At a high-level, JumpCloud has two types of accounts: JumpCloud administrators and JumpCloud users. This article explains each role. Note that with respect to JumpCloud users, there are various instantiations of the object which our various protocols relay to the resources requiring them in the format they expect. Those instantiations are discussed in another post. Further note, that there are different types of “roles” of JumpCloud administrator *and* user accounts, a concept which will be evolving over time, but the purpose of this article is to note the distinction between the two major JumpCloud account types.
JumpCloud Administrator - The JumpCloud administrator account is responsible for the management of your JumpCloud organizational tenant. This privileged account gains access to the JumpCloud Admin Portal to perform all general operations related to managing your tenant: adding JumpCloud users and systems, adding or removing other admins, and so on. Your admin user is an entirely separate object from a JumpCloud user account and is not intended to be an identity that gains access to resources. Its sole purpose is to manage the tenant.
JumpCloud User - The User account is the core identity for your employees, and is the account type that is used to authenticate resources against. This account type gains access to resources through their ID (either the User’s UID, username or email, depending upon the requirements of the resource, and all of which is stored on the user account). Similar to the admin, the user can log in to their JumpCloud User Portal for security and data management needs, and to access SAML-based applications.