# JumpCloud Integration

The JumpCloud integration enables Sprinto to automatically collect device and user data for compliance monitoring across your organisation.

This is a **dual-purpose integration** that supports:

* **Device Management (MDM):** Tracks device inventory, encryption status, OS versions, and compliance signals
* **Identity & Access Management (IAM):** Syncs users, groups, and SSO application access for audit visibility

Sprinto uses this integration to continuously evaluate device posture and access controls, ensuring your organisation meets compliance requirements with minimal manual effort.

***

### How it works

Sprinto connects to JumpCloud using an API key and periodically syncs device and user data.

Once connected:

1. Sprinto validates the API key using the JumpCloud organisation endpoint
2. Device inventory and system groups are fetched
3. User and access data are mapped to devices and applications
4. Compliance signals (encryption, OS version, policies, etc.) are evaluated
5. Evidence is automatically generated and mapped to controls

**Sync behaviour:**

* Initial sync starts immediately after connection.
* Subsequent syncs run periodically.
* Devices without proper group assignments may not be evaluated correctly.

***

### Features

* Automated device inventory sync across Windows, macOS, and Linux.
* Continuous monitoring of encryption, OS version, and device posture.
* Mapping of users to devices for ownership tracking.
* Sync of user groups and SSO applications for access visibility.
* Automated evidence collection for compliance controls.
* Detection of installed applications for security validation.

***

### Prerequisites

Before connecting JumpCloud to Sprinto, ensure the following:

* You have **administrator access** to your JumpCloud organisation.
* You have access to generate an **API key.**
* All devices are assigned to **device groups** in JumpCloud.
* Devices belong to supported platforms:
  * Windows
  * macOS
  * Linux

***

### Permissions required

Sprinto requires read-only access to:

* User information (name, email)
* Devices and device configurations
* System and user groups
* SSO applications and mappings

Ensure the API key has sufficient permissions to access both **devices** and **directory data**.

***

### Get your JumpCloud API key

1. Log in to the JumpCloud Admin Console.
2. Click your profile in the bottom-left corner.
3. Select **My API Key.**

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2Fv0XgL5w5IzGW2Nkt5TKJ%2FScreenshot%202026-04-01%20at%204.33.30%E2%80%AFPM.png?alt=media&#x26;token=71c2e18b-d169-4017-9159-910403061af8" alt="" width="563"><figcaption></figcaption></figure>

4. Copy the API key shown in the modal.
5. You can also click **Generate New API Key** to generate a new key.

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2F2vlIl3CcJWipssG2p0nB%2FScreenshot%202026-04-01%20at%204.33.42%E2%80%AFPM.png?alt=media&#x26;token=e11da457-1a49-4ac7-ac5c-30dcb5173384" alt="" width="563"><figcaption></figcaption></figure>

{% hint style="info" %}

#### Note

1. Store the API key securely.
2. Generating a new key invalidates the previous one.
   {% endhint %}

***

### Connect JumpCloud to Sprinto

1. Log in to the Sprinto dashboard.
2. Navigate to **Settings → Integrations.**
3. Search for **JumpCloud** in the *All* tab.
4. Click **Connect.**

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2F3KyEinpOqI6hSZ7N9pe5%2FScreenshot%202026-04-02%20at%2015.25.02.png?alt=media&#x26;token=5cf4a5e1-6360-4f92-9aa6-ec80b30855d3" alt="" width="563"><figcaption></figcaption></figure>

5. In the first drawer:
   1. Review permissions and data accessed by Sprinto.
   2. Click **Next.**

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FPLCBhVvD6IsvJ2FCejer%2FScreenshot%202026-04-02%20at%2015.26.08.png?alt=media&#x26;token=37a5689e-fe93-4708-acf4-8a680fe19639" alt="" width="375"><figcaption></figcaption></figure>

6. In the setup drawer:
   1. Enter your **JumpCloud API key.**
   2. Click **Connect to JumpCloud.**

<figure><img src="https://3220032727-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FEsyn5VMU6e0OyGjRtKgx%2Fuploads%2FSJ4QpGcfSqjyoc035z44%2FScreenshot%202026-04-02%20at%2015.27.09.png?alt=media&#x26;token=edb063bd-d52b-4bec-8ba0-570c6664fc17" alt="" width="375"><figcaption></figcaption></figure>

Once the API key is validated, the integration is successfully established.

***

### What data does Sprinto collect?

#### Device (MDM) data

<table><thead><tr><th width="208.22265625">Data Type</th><th width="317.73828125">Purpose</th></tr></thead><tbody><tr><td>Device inventory</td><td>Track all managed devices</td></tr><tr><td>OS and version</td><td>Compliance validation</td></tr><tr><td>Encryption status</td><td>Verify disk encryption</td></tr><tr><td>System groups</td><td>Categorise devices</td></tr><tr><td>Installed applications</td><td>Detect antivirus and software posture</td></tr><tr><td>User-device mapping</td><td>Identify ownership</td></tr></tbody></table>

#### Identity & Access (IAM) data

<table><thead><tr><th width="193.22265625">Data Type</th><th width="232.609375">Purpose</th></tr></thead><tbody><tr><td>Users</td><td>Identity mapping</td></tr><tr><td>User groups</td><td>Access control structure</td></tr><tr><td>SSO applications</td><td>Application inventory</td></tr><tr><td>Group memberships</td><td>Permission auditing</td></tr></tbody></table>

***

### Post-connection configuration

To ensure accurate compliance evaluation:

1. Navigate to JumpCloud device groups:
   * `Device Management → Device Groups`
2. Create or verify groups for:
   * Windows devices
   * macOS devices
   * Linux devices
3. Ensure:
   * All devices are assigned to appropriate groups.
   * No devices remain ungrouped.

**Important:**\
Devices not assigned to groups may not be included in compliance checks.

***

### Error handling and troubleshooting

#### Common issues and resolutions

<table><thead><tr><th width="187.22265625">Issue</th><th width="232.9609375">Cause</th><th>Resolution</th></tr></thead><tbody><tr><td>Invalid API key</td><td>Incorrect or expired key</td><td>Generate a new API key and reconnect</td></tr><tr><td>401 Unauthorized</td><td>Authentication failure</td><td>Verify API key format</td></tr><tr><td>403 Forbidden</td><td>Insufficient permissions</td><td>Ensure API key has device access</td></tr><tr><td>Devices not syncing</td><td>Missing group assignments</td><td>Assign devices to JumpCloud groups</td></tr><tr><td>Temporary failures</td><td>Network/API issues</td><td>Retry after some time</td></tr></tbody></table>

***

### Technical details

#### Authentication

* Type: API Key
* Header: `x-api-key: {apiKey}`
* Content-Type: `application/json`

#### Connection validation

* Endpoint: `GET /api/organizations`
* Purpose: Validate API key and organisation access.

#### Data sync coverage

* 15+ API endpoints across:
  * Device management (v1, v2 APIs)
  * Identity and access data.

***

### Additional notes

* JumpCloud is a **pre-configured provider** in Sprinto.
* Integration is available but remains inactive until configured.
* Only supported platforms are synced (Windows, macOS, Linux).
* iPads and unsupported devices are excluded automatically.
* API key is stored as provided and must be managed securely.

***

### Support

Please contact [Sprinto Support](mailto:www.support@sprinto.com) If you have any queries related to the integration or need any assistance.