--- title: JumpCloud API Integration on Truto slug: jumpcloud category: SSO canonical: "https://truto.one/integrations/detail/jumpcloud/" --- # JumpCloud API Integration on Truto **Category:** SSO **Status:** Generally available ## Unified APIs ### Unified HRIS API - **Companies** — Companies represent the companies in HRIS - **Employees** — Represents an employee in HRIS - **Groups** — Groups represent the groups for an Employee ### Unified User Directory API - **Groups** — Groups are a collection of users in the source application. In some applications, they might also be called Teams. - **Organizations** — Organizations are the top level entity in the source application. Users are associated with an organization. - **Roles** — The Role object represents a role of a User. - **Users** — The User object represents a User. ## How it works 1. **Link your customer's JumpCloud account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach JumpCloud.** The Proxy API is a 1-to-1 mapping of the JumpCloud API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Automate employee provisioning from HR workflows** — HR and onboarding platforms can push new hire data into JumpCloud to automatically create user accounts, assign group memberships, and trigger downstream access provisioning — eliminating manual IT setup for every new employee. - **Sync directory groups for role-based access control** — SaaS applications can pull JumpCloud user groups and organizational structures to automatically map customers' internal teams to in-app roles and permissions, so enterprise buyers never have to manually recreate their org chart inside your product. - **Enforce real-time deprovisioning for compliance** — Security and compliance platforms can continuously sync user status from JumpCloud to detect suspended or deleted accounts, ensuring that off-boarded employees lose access to connected SaaS tools immediately and audit trails stay clean. - **Power compliance reporting with directory data** — GRC and compliance automation products can read user, group, and organization data from JumpCloud to generate evidence that MFA is enforced, access reviews are current, and terminated users have been fully deprovisioned across all systems. - **Enrich IT helpdesk context with identity data** — ITSM and helpdesk tools can query JumpCloud user and group information to surface employee details, department, and role context directly inside support tickets — reducing resolution time for IT agents. ## What you can build - **One-click directory import** — Let your customers connect their JumpCloud account and instantly import their full user directory — including departments, managers, and group memberships — into your application. - **Automated group-to-role mapping** — Map JumpCloud user groups to permission levels in your product so that when a customer's IT admin moves someone into the 'Engineering' group, they automatically get the right access in your app. - **Real-time user lifecycle sync** — Continuously sync user status changes from JumpCloud so that suspended or deleted accounts are automatically deactivated in your product without manual intervention. - **Org-aware multi-tenant onboarding** — Read JumpCloud organization data to support customers and MSPs who manage multiple sub-organizations, enabling tenant-aware setup during onboarding. - **Employee profile enrichment** — Pull employee attributes like title, department, manager, and employment status from JumpCloud via the Unified HRIS API to enrich user profiles inside your application. - **Access review dashboard** — Build an audit-ready view that lists every user and their group memberships sourced from JumpCloud, helping your customers' security teams run periodic access reviews. ## FAQs ### Which Unified APIs does Truto support for JumpCloud? Truto supports JumpCloud through the Unified HRIS API (Companies, Employees, Groups) and the Unified User Directory API (Groups, Organizations, Roles, Users). Additional tools and endpoints can be built on request. ### How does authentication work for JumpCloud integrations? JumpCloud's API uses API key-based authentication. Truto handles the auth flow so your end users can securely connect their JumpCloud account without you managing key storage or rotation. ### Can I read and write data to JumpCloud, or is it read-only? The specific operations available depend on the Unified API models in use. Truto's Unified HRIS and User Directory APIs support standard read operations across users, groups, and organizations. Write operations or custom endpoints can be built on request to match your use case. ### How does Truto handle pagination and rate limits for JumpCloud? Truto abstracts away JumpCloud's API pagination and rate limiting. You query Truto's Unified API and get consistent, paginated responses without needing to manage JumpCloud-specific cursor logic or retry strategies. ### What if I need JumpCloud data that isn't covered by the Unified APIs? Truto can build custom tools and proxy requests for JumpCloud API resources not yet covered by the Unified APIs — such as device/system data or directory insights. These are built on request and scoped to your specific integration needs. ### Do my end users need admin access in JumpCloud to connect? Yes, the connecting user typically needs API administrator privileges in their JumpCloud organization to generate the API key required for the integration.