Ctrlk
Help centerAPI referenceChangelogWebsiteLoginBook a demo

JumpCloud

Connect JumpCloud to Siit to sync your users and groups, and run identity actions — add to group, reset password, reset MFA — directly from Siit request side panels, workflows, and IT Agent playbooks.

What you get

  • Live directory — JumpCloud users and User Groups sync into Siit with profile attributes and group memberships.

  • Identity actions from any request — add to group, reset password, reset MFA, directly from the request side panel.

  • Workflow-driven automation — use JumpCloud actions in any workflow, with approvals where needed.

  • IT Agent native support — JumpCloud actions are first-class in IT Agent playbooks.

What syncs from JumpCloud

Category
Fields

Identity

First name, last name, email, username, JumpCloud user ID

Profile

Job title, department, manager, location, employee type

Groups

User Groups, memberships

Status

Active / suspended

Work email is the canonical identifier.

Actions available

  • Add user to group

  • Remove user from group

  • Reset password (sends reset email)

  • Reset MFA (clears enrolled factors, forces re-enrollment)

  • Suspend user

  • Activate user

Actions are available from the request side panel, in workflows, and in IT Agent playbooks. Sensitive actions can be gated behind approvals.

Note on device and system management

JumpCloud can also manage devices, SSH keys, LDAP, and RADIUS. Siit's integration currently focuses on identity (users, groups, password / MFA). If you rely on JumpCloud for device management and want those actions in Siit, reach out via in-app chat — we're collecting interest.

Before you connect

  • You'll need a JumpCloud Administrator account with at least the User Admin with Billing role (or higher) to generate an API key.

  • Decide which admin's API key Siit will use. The integration inherits that admin's permissions.

Connect JumpCloud

  1. In JumpCloud, generate an API key:

    • Sign in to the JumpCloud Admin Portal.

    • Click your initials (top right) → My API Key.

    • Click Generate New API Key (if you don't have one) and copy the key.

  2. In Siit, go to Settings → Integrations.

  3. Find JumpCloud in the IAM section and click Connect.

  4. Paste the API key and your JumpCloud organization ID (visible under Settings → Organization in JumpCloud), then click Authorize.

  5. Siit runs an initial import of users and groups.

  6. Review the imported data and click Finish setup.

Tip — API keys in JumpCloud are tied to a specific admin user. Use a dedicated service admin account rather than a personal one so the integration survives admin turnover.

After the connection

  • Check your People list — confirm user counts match JumpCloud's active users.

  • Scope the groups — in Settings → Integrations → JumpCloud, you can scope which User Groups are synced if you only want a subset.

  • Try an action from a request — open any request and use the side panel to add the requester to a group.

  • Build a workflow — a classic starter: access request → manager approval → JumpCloud add to group → DM confirmation.

Sync frequency

JumpCloud data refreshes automatically every few hours. Trigger an immediate refresh from Settings → Integrations → JumpCloud → Sync now. Actions run on demand, immediately, when triggered.

Common workflows

Access request. Trigger: Request submitted (service = "Request group access"). Actions: manager approval → JumpCloud add to group → DM requester.

Password reset (self-service). Trigger: Request submitted (service = "Reset password"). Actions: identity verification → JumpCloud reset password → close request.

MFA reset. Trigger: Request submitted (service = "Reset MFA"). Actions: manager approval → JumpCloud reset MFA → DM requester with re-enrollment instructions.

Day-1 onboarding (with HRIS). Trigger: Start date. Actions: JumpCloud add to baseline groups → notify manager.

Offboarding on end date. Trigger: End date. Actions: JumpCloud remove from all groups → suspend user → equipment pickup request.

IT Agent integration

JumpCloud actions are available inside IT Agent playbooks via slash commands:

  • /jumpcloud add to group

  • /jumpcloud reset user password

  • /jumpcloud reset user mfa

See IT Agent for playbook examples.

Troubleshooting

Connection fails with "invalid credentials". The API key is wrong, revoked, or the admin owning it has been deactivated. Regenerate in JumpCloud and update in Siit.

Users missing from Siit. Check whether suspended users are excluded (they are by default) and whether the admin's role has access to all user groups you expect.

Group not visible in the action picker. It's likely scoped out. Review group scope in Settings → Integrations → JumpCloud, or confirm the group exists in JumpCloud (User Group, not System Group).

Reset password action didn't send an email. JumpCloud sends the reset to the user's primary email; confirm the email is valid and the user's account is active.

Action fails in a workflow. Open the workflow run in Workflows → [workflow] → Runs — the JumpCloud error response is shown inline. Common causes: admin role lacks MFA management permission, or the user is already suspended.

PreviousOktaNextHRIS

Last updated