[Notification] We're upgrading the JumpCloud Support Center the week of September 16th.

Support Center

FAQs - Office 365 User Provisioning and Sync

Integration FAQs

Q: What is the method JumpCloud uses to connect to Office 365?

A: JumpCloud Utilizes an OAuth2 token for authorization, and TLS to secure and persist its connection with Office 365 to perform our integration tasks. 

Q: How can I see a report on the actions coming through the JumpCloud / Office 365 integration

A: Within the Office 365 admin console navigate to the admin center for "Azure Active Directory". From the Azure Active Directory admin center dashboard select the "Users" tab and then the "Audit logs" tab under "Activity". All events occuring via the JumpCloud / Office 365 OAuth connection are logged in these audit logs under the admin account used to authorize the OAuth connection in JumpCloud. It is best practice to create a dedicated Office 365 admin account to authorize the JumpCloud / Office 365 OAuth connection.  

Q: When I deactivate my connection with Office 365 from JumpCloud, what happens to the user accounts in Office 365?

A: When the OAuth session is deactivated in JumpCloud, all users in Office 365 will remain ‘active’ and functioning. This is by design. Within JumpCloud, all User accounts will remain active as well when de-authorization with Office 365 occurs. Note that when de-authorization occurs, all selected members bound to Office 365 are un-selected. When and if the products are-reactivated, the admin will need to re-bind the users in the Office 365 Directory to re-establish the connection and ownership-control of the accounts in Office 365. 

Q: I currently use the Active Directory Bridge to import users from AD. Can I use JumpCloud's Office 365 User Provisioning at the same time?

A: While this was previously not a supported configuration, use of the Active Directory Bridge can now indeed be used when either Google Apps or Office 365 User Provisioning are enabled.

Q: Can JumpCloud allow an administrator to integrate with multiple Office 365 accounts?

A: At this time, only one Office 365 account can be integrated with JumpCloud. 

Q: Can my avatars uploaded in Google be migrated to JumpCloud?

A: At this time, JumpCloud can not import user profile pictures or avatars into JumpCloud's user accounts. 

Q: Does JumpCloud's Office 365 integration support with Office 365 from GoDaddy?

A: At this time, JumpCloud does not support integration with GoDaddy's implementation of Office 365.  This version has more limited management capabilities that requires SSO login with GoDaddy's services in order to operate appropriately.  Because of these requirements, we are inhibited from making changes to the identity with the integration.

Q: I'm occasionally missing or experiencing email delay with Office 365 hosted Exchange, what may cause this?

A: Prior to 1 January 2013, generic MX records such as mail.global.frontbridge.com could be used for email.  After 15 July 2014, if they weren't updated, service disruption may be experienced.  See the Microsoft Communities article for more information.

Q: Can the Office 365 and G Suite Directory integrations be used in tandem, and if so, what configuration requirements are needed?

A: The Office 365 and G Suite Directory integrations can be used together to successfully synchronize both service providers with JumpCloud.  The directory integrations utilize the user's email address as the unique identifier for synchronization.  Due to this architecture, your domain records may need to be mapped so that the same email address is used between all service providers.  For more information refer to the follow vendor-specific documentation:

Add a domain to Office 365
Add a domain to G Suite

Importation FAQs

Q: What happens during import when a user being imported from Office 365 has a ‘matching’ user in the JumpCloud Directory?

A: Upon import, you will see a failure for this user to import as the account with the same email already exists. 

Q: When I am importing users from Office 365, why do I see all the users in the import UI, including those I have already imported?

A: JumpCloud's Office 365 synchronization UI displays all of your Office 365 users regardless of whether they were previously imported. We will provide filtering mechanisms and improved workflow in the future. 

Q: Can I import Groups and have them create corresponding Groups within JumpCloud?

A: At this time, only user accounts are supported between JumpCloud and Office 365. 

Q: We have multiple JumpCloud Administrators using the Admin Console. Do they each need to log into Office 365 to do Import tasks? 

A: No. Once the Global Administrator credentials have been authenticated once, the connection to Office 365, regardless of Administrator, can perform importation and provisioning tasks. 

Q: When I import users from Office 365, what data is imported and to where in JumpCloud?

Office 365





























*Company can only be populated in O365 by using AD connect to sync to the AD Azure instance supporting O365











addresses: streetAddress

type: “work”


addresses: locality

type: “work”


addresses: region

type: “work”


addresses: postalCode

type: “work”


addresses: country

type: “work”


phoneNumbers: number

type: “mobile”


phoneNumber: number

type: “work” (only first businessPhones is used)


Provisioning FAQs

Q: Can I prevent the automated 'welcome' email from being sent to my employees when I bind them to Office 365?

A: While an admin can prevent a Welcome email from being delivered to the end user when creating the account, binding the user to Office 365 will send an email to the employee. We recommend educating the employee base first before adding them to Office 365.

Synchronization FAQs

Q: How can I suspend or "block sign-in access" an account in Office 365?

A: The administrator can unbind the user from the Office 365 in JumpCloud which will trigger the user in Office 365 to be set as "block sign-in." Re-binding the user will un-block the User in Office 365.  

Q: When I delete an account in Office 365, what occurs in JumpCloud?

A: The user remains unchanged in JumpCloud. If you wish to remove the user from JumpCloud, these actions must be performed manually in the JumpCloud console. PLEASE NOTE: Should the user need to be re-provisioned from JumpCloud to Office 365, Office 365 will often require up to 24 hours until they release the same email address to be re-used again. You may re-bind the user at that time to re-deploy the account back to Office 365.

Credentials FAQs

Q: How does JumpCloud’s Password Complexity work with Office 365?

A: JumpCloud's Password Complexity will govern the password being used to sign into Office 365 just as with any other resource the user is connected to. Password complexity settings within Office 365 should be configured to align with the settings configured in JumpCloud. JumpCloud will not prevent a user from changing their password in their Office 365 account to a non-compliant password. End users should be educated to only update their password in JumpCloud.

Q: What happens when a JumpCloud user has their password expire due to JumpCloud’s password complexity requirements?

A: The user’s Office 365 account is suspended, blocking the user from accessing their account. Resetting the user’s password in JumpCloud will re-activate the user’s Office 365 account.

Q: Can an employee change their password within Office 365? 

A: The employee can change their password from Office 365's password change system however this will not update JumpCloud. The next password update in JumpCloud will overwrite the modified one in Office 365 and will log the user out of the Office 365 session, enforcing the JumpCloud credentials to be input. 

Q: Can I enable multifactor authentication (MFA) within my Office 365 tenant? 

A: Yes, JumpClouds Office 365 directory integration can work in parallel with Office 365 MFA. 

Last Updated: Aug 22, 2019 10:05AM MDT

Related Articles
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found