Settings within the Admin Portal give IT Admins quick access to update the features and resources important for their organization and users. Accessing your Settings is the same for each feature; however, the navigation between tabs will differ. Dive in and learn more about the Admin Portal's Settings below.
Accessing Your Settings
- Log in to your JumpCloud Admin Portal.
- Click on Settings at the bottom of the left-hand navigation panel.
- There are five tabs under Settings that you can click between. Some have their own menu of features on the right hand side. Click between the tabs and features you want to view and update.
- Once you are finished making updates in a given tab, click Save.
Organization Profile
Your Organization Profile houses general settings that your user’s will encounter, like the company logo, enabling read-only access for users, along with user portal session timeout and requesting to delete the organization.
General
To name your Organization:
- Under Settings > Organization Profile > General section, you can apply an Organization Name, Contact Name and Contact Email.
- Various emails will include a contact link to this contact name and email.
To access your Organization ID:
- To view and/or copy your Organization ID, click the ‘eye’ icon to remove the obscured view.
- Click the ‘double page’ icon to copy the ID.
Customize Logo
- You can click Choose A File, or Upload/Drag & Drop a .png or .jpg with a transparent or white background. You can see what your logo will look like in communication from JumpCloud to your org’s users under Preview Logo.
Logos must meet a minimum resolution of 400px X 400px and have a max file size of 780 KB.
- Click Save if these are your only changes.
User Portal Settings
You can give your users read-only access in their User Portal, and/or allow them to download the JumpCloud agent directly from their User Portal.
- Check/Uncheck Enable/Disable read-only on the user portal’s profile page for all users to limit their access.
- Check/Uncheck Allow/Unallow all users to access the system agent installer through their User Portal so they can download the JumpCloud agent directly from their User Portal. Learn more: Enable Users to Install the Agent.
- Click Save if these are your only changes.
User Portal Session Duration
You can adjust the duration that the User Portal stays active before the session expires and the user is required to log in with their credentials again. This ensures that an idle device can't be used by malicious parties to access sensitive data.
The default value for User Portal Session Timeout is 8 hours.
Considerations:
- Activity is defined as interactions with the server, like launching applications (Identity Provider and Service Provider initiated) or updating user information.
- Updates to the duration settings won’t affect a user’s current session but will apply the next time they log in.
- The duration settings currently apply to all factors of authentication enabled for a user.
- The duration settings apply only to the JumpCloud User Portal. In many cases, setting duration must be defined on the Service Provider side (ex: AWS, Slack etc).
- When the browser session is terminated, the User Portal session will also be terminated.
To set User Portal Session Duration:
- Set a User Portal Session Duration in Days, Hours or Minutes specifying how long you want the User Portal to stay active before going idle and prompting users for their login credentials.
Minimum = 1 minute, and Maximum = 90 days.
- Click Save if these are your only changes.
The default value for Admin Portal session timeout is 60 minutes. The session length is not configurable.
Administrator Management
Administrators can have SSO with Google enabled in their Admin Portal so they save time by using one set of credentials to access their admin portal.
To enable SSO with Google for Admins:
- Leave Disable SSO with Google on Admin Portal unselected to give admins access to their admin portal through one set of credentials.
- Click Save if these are your only changes.
To disable SSO with Google for Admins, see Disable Google SSO in the Admin Portal.
Each Administrator will need to connect their Google account to be able to log in to JumpCloud with Google.
To connect your Google account:
- From the Administrators tab, select the administrator to edit.
- In the Edit Administrator panel, scroll to Account Settings, then click Connect.
- Follow the Google prompts to connect your account.
- When your account is connected, click Sign in with Google on the JumpCloud Administrator login screen to sign in using your Google credentials.
Delete the Organization
Organization deletions are fully destructive and non-recoverable.
To delete the organization:
- Click Request to Delete to submit a deactivation ticket. You will be prompted to enter the organization’s name to confirm the delete request.
- Note: Support will reach out to you to confirm the account details for the deletion. In the meantime, remove all users and devices from this organization. Learn more: Deleting your Organization from JumpCloud.
- Click Make Request.
Security
See Manage Password and Security Settings.
Administrators
View emails, roles, and Multi-Factor Authentication (MFA) status of each administrator in your organization, search for specific administrators to see these details, or create a new administrator.
To create a new administrator:
- Under Settings > Administrators, click on the plus button in the top left corner.
- Under Details, add a First Name & Last Name (not required), add an Administrator Email Address* (required).
- Under Permissions, set the Role for the administrator. Learn more: Admin Portal Roles.
- Under Security, you can toggle between Multi-factor Authentication Not Required or Multi-factor Authentication Required.
- Click Save if these are your only changes.
To edit an existing administrator:
- Under Settings > Administrators, click on the Admin that you want to edit.
- You can edit the First Name, Last Name, Administrator Email Address, change their Role, and if you need to reset TOTP for your account, you can click Send TOTP Reset Email to initiate the reset. You will be prompted to confirm that you want to reset your TOTP, click Send.
- From here, you can also toggle between Multi-factor Authentication Not Required or Multi-factor Authentication Required.
- If you need to reset your password, under Account Settings, click on Send Password Reset Email, you will be prompted to confirm that you want to reset your password, click Send.
- Click Save if these are your only changes.
Note: This action is immediate and will remove this administrator's access to the Admin Portal.
- Under Settings > Administrators, click on the admin that you want to delete.
- Click Delete Account, you are prompted to confirm deletion, click Delete.
Customize Email
JumpCloud sends emails to users to notify them of various events. You can customize some of these emails to look and sound more like your organization.
This feature is only available to paid customers. Free customers that have previously customized emails will see your templates in a read-only state in Settings > Customize Email in your Admin Portal. Emails will continue to be sent to users with the existing customized content as displayed in the Settings > Customize Email page. Templates may be reverted to the JumpCloud default content at any time.
Considerations:
- Non-Latin characters are supported.
- HTML isn’t supported.
Email Disclaimer
The Email Disclaimer is used in all email communication, regardless of whether they have customized email content or not.
- Under Settings > Customize Email > Email Customization > Email Disclaimer you can add a message that will be added to the bottom of all communication from JumpCloud to your organization’s users.
- You can see a preview of what the disclaimer will look like on the email by toggling Template Preview on. It will be seen at the bottom of the email right above Powered by JumpCloud.
Choose a Template
- Under Settings > Customize Email > Choose a template, select which Email Template you’d like to customize. The available templates are:
- Password Expiration Warning: This email encourages users to reset their password before an upcoming expiration date.
- Lockout Notice: This tells users when they’ve been locked out of their account after multiple failed login attempts.
- Password Expiration: This tells users that their password has expired and needs to be reset.
- Password Reset Confirmation: This email confirms a recent password change.
- Password Reset: This asks new users to activate their account or reset their password.
- Activation Email: This asks new users to activate their account.
- Welcome Email – Google Workspace: This is sent to users when they are bound to Google Workspace.
- Welcome Email – M365/Azure AD: This is sent to users when they are bound to M365/Entra ID.
When adding users via Entra sync or the API, a welcome email is sent to users, but that email is not customizable.
Email Content
- Under Settings > Customize Email > Email Content, you can view and modify the content of the currently selected Email Template. Tokens can be included in the various fields and the token’s value at the time each email is sent will replace the token. This allows for greater customization.
- The following email fields are customizable:
- Subject: Content for the email’s subject line.
- Title: Content for the email’s title that appears at the top of the email.
- Header: Content for the email’s header that appears after the title and before the message content.
- Message: Content for the email’s main message.
- Button Call to Action: Content for a button in the email message that calls for users to take an action, like Reset Your Password.
- Footer: Content for the email’s footer that appears below the message content.
- Click Save if these are your only changes.
Click the Reset to Default Content to revert all of your changes back to the default JumpCloud content.
Available Tokens
Tokens are variables that are replaced with attributes for your organization or your JumpCloud managed users. You can add tokens to email templates to include content that's specific to your organization.
Considerations:
- If you mistype a token, it appears as plain text in the Template Preview. Valid tokens appear as links.
- If a token attribute isn’t defined for your organization, the token appears as blank space in the email.
- Tokens must be included exactly as they appear in the following list or they appear as plain text in emails.
You can include the following tokens in your email templates:
#{admin_email_link} | This token is populated by your organization’s contact name and contact email. It shows the contact name with a mailto link to the contact email. If you don’t have both the contact name and contact email defined for your organization, this token appears as a blank space in the email. You can update these on the Organization Profile tab in the Settings page. |
#{contact_email} | This token is populated by your organization’s contact email. If you don’t have a contact email defined for your organization, this token appears as a blank space in the email. You can update your organization’s contact email on the Organization Profile tab in the Settings page. |
#{contact_name} | This token is populated by your organization’s contact name. If you don’t have a contact name defined for your organization, this token appears as a blank space in the email. You can update your organization’s contact name on the Organization Profile tab in the Settings page. |
#{expiration_day} | This token is populated with a password’s expiration date and is only available for the Password Expiration Warning template. |
#{first_name} | This token is populated by the receiving user’s first name. If you don’t have a first name defined for the user, this token appears as a blank space in the email. |
#{lockout_source} | This token identifies the source of the last login failure that triggered the Lockout Email. This is either; the System Display Name of the user’s managed device, or User Portal. |
#{org_name} | This token is populated by your organization’s name. If you don’t have a name defined for your organization, this token appears as a blank space in the email. You can update your organization’s name on the Organization Profile tab in the Settings page. |
#{user_email} | This token is populated by the receiving user’s email. This field is required, so it should always show in emails. |
#{user_name} | This token is populated by the receiving user’s JumpCloud username. This field is required, so it should always show in emails. |
#{user_company_email} | This token is populated by the user’s Company email. It is a required field, so it should always display. This token is only available for the Activation Email template. |
Features
View trial information and quickly see directory activity and system intelligence data across your organization with Directory Insights and System Insights.
Features You’re Trying
See a list of trials you have underway under Features You're Trying. Features appear in order of trial start date, with the latest at the top.
Learn more about trials:
JumpCloud Go
JumpCloud Go enables secure, passwordless login to JumpCloud web-based resources on managed devices. With the JumpCloud Go browser extension installed, users can verify their identity with their device authenticator (Apple Touch ID and Windows Hello). JumpCloud Go authentication also satisfies any User Portal portal MFA requirements.
To learn more about JumpCloud Go:
Directory Insights
Directory Insights is JumpCloud's event logging and compliance feature. Quickly see directory activity and system intelligence.
You can use our RESTful API, PowerShell Module, and Administrator Portal to access event logs, see activity happening in your directory, and monitor user authentications to the User Portal, SAML SSO applications, RADIUS, and LDAP.
To enable Directory Insights:
Prerequisites:
- Directory Insights is included in some of our package plans. See JumpCloud Pricing for information on our package plans.
- To enable Directory Insights for your account, current customers can contact us at [email protected]. New customers can contact us at [email protected].
To view your current Directory Insights status:
- Under Settings > Features, see the status of Directory Insights.
Learn more about Directory Insights:
- Directory Insights
- View Directory Insights Data Activity Log
- Directory Insights API
- JumpCloud Directory Insights AWS Serverless Application
System Insights
JumpCloud’s System Insights extends device management by providing telemetry across your fleet of macOS, Windows and Linux devices. You can easily gather information from JumpCloud managed devices with our RESTful API and PowerShell Module.
You can use the System Insights feature to:
- Easily take stock of your suite of devices and the state of the machines in your organization.
- See inventory information like vendor, model, serial number etc.
- Query system endpoints to resolve issues proactively without having to interrupt employees.
- Provide information to auditors to prove that systems in your organization are compliant.
- Gather information about device uptime to leverage when diagnosing issues.
- Allow security and DevOps teams to interrogate machines to look for security vulnerabilities.
- See which devices are protected by disk encryption and which need to be updated with it.
Prerequisites:
- System Insights is included in some of our package plans. See JumpCloud Pricing for information on our package plans.
- To enable System Insights for your account, customers with free accounts can contact us at [email protected], and customers with paid accounts can contact their Account Manager. New customers can contact us at [email protected].
- System Insights only supports 64-bit operating systems.
To enable System Insights:
- Under Settings > Features, toggle System Insights On or Off.
- Under Auto enable System Insights on new devices, select which devices (macOS, Windows & Linux) you’d like to enable this feature on. New devices added to JumpCloud will automatically have System Insights enabled.
- Note: Devices that existed in your account prior to you turning on Auto Enablement require that you manually enable System Insights for an individual device.
- Click Save if these are your only changes.
Learn more about System Insights:
Remote Assist
JumpCloud Remote Assist is a cloud-based remote support solution from JumpCloud for IT teams. As an IT Admin with Manager role permissions or higher, you can remotely view and control the end user’s device for troubleshooting, maintenance or training purposes.
For more information, see Get Started: Remote Assist.
Learn more about Remote Assist:
- FAQ: Remote Assist
- Understand the Remote Assist Agent
- Grant Screen Recording and Accessibility Permissions for the Remote Assist Agent for macOS Devices