Teams and business

Connect JumpCloud to 1Password SCIM Bridge

Learn how to set up and use 1Password SCIM Bridge to integrate with JumpCloud.

the JumpCloud logo

With 1Password Business, you can integrate 1Password with JumpCloud to automate many common administrative tasks:

Provision

  • Create users. Users created in JumpCloud will also be created in 1Password.
  • Update user attributes. Changing user attributes in your directory will change the mapped attributes in 1Password.
  • Deactivate users. Deactivating a user or disabling the user’s access to 1Password in JumpCloud will suspend the user in 1Password.

Import

  • Import users. Users created in 1Password will be matched against existing JumpCloud users.

Sync groups

  • Push groups. Groups created in JumpCloud will also be created in 1Password, and group membership changes in JumpCloud will also be made in 1Password.

To get started, sign in to your account on the JumpCloud Administrator Portal  and follow these steps.

Before you begin

Before you can integrate 1Password with JumpCloud, you’ll need the following:

Step 1: Add the 1Password Business application to JumpCloud

To add the 1Password Business application to JumpCloud:

  1. Click SSO Applications in the User Authentication section in the sidebar.
  2. Choose Add New Application and search for 1Password.
  3. Choose 1Password from the results, then click Next.
  4. Enter 1Password Business for the display label.
  5. In the Bookmark URL field, enter the sign-in address for your 1Password Business account. For example: https://example.1password.com.
  6. Click Save Application, then click Configure Application.

Step 2: Configure the application

2.1: Set up the integration

On the Identity Management tab of the 1Password Business application, follow these steps:

  1. Make sure Enable management of User Groups and Group Membership in this application is turned on.

  2. Click Configure in the Configuration Settings section.

  3. Fill out the following fields:

    Base URL: Enter the URL of your SCIM bridge (not your 1Password account sign-in address). Make sure the URL uses https and doesn’t include a forward slash (/) at the end. For example: https://scim.example.com

    If you don’t know your URL, make sure you’ve set up and deployed the SCIM bridge.

    Token Key: Enter the bearer token for your SCIM bridge.

    Learn what to do if you don’t have your bearer token.

  4. Click Activate.

Configure the 1Password Business application

2.2: Set up provisioning to 1Password

  1. Choose the User Groups tab.
  2. Select the groups you’d like to provision to 1Password, then click Save.
Configure groups in the 1Password Business application

Next steps

When you turn on provisioning, groups you selected in step 2.2 will be provisioned to 1Password. JumpCloud users are linked to 1Password accounts by matching their email addresses. If a team member doesn’t use their JumpCloud email address with their 1Password account, they’ll be invited to 1Password again, so make sure any affected team members update their email address before you turn on provisioning.

If you have existing groups in 1Password that you want to sync with JumpCloud, add them to the groups managed by provisioning:

  1. Sign in to your account on 1Password.com.
  2. Choose Integrations in the sidebar and choose Automated User Provisioning.
  3. Choose Manage in the Managed Groups section, then select the groups to sync.

If you’ve previously used the SCIM bridge, make sure to select any groups that were already synced with JumpCloud. This will prevent problems syncing with your identity provider, including duplicate groups.

Manage your settings

To manage assigned users and groups, open the 1Password Business application and click User Groups.

  • To add or remove a user group, select or deselect the checkbox beside the group you want to add or remove, then click Save.
  • To add or remove a user, click the group where you want to add or remove a user. In the configuration panel for the group, click Users. Select or deselect the checkbox beside the user you want to add or remove from the group, then click Save.

Learn more about how to authorize users to an application in JumpCloud. 

To turn off synchronization, open the 1Password Business application and click Deactivate IdM connection. Click Confirm, then click Save.

Learn more about using JumpCloud for identity management with 1Password. 

Get help

If users and groups aren’t being provisioned, make sure provisioning is turned on in your 1Password account:

  1. Sign in to your account on 1Password.com.
  2. Choose Integrations in the sidebar.
  3. Choose Automated User Provisioning.
  4. Make sure Provisioning users & groups is turned on.

If you update the bearer token for your SCIM bridge, you’ll also need to update it in JumpCloud:

  1. Open the 1Password Business application.
  2. Click Deactivate IdM connection, then click Confirm.
  3. Click Identity Management, then click Configure.
  4. Enter the URL of your SCIM bridge and your new bearer token.
  5. Click Activate, then click Save.

Published: