Skip to main content

Automatically Fetch User Accounts without Manually Importing for JumpCloud

JumpCloud

Intoduction

JumpCloud allows you to automate user account creation and syncing without manual CSV uploads by integrating with external identity sources like Active Directory, OneLogin, Okta, Azure AD, or APIs.

Automatic User Provisioning in JumpCloud

Automatic provisioning means creating and updating user accounts in JumpCloud from another source system (e.g., your Identity Provider or directory service) using SCIM or other integrations — no spreadsheets, no forms, no manual steps.

Source System

Integration Type

Description
Active Directory (AD) AD Sync Agent Syncs users/groups from AD to JumpCloud
OneLogin / Okta / Azure AD SCIM Connector Push users via SCIM to JumpCloud
Google Workspace / HR System API Script (custom) Use API to fetch users and sync to JC

Option 1: Active Directory (AD) Sync

Description:

Use JumpCloud’s AD Sync Agent to connect your on-prem Active Directory to JumpCloud.

What It Does:

  • Automatically fetches users and groups from AD into JumpCloud.

  • Keeps user profiles updated.

  • Supports password sync and group assignments.

Steps:

    1. Install the AD Import Agent:

      • Log in to JumpCloud Admin Portal.

      • Navigate to Directory Integrations → Active Directory.

      • Download the AD SyncImport Agent.

      • Install it on your Domain Controller.Controller or a Windows server joined to the domain.

    2. ConnectInstall itthe AD Sync Agent (optional for write-back):

      • If you want to sync changes from JumpCloud usingto AD (two-way), install the Sync Agent too.

    3. Register the Agents:

      • During installation, provide the JumpCloud API key.

      • SelectApprove the agent from the JumpCloud admin dashboard.

    4. Set Up AD Group(s) for Sync:

      • Create an AD security group (e.g., JumpCloudSyncUsers).

      • Add AD users to this group. Only members will sync.

    5. Configure OU and Attribute Settings:

      • Specify which OUsOrganizational orUnits groups(OUs) to include.

      • Map attributes like email, phone, title, etc.

    6. Test and Enable Sync:

      • Run a test sync.

      • TheReview agentpreviewed continuouslyuser syncsdata usersin JumpCloud.

      • Enable production sync.

    7. Monitor Sync:

      • Use the AD Integration logs in JumpCloud to JumpCloud.monitor status.

Option 2: SCIM-Based Provisioning from OneLogin, Okta, Azure AD

Description:

If you're using a cloud identity provider, you can push users into JumpCloud using SCIM.

What It Does:

  • Auto-creates users in JumpCloud.

  • Syncs attribute updates (name, email, etc.).

  • Suspends users when removed from the source.

Steps:

  1. In OneLogin/Okta/Azure AD, add a SCIM app and configurePrepare JumpCloud asSCIM the target.Settings:

    • GetIn JumpCloud’sJumpCloud Admin Portal, go to SCIMSSO BaseApplications URL and+ BearerAdd TokenApp.

    • PasteChoose into your IdP’sCustom SCIM settings.Connector.

    • JumpCloud provides:

      • SCIM Base URL

      • Bearer Token (API key)

  2. Configure SCIM in IdP (e.g., OneLogin/Okta):

    • Create a new SCIM app integration.

    • Enter the SCIM Base URL and Token provided by JumpCloud.

    • Set provisioningthe rulesSCIM andversion assignto users.2.0.

  3. Define Provisioning Rules:

    • Choose what triggers user creation (e.g., role membership).

    • EnableAssign auto-provisioning.the app to users or groups.

  4. Enable SCIM Provisioning:

    • Turn on auto-provisioning in your IdP.

    • Confirm SCIM connection test passes.

  5. Sync Begins Automatically:

    • Users assigned in IdP are instantly created/updated in JumpCloud.

    • No manual intervention required.

 

Option 3: Custom Script Using JumpCloud API

Description:

If users are stored in another system (like Google Workspace, a database, or an HR app), use JumpCloud’s API to fetch and sync users automatically.

What It Does:

  • Programmatically creates users in JumpCloud.

  • Can run on a schedule (daily, hourly, etc.).

  • Completely hands-free after setup.

Steps:

  1. RetrieveGet JumpCloud API KeyCredentials:

    from

    • Go to Admin Portal → API Settings.Settings.

    • Copy your API Key.

  2. Write a script to:Script:

    • PullUse userPython, Bash, or PowerShell.

    • Example logic:

      • Connect to your data from your source.

      • Format the datausers as JSON.

      • UseCall POST /systemusers or PUT /systemusers/{id}.

  3. Schedule the Script:

    • On Linux: Use cron to create/updaterun users.the script hourly/daily.

    • On Windows: Use Task Scheduler.

  4. ScheduleOptional: itLog with cron (Linux)output or Taskpush Scheduleralerts (Windows).to Slack/email.

     

  • https://docs.jumpcloud.com/api/

Method No Manual Upload Real-Time Updates Deletion Sync
AD Sync
SCIM (IdPs)
Custom API (depends on job)

 

JumpCloud API

  • https://docs.jumpcloud.com/api/
Back to top