add the StrongDM app in JumpCloud #

1. Log in to the JumpCloud Console.
2. From the User Authentication sidebar menu, select SSO.
   Note that the current Supported Functionality is only Identity Management.
3. On the SSO page, click the plus icon + to add a new app.
4. Search for and then select StrongDM.
5. Click configure and then click Save.
6. From the General Info tab, enter a Display Label and an optional Description.
7. Navigate to the Bookmark tab. In the URL field, enter https://app.strongdm.com/app/login and click activate.

Get a SCIM token from StrongDM #

1. Log in to the StrongDM Admin UI.
2. Go to Settings > User Management and then the Provisioning section.
3. From the SCIM Provider dropdown, select Generic.
4. Click Activate SCIM.
5. Copy and save the generated token. You need this token when configuring provisioning for your JumpCloud app in the following section.

Set up identity management in JumpCloud #

1. From your StrongDM app in the JumpCloud Console, navigate to the Identity Management tab and click configure. Ensure the Enable management of User Groups and Group Membership in this application checkbox is selected.
2. In the Base URL field, enter https://app.strongdm.com/provisioning/generic/v2.
3. In the Token Field, enter the StrongDM SCIM token (for example, aabb12fjfl445...jkhksjhf98345un) that you generated in the Admin UI.
4. Click Activate and click Save, if necessary.

Select user groups in JumpCloud #

1. From your StrongDM app, navigate to the User Groups tab.

2. Select the checkbox next to each user group you want to have access to this app.

3. Click Save.

   Note that JumpCloud syncs groups of users and not individual users.