To connect Microsoft 365 to JumpCloud, you can use our Microsoft 365 Integration, our Microsoft 365 SAML connector, or both. Read this article to learn more about the benefits and use cases for each one and how they can be used together.
Key Differences
The following are key differences between the directory integration and SAML connector:
Microsoft 365 Directory Integration
- Is an OAuth2-based integration.
- Enables user provisioning, attribute management, and user suspension in JumpCloud.
- Lets users log in to Microsoft 365 directly.
- Requires you to configure Multi-factor Authentication (MFA) in Microsoft.
- Establishes JumpCloud as the password authority once users log in to the JumpCloud User Portal; whenever the user password or attributes change in JumpCloud, JumpCloud updates Microsoft 365.
Microsoft 365 SAML Connector
- Is a SAML 2.0-based integration.
- Requires you to manage users in JumpCloud. Every Microsoft 365 user must also be a JumpCloud user to log in to Microsoft 365.
- Directs users to log in from a JumpCloud log in page. If a user attempts to log in directly, they’re redirected to sso.jumpcloud.com.
- Requires you to configure Multi-Factor Authentication (MFA) in JumpCloud.
- Doesn’t update passwords or attributes in Microsoft 365; users are always forced to authenticate against JumpCloud.
- Requires you to sync users with the Microsoft 365 Integration.
About Our Microsoft 365 Integration
JumpCloud’s Microsoft 365 Integration uses OAuth to create a secure, persistent connection between Microsoft 365 and JumpCloud. JumpCloud becomes the authoritative source of identity, which lets you:
- Import existing Microsoft 365 users.
- Export new JumpCloud users to Microsoft 365.
- Sync user attributes and passwords between JumpCloud and Microsoft 365.
- Centralize user provisioning and deprovisioning.
- Give users one set of credentials to access JumpCloud, Microsoft 365, and other resources you’ve integrated with JumpCloud, like systems, RADIUS, and LDAP.
Learn more:
- Tutorial: M365 Directory Sync
- Read Microsoft 365 Directory Integration Overview.
About Our Microsoft 365 SAML Connector
The Microsoft 365 SAML Connector uses the Security Assertion Markup Language (SAML 2.0) to authenticate JumpCloud users to Office 365. Connect the Office 365 SAML connector to JumpCloud to:
- Manage user access to Microsoft 365.
- You can authorize user access to Microsoft 365, and you can suspend or delete user access to Microsoft 365.
- Learn more about authorizing user access to SAML applications.
- Learn more about suspending a user account or deleting a user account.
- You can’t import or export user accounts with our SAML connectors.
- You can authorize user access to Microsoft 365, and you can suspend or delete user access to Microsoft 365.
- Map user attributes between JumpCloud and Microsoft 365 so that you can customize user permissions and roles.
- Give users one set of credentials to access JumpCloud, Microsoft 365, and other resources you’ve integrated with JumpCloud, like systems, RADIUS, and LDAP.
Learn more:
Benefits of Using Both
Using both the Microsoft 365 Integration and the Microsoft 365 SAML Connector, you can centralize user provisioning, management, and deprovisioning and have fine-grained access management from JumpCloud. You save time by doing your tasks in a single interface and users gain a consistent experience for accessing all their JumpCloud and Microsoft resources.