The Factorial integration creates efficiencies for HR and IT, and improves security by automating user identity management workflows. This integration allows HR and other Factorial Admins, to create users and sync key user data to JumpCloud, where IT can utilize workflows and dynamic groups to manage access, policies and permissions to all the resources the user needs to be productive.
Prerequisites
- Administrator account in Factorial
- A JumpCloud API key to connect Factorial and JumpCloud.
Important Considerations
- Syncs from Factorial to JumpCloud happen as changes are made to the attributes that sync.
Preparing for the Factorial integration
To create a new JumpCloud Admin account for the Factorial Integration
- Log in to the JumpCloud Administrator Portal with an administrator account.
- Click your initials in the top right corner.
- Select Administrators.
- Click the green + icon.
- Enter a first name, such as ‘Factorial’.
- Enter a last name, such as ‘Integration’.
- Enter the email address you want associated with this account.
- Select Administrator for the Role.
- It is recommended that you enable Multi-factor Authentication Required.
- Click Save.
- Go to the inbox of the email address specified for this account.
- Find the JumpCloud Administrator Account Setup email.
- Click Setup Account in the email.
- Enter a password in the Password and Confirm Password fields.
- Check the box to agree to the Terms of Use.
- Click Reset Password.
- If the option to require Multi-factor Authentication was enabled, do the following:
- Follow the instructions to download JumpCloud protect if you don’t have it or another Authenticator app.
- Otherwise, click I Have An App.
- Add the JumpCloud account.
- Verify the TOTP code from the Authenticator app.
- Click Submit.
To get your JumpCloud API Key
Note: The Admin API key needs to belong to an Admin that has one of the following roles; Manager, Administrator or Admin with Billing. Creating an administrator service account with one of these roles is one way to ensure the integration isn't dependent on a specific admin account.
Once a new API key is generated, this revokes access to the current API key.
- Log in to the JumpCloud Admin Portal with the administrator account you want to use to generate the API key for this integration.
- Click your initials in the top right corner.
- Select My API Key.
- Click on Generate New API Key.
- Copy the API Key and store it securely, or leave this tab open while you complete the integration configuration steps in the SP.
This is the only time your API key will be visible to you. Store it somewhere safe, such as the JumpCloud Password Manager, so you can access it later.
Connecting the JumpCloud app in Factorial
- Login to Factorial with an administrator account.
- Click Marketplace from the left navigation menu.
- Search for and select JumpCloud.
- Click Install.
- Follow the instructions.
Syncing users data from Factorial to JumpCloud
User information syncs whenever the following occurs:
- User is added to Factorial
- Name or email address is updated in Factorial
- User is terminated in Factorial
Factorial Attributes that Sync
Factorial Value | JumpCloud Attribute | JumpCloud UI Field Name | Notes |
---|---|---|---|
Work email | Company Email | Required. Users will not sync if a work email address is not defined. (max length 1024) | |
N/A | username | Username | The user name is set to Firstname.Lastname. If the username already exists in your JumpCloud organization, a number will be appended to the last name (e.g., alpha.zed1) |
First Name | firstname | First Name | |
Last Name | lastname | Last Name |
Managing user access and access policies for JumpCloud managed resources
Once users are created in JumpCloud, you can grant them access to any of the resources connected to JumpCloud from a device to applications, networks, etc. User, device, and policy groups allow you to more efficiently assign resources to users and control the level of permissions they are given. Access policies allow you to control how, on what device, and from where they can access their assigned resources.
All user access and access policy management for JumpCloud managed resources is done directly in the JumpCloud Admin Portal or through the JumpCloud API. For more information see, Get Started: Users, Get Started: User Groups, and Get Started: Conditional Access Policies.
Managing devices and policies
Using JumpCloud's device management features will allow you to control settings on your devices, including Firewalls, Disk Encryption, Security Settings and common compliance policy groups.
All device and policy management actions are done directly in the JumpCloud Admin Portal or through the JumpCloud API. For more information, see Get Started: Devices and Get Started: Policies.
Activating a user in JumpCloud
A user in the Staged user state in JumpCloud does not have access to their assigned resources. Once a user has been assigned a device, policies, and all other needed JumpCloud managed resources, the user will need to be activated in JumpCloud to gain access to those resources. For more information about activating a user, read Manage User States.
- Log in to the JumpCloud Admin Portal with an administrator account.
- Go to USER MANAGEMENT > Users.
- Select the user you want to activate.
- Click the dropdown menu next to Staged above the Security Status section in the left panel.
- Select Activate.
- Click Schedule Activation to activate the user on a future date and time or Activate Now to activate the user immediately.
For Scheduled Activation, the time must be at least one hour in the future.
- Select and populate the Send email to field to notify the user of their JumpCloud account activation.
- Click Save.
Troubleshooting
Coming soon!