# JumpCloud ### What you get * **Live device inventory** — every JumpCloud-managed system (Mac, Windows, Linux) appears in Siit with hardware details, OS version, and last check-in. * **Ownership mapping** — the JumpCloud user bound to each system populates the Siit Equipment owner. * **One-click actions from any request** — Lock, Wipe, and Open in JumpCloud, from the request side panel. * **Audit trail** — every action triggered from Siit is logged on the request timeline. ### What syncs from JumpCloud | Fields | | --------------------------------------------------- | | Hostname, serial number, JumpCloud system ID | | Model, manufacturer, architecture, memory | | OS (macOS / Windows / Linux), OS version | | Bound user (email), binding date | | Active / inactive, last contact time, agent version | | FileVault / BitLocker status, MDM enrollment (Mac) | Devices are matched to Siit People using the bound user's work email. ### Actions available Available from the request side panel on any device: * **Lock device** — sends a remote lock command (Mac and Windows). * **Wipe device** — sends a remote wipe command (Mac via MDM; Windows / Linux behavior varies — see notes below). * **Open in JumpCloud** — deep-links to the system record in your JumpCloud admin portal. > **Heads up** — Wipe is irreversible and immediate. JumpCloud's wipe coverage depends on the OS: Macs enrolled in JumpCloud MDM support full wipe; Windows support requires the JumpCloud MDM agent and BitLocker; Linux systems don't support a managed wipe. Confirm the target system's OS and enrollment state before running Wipe. ### Before you connect * You'll need a JumpCloud Administrator account with at least the **System Administrator** role (or higher) to generate an API key. * Decide on the scope: Siit can sync all systems, or only those in specific JumpCloud system groups. * Make sure systems are bound to users in JumpCloud — unbound systems appear in inventory but aren't attached to a requester. ### Connect JumpCloud 1. In JumpCloud, generate an API key: * Sign in to the JumpCloud Admin Portal. * Click your initials (top right) → **My API Key**. * Click **Generate New API Key** (if you don't have one) and copy the key. 2. Copy your JumpCloud organization ID (visible under **Settings → Organization**). 3. In Siit, go to **Settings → Integrations**. 4. Find **JumpCloud** in the MDM section and click **Connect**. 5. Enter: * API key * Organization ID 6. Click **Authorize**. Siit verifies the connection and runs an initial system import. 7. Review the imported devices and click **Finish setup**. > **Tip** — If you're already connected to JumpCloud for IAM, you'll still need to run through the MDM connection flow separately. The two integrations use the same API credentials but sync different object types. ### After the connection * **Check your Equipment inventory** — go to **Resources → Equipment** and confirm the device count matches your active JumpCloud systems. * **Scope the sync** — in **Settings → Integrations → JumpCloud (MDM)**, narrow the import to specific system groups if you only want part of the fleet. * **Map device types** — confirm computers are mapped to Siit's "Computer" type. JumpCloud-managed mobile devices should map to "Smartphone" / "Tablet" where applicable. * **Try an action** — open any request and run **Open in JumpCloud** from the side panel to confirm the deep link works. ### Sync frequency JumpCloud system data refreshes automatically every few hours. Trigger an immediate refresh from **Settings → Integrations → JumpCloud (MDM) → Sync now**. Actions (Lock, Wipe) execute on demand, immediately. ### Common scenarios * **Stolen laptop.** Employee reports a stolen MacBook. Agent opens the request, sees the system in the side panel (synced from JumpCloud), and locks it in one click. * **Mixed-OS support.** A support request comes in without much context. The agent sees whether the requester's system is Mac, Windows, or Linux directly on the request — no guessing. * **Offboarding on return.** Agent runs Wipe on the returned machine from within the request, and confirms completion in the JumpCloud admin portal. ### Troubleshooting **"Invalid credentials" on connect.** The API key is wrong, revoked, or the admin owning it has been deactivated. Regenerate in JumpCloud and update Siit. **Systems missing from Siit.** Check system group scoping, and confirm the systems are active and the JumpCloud agent is checking in. **Owner field is empty.** The system has no user binding in JumpCloud, or the bound user's email doesn't match a Siit person. Bind a user in JumpCloud and confirm the email. **Wipe fails on a Windows system.** Windows wipe requires JumpCloud MDM enrollment and BitLocker. Confirm both are in place. **Wipe unavailable on a Linux system.** JumpCloud doesn't offer a managed wipe for Linux systems. Handle these manually. **Open in JumpCloud returns 403.** The admin opening the link doesn't have access to that system record. Check JumpCloud role permissions. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.siit.io/integrations/mdm/jumpcloud.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.