Cloud productivity platforms G Suite and Office 365 are immensely popular today. Nearly every organization has an instance of one, if not both. Because of this high level of usage, we have strived to make it easy to use these identities for more. That’s why our directory is able to seamlessly integrate with both O365 and G Suite, allowing the use of those identities for systems (Mac, Windows, Linux), cloud and on-prem apps (through SAML, LDAP), data storage, and much more. As a result, we often get questions asking how our Directory-as-a-Service platform is able to integrate with these productivity platforms. In this post, we will explain how JumpCloud’s Directory-as-a-Service® (DaaS) is able to integrate with Office 365.
JumpCloud’s O365 Integration
Essentially, JumpCloud’s directory level integration with Office 365 comes from two components. The first of the components is our direct provisioning and sync bridge (which can also import users in from O365), and the second is the SAML-based SSO. In the following sections, we will go through how they both work.
JumpCloud and Azure Active Directory (AAD)
“Wait, I thought we were talking about Office 365 integration components, not Azure AD?” Well, you’re right. But, what’s important to point out here first is that JumpCloud’s first integration with Office 365 is all possible through having a deep relationship with Azure Active Directory (AAD). This is because AAD acts as the underlying identity layer of Office 365. What goes into AAD, can get pushed up into O365. So, the first question we need to ask is, “How does JumpCloud integrate with Azure Active Directory?”
The answer to that question is that JumpCloud is able to establish the deep integration layer through APIs. We are using an OAuth-based connection to securely connect JumpCloud via a Office 365 super administrator account, and are specifically utilizing Microsoft’s Graph API. With that secure connection established, we then communicate with AAD through the API to perform our user management tasks. The first indication we make to the AAD instance is that we will be deferring in objects that we create within it (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/jumpcloud-integrate-o365/