Background

Twingate integrates with JumpCloud in order to both synchronize user accounts and delegate user authentication to JumpCloud. Only users and groups associated with the Twingate app in JumpCloud will be able to use Twingate and access private Resources.

Twingate delegates the following functions to JumpCloud:

• User authentication via SAML
• User and group synchronization via SCIM

Steps to configure the JumpCloud Twingate integration

• Create the Twingate application in the JumpCloud admin console.

• Complete and validate the integration configuration in the Twingate Admin Console: follow the instructions to exchange metadata (via the Twingate-provided .xml file as well as the JumpCloud-provided metadata URL), set the login URL within JupmCloud, and select an initial group of JumpCloud users to sync to Twingate.

• Set up user provisioning via the SCIM protocol by copying the Twingate-provided SCIM endpoint and token into the Identity Management section in JumpCloud’s Twingate application.

Completing these steps will ensure that your users will be provisioned by and can authenticate through JumpCloud.

Selective Group Sync

After completing the initial integration of JumpCloud and Twingate, you can change which groups you want to automatically sync from JumpCloud into Twingate.

• In the JumpCloud admin portal, click SSO Applications under the User Authentication menu
• Click on the Twingate application in JumpCloud
• Click on the User Groups tab
• Check the boxes next to any group that you want to sync
• Click Save

Once saved, the groups will sync automatically to Twingate, along with any user members of those groups.

Renewing JumpCloud certificates

In the case that you need to renew a JumpCloud certificate, you can do so by:

• In the Twingate Admin Console, select “Renew Certificate”
• Renew the certificate in the Twingate application within JumpCloud
• In the modal opened up in the Twingate Admin Console, select “Confirm Certificate Renewal”