JumpCloud Groups

How to manage on-demand, temporary membership to JumpCloud groups

Overview

If your organization manages access to apps and accounts using IdP groups, for example by adding users to shift groups, you can now create Access Flow to control who can request temporary group membership.

Upon approved request, Apono will add users to groups and remove them after the access time is up.

Prerequisites

  • JumpCloud - Super Admin privilege to the Okta Admin Console
  • Cloud Provider/K8S - Create secret privileges in cloud provider or Kubernetes secrets manager
  • JumpCloud admin API Key

Integrating JumpCloud groups

1. Get API Token from the JumpCloud Admin UI

  1. Log in to your JumpCloud organization with the Apono dedicated admin user
  2. Click on your Profile (icon with your initials)
  3. In the menu click My API Key
  4. Copy the admin API Key

2. Create a secret

  1. Go to your cloud provider secret manager and create a new secret
  2. In the secret content store the following fields:
    Key: token
    Value: The JumpCloud admin API token you copied in the previous step
  3. Tag the created secret with the following tag:
    Key: apono-connector-read
    Value: true
  1. Store the newly created secret

πŸ‘

You can also use an existing secret you've already created for Apono

3. In Apono - Connect JumpCloud integration

  1. Go to the Apono Catalog
  2. Under Resources, find the JumpCloud integration
  3. Click the integration
  4. Give the integration a name
  5. In Select Connector, choose a connector from the list of connectors or add a new connector
  6. In the Secret Store section, choose the secret store location you created in step 2. You can also use an existing secret you've already created for Apono
  7. Click Connect
  8. That's it!