• Overview
  • Configuration

Related-apps

JumpCloud

Reduce administrators' workload and data entry errors by automating employee life cycle management

Identity provisioning Identity management

The ADManager Plus and JumpCloud integration enables seamless synchronization of user data, empowering IT teams to automate user provisioning, deprovisioning, and account management across systems. By streamlining employee lifecycle management, this integration enhances security by reducing the risk of outdated or excessive access and minimizes reliance on HR and IT teams for manual updates.

 

Automated user provisioning and deprovisioning

The integration allows IT teams to automate the provisioning and deprovisioning of user accounts across Active Directory, JumpCloud, and other connected systems. This eliminates manual tasks and reduces the risk of errors in user management processes.

 

Active directory synchronization

The integration ensures seamless synchronization of user data between JumpCloud and Active Directory, ensuring that changes made in JumpCloud are reflected across other IT systems, including Exchange, Microsoft 365, and other business-critical applications.

 

Centralized user access control

IT administrators can manage and enforce user access policies centrally, ensuring that users have appropriate access to resources across AD, JumpCloud, and other systems based on their roles and responsibilities. This reduces security risks and strengthens compliance.

 

How to integrate JumpCloud with ADManager Plus

Prerequisites

Provide an API key with permissions to retrieve the desired information and perform tasks in JumpCloud. Refer to JumpCloud's API references for more details.

Privileges

  • To import users from JumpCloud (inbound action): Ensure the account used for authorization has permission to read all user accounts.
  • To perform any action or query in JumpCloud (outbound action): Ensure the account used for authorization has permission to perform the desired action.
Note: ADManager Plus comes with a preconfigured set of APIs that helps perform basic actions with the integration. If the action you require is not available, please gather the necessary API details from JumpCloud's API documentation to configure inbound or outbound webhooks to perform the required actions.

Authorization configuration

  • Log in to ADManager Plus and navigate to Directory/Application Settings.
  • Go to Application Integrations, then search for and select JumpCloud.
  • Toggle the Enable JumpCloud Integration button on.
  • In the JumpCloud Configuration page, click Authorization.
  • Generate the API key and API token in JumpCloud, and paste the generated value in the Value field for the x-api-key.
  • Click Configure.

Inbound webhook configuration

An inbound webhook enables you to fetch user data from JumpCloud and send it to ADManager Plus. To configure an inbound webhook for JumpCloud:

  • Under Inbound Webhook, click JumpCloud Endpoint Configuration.
  • An endpoint, JumpCloud USERS ENDPOINT, comes preconfigured with Endpoint URL, HTTP Method, Headers, and Parameters fields to fetch user accounts from JumpCloud. If you prefer to use a new endpoint to import users, you can configure one by clicking + Add API Endpoint and filling in the required fields according to JumpCloud's API references. Learn how here. Note:
    • The API key-value pair is preconfigured as a header for authenticating API requests as configured during authorization configuration.
    • Refer to JumpCloud's API references and configure additional headers and parameters, if needed.
    • Macros can be added to the endpoint URL, headers, parameters, and message body to dynamically modify the configuration using the macro chooser.
  • Once done, click Test & Save to validate and save the endpoint, or click Save as Draft to store the configuration as a draft without testing the endpoint. If you choose Test & Save, a response window will be displayed. This response window includes the following tabs:
    • Response: Displays API response parameters in a tree structure. You can set the data type for each field:
      • Text (default)
      • Number
      • Timestamp
      • Array
      Note: Text, Number, and Timestamp fields are used for advanced filter criteria. Array is used to select a specific value from a response array (refer to JSON conditional parsing).
    • Response Details: Displays the complete response message in text format.
    • Request: Displays the request headers, parameters, and message body.
  • Click Save. Note: You can configure multiple endpoints for JumpCloud using the + Add API Endpoint button. Learn how here.
  • Click Data Source - LDAP Attribute Mapping to match endpoints and to map AD LDAP attributes with the respective attributes in JumpCloud. ADManager Plus also lets you customize the attribute format from JumpCloud.
  • Click + Add New Configuration and:
    • Enter the Configuration Name and Description, and select the Automation Category drop-down menu to choose a category.
    • In the Select endpoint field, select the desired endpoint and a Primary Key that is unique to a user (e.g. employeeIdentifier). Note: When multiple endpoints are configured, this attribute must hold the same value in all the endpoints.
    • In the Attribute Mapping field, select the attribute from the LDAP Attribute Name drop-down menu and map it to the corresponding column in JumpCloud. Macros are also supported in attribute mapping. To create a new custom format, click Add New Format.
    • Click Save.
Note: The attribute mapping configured in this section can be selected as the data source during automation configuration to perform the desired action on the list of users received from the API response.

Outbound webhook configuration

An outbound webhook enables you to update the changes made in AD using ADManager Plus in JumpCloud. It also lets you fetch or forward required details from JumpCloud and synchronize them with AD. To configure an outbound webhook for JumpCloud:

  • Under Outbound Webhook, click JumpCloud Webhook Configuration.
  • Click + Add Webhook.
  • Enter a name and description for this webhook.
  • Decide on the action that has to be performed and refer to JumpCloud's API references for the API details, such as the URL, headers, parameters, and other requirements that will be needed. Enter the employee details value in the Parameter field.
  • Select the HTTP method that will enable you to perform the desired action on the endpoint from the GET drop-down menu.
  • Enter the endpoint URL.

    Reference: The highlighted section is the drop-down and the text box next to it is the endpoint url text box.

    Screenshot
  • Configure the Headers, Parameters, and Message Type in the appropriate format based on the API call that you would like to perform. Note: Macros can be added to the endpoint URL, headers, parameters, and message body to dynamically modify the configuration using the macro chooser.
  • Click Test & Save to validate and save the webhook, or click Save as Draft to store the webhook as a draft without testing.
  • If you select Test & Save, a response window is displayed. Choose the user or group on which the API request should be tested and click OK. This triggers a real-time call to the endpoint URL, allowing you to verify whether macros are applied correctly. You may skip selecting a user or group. However, if you do make a selection, the macros present in the webhook will be parsed using the selected object’s values:
    • Response: Displays API response parameters in a tree structure. You can set the data type for each field:
      • Text (default)
      • Number
      • Timestamp
      Note: The Text, Number, and Timestamp fields are used for advanced filter criteria.
    • Response Details: Displays the complete response message in text format.
    • Request: Displays the request headers, parameters, and message body.
  • Verify them for the expected API behavior and click Save.
Note: The webhooks configured in this section can be used in Workflows, Orchestration Templates, event-driven automations, and scheduled automations. They can also be applied directly to desired users to perform a sequence of actions on them (under Management > Advanced Management > Orchestration).