# JumpCloud Provisioning
## **Overview**
This guide covers JumpCloud Automated Provisioning with SCIM which will update and deactivate Keeper user accounts as changes are made in JumpCloud.
{% hint style="info" %}
You can configure SCIM without SSO or SSO+SCIM
{% endhint %}
## **Requirements**
To setup Keeper user provisioning with JumpCloud®, you need to have access to the [Keeper Admin Console](https://keepersecurity.com/console) and a JumpCloud® Admin account.
## User Provisioning SSO+SCIM
{% hint style="info" %}
IMPORTANT: If you want your users to authenticate via SSO / SAML 2.0 with JumpCloud, you must first configure and install Keeper SSO Connect with JumpCloud.\
\
View the full SSO Connect setup guides:\
SSO Connect Cloud: [https://docs.keeper.io/sso-connect-cloud/](https://app.gitbook.com/o/-LO5CAzoigGmCWBUbw9z/s/-MB_i6vKdtG6Z2n6zWgJ/)\
\
SSO Connect On-Prem: [https://docs.keeper.io/sso-connect-guide/](https://app.gitbook.com/o/-LO5CAzoigGmCWBUbw9z/s/-LTyMp7XGU8wh-hRPBiB/)\
\
Once Complete, proceed to **Step 8:** in the guide below.
{% endhint %}
{% hint style="info" %}
If you just want to provision users via SCIM provisioning without SSO, proceed to the guide below.
{% endhint %}
## User Provisioning (SCIM)
### **Configuration Steps**
### Step 1: Add SCIM Provisioning Method for JumpCloud®
Navigate to your Keeper Admin console and add the **SCIM Provisioning Method** to your desired "**Node**".
Add SCIM for JumpCloud
### Step 2: Select SCIM Provisioning Method
Select "**SCIM (System for Cross-Domain Identity Management)**" and select "**Next**".
Select SCIM
### Step 3: Generate SCIM Token
At the next screen select "**Generate**" to generate your Token to connect your SCIM provisioning method.
### Step 4: Save SCIM Provisioning Method
At the next screen, you will be presented with your URL and Token. You will need this information, for future use, to configure the SCIM section of the Keeper SSO Application within JumpCloud®. Select "**Save**".
You will now see your SCIM Provisioning Method in a **Pending** State.
SCIM Pending
### Step 5: Add Keeper Application to JumpCloud®
Navigate to your JumpCloud® **Admin Console -> SSO** and select the **Plus Sign** to add **Keeper Password Manager** to the list of your SSO applications.
### Step 6: Configure Keeper Application
On the "**Configure New SSO Application**" page, search for **Keeper Security** in the search bar. Select **Configure** on the right hand side of Keeper Application.
### Step 7: Activate Keeper Application
Under "**General Info**", provide your Keeper application a **Display Label** such as "**Keeper EPM**" in the provided field and then select "**activate**".
You will now see your Keeper application in an active status.
### Step 8: Configure SCIM within Keeper Application
Click on the active Keeper application and within the Keeper App Configuration, scroll down to the bottom and select "**Configure**" under the "**Identity Management Section**".
### Step 9: Activate SCIM
This is where you will supply the previously generated URL and Token within the SCIM Provisioning Method in your Keeper Admin Console.
To enable Team Provisioning, click on "Enable management of User Groups..."
### Step 10: Save Keeper Application
Select "**save**".
User and Team provisioning with JumpCloud is complete. Moving forward, new users who have been configured to use Keeper, in JumpCloud and are within the provisioning scope definitions, will receive invites to utilize the Keeper Vault and will be under the control of JumpCloud.
{% hint style="info" %}
SCIM-provisioned teams are not immediately created but rather put into a “Pending Queue” where they are finalized by one of several approval methods.
[Click here to read about Team and User Approvals](https://docs.keeper.io/en/enterprise-guide/user-and-team-provisioning/approval-queue)
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.keeper.io/en/enterprise-guide/user-and-team-provisioning/jumpcloud-provisioning-with-scim.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
