cancel
Showing results for 
Search instead for 
Did you mean: 
JCDavid
Iron II
Iron II

Google provides optionality in how its customers manage users and endpoints. In fact, it recommends JumpCloud for organizations that are migrating from a standalone Active Directory instance. 

JumpCloud provides single sign-on (SSO) to all of your resources from web apps to network devices. It also includes cross-OS device management and built-in options for patch management and remote access. 

Simply put, Google and JumpCloud are better together.

Demo Overview

There are two main integration options: use a pre-built OAuth2 integration that’s included in JumpCloud’s open directory, or use a SAML connector.

To be honest, you’ll get the most out of JumpCloud if you do both. For instance, it becomes possible to adopt phishing-proof modern authentication and a zero trust security strategy built around your assets. Admins save time by doing their tasks in a single interface and users gain a consistent experience for accessing all their JumpCloud and Google Workspace resources. 

We’re focused on the pre-built method for this walkthrough, because you’ll be able to keep Google as your source of truth and pick a few lucky “volunteers” without affecting production.

Prerequisites

Not every step here is necessary to complete this tutorial. However, if you want to experience your evaluation of this (and other) feature as if you’re implementing the product, we recommend the following:

  1. Complete the following walkthroughs (or have set up your instance with the appropriate assets on your own):
    1. Creating JumpCloud Admins
    2. Creating Groups 101 
    3. Google WorkSpace account with the appropriate administrative rights and licenses to authorize the directory synchronization.

Demo Walkthrough

Are you a visual learner? Try this simulation instead!

Step 1: Create a Directory Integration

  • Use the left-hand navigation menu to select Cloud Directories
  • Hit the plus ( + ) sign and select Google WorkSpace from the dropdown menu
  • Name the directory and hit authorize sync, which will redirect you to Google.

new-google-directory

Resources: Google Workspace Sync

 

 

Step 2: Authorizing the Sync

  • Log in as a super admin that has a strong, static password (changing passwords will break the sync)
  • Allow access for JumpCloud to manage the provisioning of users on your domain; you’ll then be redirected back to JumpCloud’s admin console.

access-google

Resources: Google Workplace Integration Overview, Sync User Attributes with Google Workspace, FAQ: Google Workspace Directory Integration, Troubleshoot: Google Workspace Integration

 

Step 3: Select and Activate Users

  • Select the users that you want to import. JumpCloud will become the password authority for those users once they login to the JumpCloud User Portal. JumpCloud manages the user and updates Google when changes to attributes or passwords are made. 
  • Users won’t be ready to manage until their user state is set to ‘active’.

Users will continue to log into Google WorkSpace directly, using Google’s MFA. Actions such as adding or suspending users can be performed in either platform, because it’s a directory sync.

directory-details-attribute-mapping

 Here’s a few more activities for your testing:

  • Export JumpCloud user into WorkSpace
  • Sync attributes and passwords
  • provision/deprovision a user

This tutorial will show you how to do it all.

Bonus Simulations

Simulation: User Portal Password Reset

Final Results

JumpCloud is now available to manage Google users. The open directory platform makes it possible for WorkSpace users to coexist with Active Directory or Entra ID identities, or even users from another IdP like Okta. All of your users will be managed from one location.

Setting up a SAML integration will make JumpCloud the default IdP. Your users will be redirected from Google to JumpCloud for access to resources, including WorkSpace, and can be assigned to managed devices. We didn’t do that today to avoid any global changes.

Get prepped now

Download the admin app to test out on-the-go features such as password resets.

 

You Might Like

New to the site? Take a look at these additional resources:

Community created scripts

Keep up with Product News

Read our community guidelines

Ready to join us? You can register here.