JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business's employees and the systems and IT resources to which they require access.
This document provides information about the JumpCloud connector, which facilitates automated interactions, with a JumpCloud server using FortiSOAR™ playbooks. Add the JumpCloud connector as a step in FortiSOAR™ playbooks and perform automated operations, such as automatically creating and running a new command on JumpCloud, and retrieving details of systems, users, organization, and commands from JumpCloud.
Connector Version: 1.0.0
FortiSOAR™ Version Tested on: 5.0.1-098
Authored By: Fortinet
Certified: Yes
From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:
yum install cyops-connector-jumpcloud
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the JumpCloud connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Server URL | URL of the JumpCloud server to which you will connect and perform the automated operations. |
| API Key | API key of the JumpCloud server to which you will connect and perform the automated operations. |
| Organization ID | Organization ID of the JumpCloud server to which you will connect and perform the automated operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 and onwards:
| Function | Description | Annotation and Category |
|---|---|---|
| Create Command | Creates a new command that you want to run on the JumpCloud server based on the command, system ID and other input parameters you have specified. | create_command Investigation |
| Get Systems | Retrieves details of all the systems or a specific system, based on the System ID you have specified, from the JumpCloud server. | get_systems Investigation |
| Get Users | Retrieves details of all the system users or a specific system user, based on the User ID you have specified, from the JumpCloud server. | get_users Investigation |
| Get Organizations | Retrieves details of all the organizations or a specific organization, based on the Organization ID you have specified, from the JumpCloud server. | get_organizations Investigation |
| Get Commands | Retrieves all commands or a specific command, based on the Command ID you have specified, from the JumpCloud server. | get_commands Investigation |
| Manage command associations | Manages the direct associations of two different objects, for example, commands and systems, on the JumpCloud server with a specific command based on the command ID and other input parameters you have specified. | manage_command_associations Investigation |
| Trigger Command | Launches a command on the JumpCloud server based on the trigger name you have specified. | trigger_command Investigation |
| Parameter | Description |
|---|---|
| Command | Command that you want to run on the JumpCloud server. |
| Command Name | Name of the command that you want to run on the JumpCloud server. |
| System ID | Array of System IDs on which you want to run the command. Note: This parameter is not available if you are using "Groups". |
| Command Type | Type of command you want to run. You can choose between Linux, Mac, or Windows.
|
| Launch Type | Launch type of the command. You can choose between Run as Repeating, Run on Trigger(webhook), Manual, Run as Scheduled by user choice. The parameter structure will change depending on the choice
|
The output contains the following populated JSON schema:
{
"listensTo": "",
"trigger": "",
"launchType": "",
"commandRunners": [],
"scheduleRepeatType": "",
"sudo": "",
"id": "",
"organization": "",
"name": "",
"_id": "",
"timeout": "",
"command": "",
"schedule": "",
"files": [],
"shell": "",
"commandType": ""
}
| Parameter | Description |
|---|---|
| System ID | (Optional) ID of the system whose details you want to retrieve from JumpCloud. Note: If you do not specify any System ID, then this operation will return the details of all the systems from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"arch": "",
"sshRootEnabled": "",
"created": "",
"serialNumber": "",
"os": "",
"lastContact": "",
"id": "",
"displayName": "",
"allowSshPasswordAuthentication": "",
"associatedTagCount": "",
"allowSshRootLogin": "",
"agentVersion": "",
"sshdParams": [],
"fde": {
"keyPresent": "",
"active": ""
},
"organization": "",
"remoteIP": "",
"connectionHistory": [],
"version": "",
"allowMultiFactorAuthentication": "",
"_id": "",
"modifySSHDConfig": "",
"allowPublicKeyAuthentication": "",
"templateName": "",
"hostname": "",
"networkInterfaces": [
{
"name": "",
"internal": "",
"family": "",
"address": ""
}
],
"systemTimezone": "",
"active": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| User ID | (Optional) ID of the system user whose details you want to retrieve from JumpCloud. Note: If you do not specify any User ID, then this operation will return the details of all the system users from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"externally_managed": "",
"created": "",
"ssh_keys": [],
"password_expired": "",
"mfa": {
"configured": "",
"exclusion": ""
},
"passwordless_sudo": "",
"unix_uid": "",
"id": "",
"enable_user_portal_multifactor": "",
"associatedTagCount": "",
"password_never_expires": "",
"phoneNumbers": [],
"username": "",
"enable_managed_uid": "",
"allow_public_key": "",
"ldap_binding_user": "",
"lastname": "",
"email": "",
"samba_service_user": "",
"middlename": "",
"activated": "",
"description": "",
"addresses": [],
"totp_enabled": "",
"sudo": "",
"unix_guid": "",
"firstname": "",
"account_locked": "",
"displayname": "",
"attributes": [],
"_id": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| Organization ID | (Optional) ID of the organization whose details you want to retrieve from JumpCloud. Note: If you do not specify any Organization ID, then this operation will return the details of all the Organizations from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"_id": "",
"logoUrl": "",
"created": "",
"id": "",
"displayName": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| Command ID | (Optional) ID of the command that you want to retrieve from JumpCloud. Note: If you do not specify any Command ID, then this operation will return all the command from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"organization": "",
"name": "",
"schedule": "",
"listensTo": "",
"command": "",
"_id": "",
"launchType": "",
"trigger": "",
"scheduleRepeatType": "",
"commandType": "",
"id": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| Command ID | ID of the command that you want to directly associate with two different objects, for example commands and systems. |
| Operation | Type of operation that you want to perform to manage the association, i.e., how you want to modify the graph connection. You can choose from the the following options: Add, Remove, or Update. |
| Type | Type of graph to be used to manage the association. You can choose from the following options: Active Directory, Application, Command, G Suite, LDAP Server, Office 365, Policy, RADIUS Server, System, System Group, User, or User Group |
| ID | ObjectID of graph object that is being added, updated or removed as an association. |
The output contains the following populated JSON schema:
{
"status": "",
"message": ""
}
| Parameter | Description |
|---|---|
| Trigger Name | Name of the trigger based on which JumpCloud will launch commands, i.e., JumpCloud will start all commands that match the specified trigger name. |
{
"Triggered": []
}
The Sample - JumpCloud - 1.0.0 playbook collection comes bundled with the JumpCloud connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the JumpCloud connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business's employees and the systems and IT resources to which they require access.
This document provides information about the JumpCloud connector, which facilitates automated interactions, with a JumpCloud server using FortiSOAR™ playbooks. Add the JumpCloud connector as a step in FortiSOAR™ playbooks and perform automated operations, such as automatically creating and running a new command on JumpCloud, and retrieving details of systems, users, organization, and commands from JumpCloud.
Connector Version: 1.0.0
FortiSOAR™ Version Tested on: 5.0.1-098
Authored By: Fortinet
Certified: Yes
From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:
yum install cyops-connector-jumpcloud
For the procedure to configure a connector, click here
In FortiSOAR™, on the Connectors page, click the JumpCloud connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
| Parameter | Description |
|---|---|
| Server URL | URL of the JumpCloud server to which you will connect and perform the automated operations. |
| API Key | API key of the JumpCloud server to which you will connect and perform the automated operations. |
| Organization ID | Organization ID of the JumpCloud server to which you will connect and perform the automated operations. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 and onwards:
| Function | Description | Annotation and Category |
|---|---|---|
| Create Command | Creates a new command that you want to run on the JumpCloud server based on the command, system ID and other input parameters you have specified. | create_command Investigation |
| Get Systems | Retrieves details of all the systems or a specific system, based on the System ID you have specified, from the JumpCloud server. | get_systems Investigation |
| Get Users | Retrieves details of all the system users or a specific system user, based on the User ID you have specified, from the JumpCloud server. | get_users Investigation |
| Get Organizations | Retrieves details of all the organizations or a specific organization, based on the Organization ID you have specified, from the JumpCloud server. | get_organizations Investigation |
| Get Commands | Retrieves all commands or a specific command, based on the Command ID you have specified, from the JumpCloud server. | get_commands Investigation |
| Manage command associations | Manages the direct associations of two different objects, for example, commands and systems, on the JumpCloud server with a specific command based on the command ID and other input parameters you have specified. | manage_command_associations Investigation |
| Trigger Command | Launches a command on the JumpCloud server based on the trigger name you have specified. | trigger_command Investigation |
| Parameter | Description |
|---|---|
| Command | Command that you want to run on the JumpCloud server. |
| Command Name | Name of the command that you want to run on the JumpCloud server. |
| System ID | Array of System IDs on which you want to run the command. Note: This parameter is not available if you are using "Groups". |
| Command Type | Type of command you want to run. You can choose between Linux, Mac, or Windows.
|
| Launch Type | Launch type of the command. You can choose between Run as Repeating, Run on Trigger(webhook), Manual, Run as Scheduled by user choice. The parameter structure will change depending on the choice
|
The output contains the following populated JSON schema:
{
"listensTo": "",
"trigger": "",
"launchType": "",
"commandRunners": [],
"scheduleRepeatType": "",
"sudo": "",
"id": "",
"organization": "",
"name": "",
"_id": "",
"timeout": "",
"command": "",
"schedule": "",
"files": [],
"shell": "",
"commandType": ""
}
| Parameter | Description |
|---|---|
| System ID | (Optional) ID of the system whose details you want to retrieve from JumpCloud. Note: If you do not specify any System ID, then this operation will return the details of all the systems from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"arch": "",
"sshRootEnabled": "",
"created": "",
"serialNumber": "",
"os": "",
"lastContact": "",
"id": "",
"displayName": "",
"allowSshPasswordAuthentication": "",
"associatedTagCount": "",
"allowSshRootLogin": "",
"agentVersion": "",
"sshdParams": [],
"fde": {
"keyPresent": "",
"active": ""
},
"organization": "",
"remoteIP": "",
"connectionHistory": [],
"version": "",
"allowMultiFactorAuthentication": "",
"_id": "",
"modifySSHDConfig": "",
"allowPublicKeyAuthentication": "",
"templateName": "",
"hostname": "",
"networkInterfaces": [
{
"name": "",
"internal": "",
"family": "",
"address": ""
}
],
"systemTimezone": "",
"active": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| User ID | (Optional) ID of the system user whose details you want to retrieve from JumpCloud. Note: If you do not specify any User ID, then this operation will return the details of all the system users from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"externally_managed": "",
"created": "",
"ssh_keys": [],
"password_expired": "",
"mfa": {
"configured": "",
"exclusion": ""
},
"passwordless_sudo": "",
"unix_uid": "",
"id": "",
"enable_user_portal_multifactor": "",
"associatedTagCount": "",
"password_never_expires": "",
"phoneNumbers": [],
"username": "",
"enable_managed_uid": "",
"allow_public_key": "",
"ldap_binding_user": "",
"lastname": "",
"email": "",
"samba_service_user": "",
"middlename": "",
"activated": "",
"description": "",
"addresses": [],
"totp_enabled": "",
"sudo": "",
"unix_guid": "",
"firstname": "",
"account_locked": "",
"displayname": "",
"attributes": [],
"_id": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| Organization ID | (Optional) ID of the organization whose details you want to retrieve from JumpCloud. Note: If you do not specify any Organization ID, then this operation will return the details of all the Organizations from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"_id": "",
"logoUrl": "",
"created": "",
"id": "",
"displayName": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| Command ID | (Optional) ID of the command that you want to retrieve from JumpCloud. Note: If you do not specify any Command ID, then this operation will return all the command from JumpCloud. |
The output contains the following populated JSON schema:
{
"results": [
{
"organization": "",
"name": "",
"schedule": "",
"listensTo": "",
"command": "",
"_id": "",
"launchType": "",
"trigger": "",
"scheduleRepeatType": "",
"commandType": "",
"id": ""
}
],
"totalCount": ""
}
| Parameter | Description |
|---|---|
| Command ID | ID of the command that you want to directly associate with two different objects, for example commands and systems. |
| Operation | Type of operation that you want to perform to manage the association, i.e., how you want to modify the graph connection. You can choose from the the following options: Add, Remove, or Update. |
| Type | Type of graph to be used to manage the association. You can choose from the following options: Active Directory, Application, Command, G Suite, LDAP Server, Office 365, Policy, RADIUS Server, System, System Group, User, or User Group |
| ID | ObjectID of graph object that is being added, updated or removed as an association. |
The output contains the following populated JSON schema:
{
"status": "",
"message": ""
}
| Parameter | Description |
|---|---|
| Trigger Name | Name of the trigger based on which JumpCloud will launch commands, i.e., JumpCloud will start all commands that match the specified trigger name. |
{
"Triggered": []
}
The Sample - JumpCloud - 1.0.0 playbook collection comes bundled with the JumpCloud connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the JumpCloud connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
