From f39abdfa74c4b1e4091a7200dac6606110b172f3 Mon Sep 17 00:00:00 2001
From: Jamil <jamilbk@users.noreply.github.com>
Date: Fri, 24 Oct 2025 07:40:51 -0700
Subject: [PATCH] chore(website): remove JumpCloud references (#10704)

With the refactoring coming up in #6294 we will be dropping production
support for JumpCloud directory sync.

In practice, this likely won't be an issue due to the better ergonomics
/ JIT provisioning that will be offered in the new system.

Related: #2701
Related: #6294
Related: #3115
Related: #7834
---
 .../src/app/blog/jun-2024-update/readme.mdx   |  24 --
 website/src/app/blog/posts.tsx                |   3 -
 .../kb/authenticate/directory-sync/readme.mdx |  10 +-
 .../src/app/kb/authenticate/email/readme.mdx  |   8 +-
 .../app/kb/authenticate/jumpcloud/_page.tsx   |   6 -
 .../app/kb/authenticate/jumpcloud/page.tsx    |  11 -
 .../app/kb/authenticate/jumpcloud/readme.mdx  | 226 ------------------
 .../src/app/kb/authenticate/oidc/readme.mdx   |   7 +-
 website/src/app/kb/authenticate/page.tsx      |   2 +-
 website/src/app/kb/authenticate/readme.mdx    |   8 +-
 website/src/app/kb/deploy/groups/readme.mdx   |   2 +-
 website/src/app/kb/deploy/users/readme.mdx    |   4 +-
 website/src/app/pricing/_page.tsx             |   2 +-
 website/src/app/pricing/plan_table.tsx        |  12 -
 website/src/components/KbSidebar/index.tsx    |   3 -
 15 files changed, 18 insertions(+), 310 deletions(-)
 delete mode 100644 website/src/app/kb/authenticate/jumpcloud/_page.tsx
 delete mode 100644 website/src/app/kb/authenticate/jumpcloud/page.tsx
 delete mode 100644 website/src/app/kb/authenticate/jumpcloud/readme.mdx

diff --git a/website/src/app/blog/jun-2024-update/readme.mdx b/website/src/app/blog/jun-2024-update/readme.mdx
index 1d2cee8d1..24ce2d9f8 100644
--- a/website/src/app/blog/jun-2024-update/readme.mdx
+++ b/website/src/app/blog/jun-2024-update/readme.mdx
@@ -11,8 +11,6 @@ import Image from "next/image";
 ## In this update:
 
 - **New feature:** [Conditional access policies](#conditional-access-policies)
-- **New feature:**
-  [Directory sync support for JumpCloud](#directory-sync-support-for-jumpcloud)
 - **Blog post:**
   [Using Tauri for a cross-platform security app](/blog/using-tauri)
 - **Blog post:**
@@ -138,28 +136,6 @@ Time-based access policies open the door for interesting use cases. For example:
 By locking down access to Resources based on the time of day, you add another
 tool to your security arsenal to prevent unauthorized access to your Resources.
 
-### Directory sync support for JumpCloud
-
-<Image
-  src="/images/blog/jun-2024-update/jump_dir_sync.png"
-  alt="JumpCloud directory sync"
-  width={400}
-  height={400}
-  className="rounded shadow"
-/>
-
-In our ongoing effort to make Firezone more accessible to organizations of all
-sizes, we've added support for syncing your JumpCloud directory with Firezone.
-
-This integration leverages JumpCloud's SCIM API to push user and group updates
-in real-time as they're made in your JumpCloud account. Set up takes only a few
-minutes, and once it's done, you can manage access to your Resources in Firezone
-using your JumpCloud groups, just like you would with any other identity
-provider.
-
-Like other providers, JumpCloud directory sync is available on our Enterprise
-plan to ensure we can provide a smooth setup and support experience.
-
 ### Blog posts
 
 - [Using Tauri for a cross-platform security app](/blog/using-tauri): Our
diff --git a/website/src/app/blog/posts.tsx b/website/src/app/blog/posts.tsx
index 462533e21..4624addcc 100644
--- a/website/src/app/blog/posts.tsx
+++ b/website/src/app/blog/posts.tsx
@@ -117,9 +117,6 @@ export default function Posts() {
             <li>
               <strong>New feature:</strong> Conditional access policies
             </li>
-            <li>
-              <strong>New feature:</strong> Directory sync support for JumpCloud
-            </li>
             <li>
               <strong>Blog post:</strong>{" "}
               <Link
diff --git a/website/src/app/kb/authenticate/directory-sync/readme.mdx b/website/src/app/kb/authenticate/directory-sync/readme.mdx
index e02e64ca8..69a9bf8ec 100644
--- a/website/src/app/kb/authenticate/directory-sync/readme.mdx
+++ b/website/src/app/kb/authenticate/directory-sync/readme.mdx
@@ -9,13 +9,11 @@ import SupportOptions from "@/components/SupportOptions";
 </PlanBadge>
 
 Firezone supports automatic directory sync from Google Workspace, Microsoft
-Entra ID, Okta, and JumpCloud. This feature is **automatically enabled** when
-you create one of the [Google Workspace](/kb/authenticate/google),
+Entra ID, and Okta. This feature is **automatically enabled** when you create
+one of the [Google Workspace](/kb/authenticate/google),
 [Microsoft Entra](/kb/authenticate/entra), or [Okta](/kb/authenticate/okta)
-connectors. For the [JumpCloud connector](/kb/authenticate/jumpcloud), a final
-setup step is required after creating the connector to activate JumpCloud's SCIM
-API. Once the connector is activated, users, groups, and organizational units
-will be synced from your identity provider every few minutes.
+connectors. Once the connector is activated, users, groups, and organizational
+units will be synced from your identity provider every few minutes.
 
 ## Role mapping
 
diff --git a/website/src/app/kb/authenticate/email/readme.mdx b/website/src/app/kb/authenticate/email/readme.mdx
index e66a97878..ceb151f97 100644
--- a/website/src/app/kb/authenticate/email/readme.mdx
+++ b/website/src/app/kb/authenticate/email/readme.mdx
@@ -14,8 +14,7 @@ This connector is enabled by default for all plans and is designed to get you up
 and running with Firezone quickly. For production deployments, we recommend
 setting up [Universal OIDC](/kb/authenticate/oidc),
 [Google Workspace](/kb/authenticate/google),
-[Microsoft Entra ID](/kb/authenticate/entra), [Okta](/kb/authenticate/okta), or
-[JumpCloud](/kb/authenticate/jumpcloud) authentication.
+[Microsoft Entra ID](/kb/authenticate/entra), or [Okta](/kb/authenticate/okta).
 
 Firezone's OTP-based email authentication connector sends a one-time password to
 the user's email each time authentication is requested. This password is
@@ -24,9 +23,8 @@ short-lived and can only be used to authenticate once.
 <Alert color="warning">
   User / group sync is **not supported** with the Email (OTP) connector. See the
   [Google Workspace](/kb/authenticate/google), [Microsoft Entra
-  ID](/kb/authenticate/entra), [Okta](/kb/authenticate/okta), or
-  [JumpCloud](/kb/authenticate/jumpcloud) connectors for automatic directory
-  sync.
+  ID](/kb/authenticate/entra), or [Okta](/kb/authenticate/okta) connectors for
+  automatic directory sync.
 </Alert>
 
 ## Disabling email authentication
diff --git a/website/src/app/kb/authenticate/jumpcloud/_page.tsx b/website/src/app/kb/authenticate/jumpcloud/_page.tsx
deleted file mode 100644
index 8f8abd30f..000000000
--- a/website/src/app/kb/authenticate/jumpcloud/_page.tsx
+++ /dev/null
@@ -1,6 +0,0 @@
-"use client";
-import Content from "./readme.mdx";
-
-export default function _Page() {
-  return <Content />;
-}
diff --git a/website/src/app/kb/authenticate/jumpcloud/page.tsx b/website/src/app/kb/authenticate/jumpcloud/page.tsx
deleted file mode 100644
index f0f4efc55..000000000
--- a/website/src/app/kb/authenticate/jumpcloud/page.tsx
+++ /dev/null
@@ -1,11 +0,0 @@
-import _Page from "./_page";
-import { Metadata } from "next";
-
-export const metadata: Metadata = {
-  title: "JumpCloud Authentication • Firezone Docs",
-  description: "Firezone Documentation",
-};
-
-export default function Page() {
-  return <_Page />;
-}
diff --git a/website/src/app/kb/authenticate/jumpcloud/readme.mdx b/website/src/app/kb/authenticate/jumpcloud/readme.mdx
deleted file mode 100644
index 41b0eaaa3..000000000
--- a/website/src/app/kb/authenticate/jumpcloud/readme.mdx
+++ /dev/null
@@ -1,226 +0,0 @@
-import Alert from "@/components/DocsAlert";
-import PlanBadge from "@/components/PlanBadge";
-import SupportOptions from "@/components/SupportOptions";
-import Image from "next/image";
-import Link from "next/link";
-
-<PlanBadge plans={["starter", "team", "enterprise"]}>
-
-# SSO with JumpCloud
-
-</PlanBadge>
-
-Firezone integrates with [JumpCloud](https://www.jumpcloud.com) using a custom
-connector that supports both authentication and directory sync. Use this guide
-if you're looking to setup SSO with JumpCloud for your Firezone account and
-optionally sync users and groups from JumpCloud to Firezone.
-
-<Alert color="info">
-  Directory sync is supported for the **Enterprise** plan only.
-</Alert>
-
-## Overview
-
-The JumpCloud connector uses OpenID Connect for authentication and JumpCloud's
-SCIM API to optionally support directory sync on Enterprise plans.
-
-When directory sync is enabled, users and groups are synced every few minutes to
-ensure that your Firezone account remains up-to-date with the latest identity
-data from JumpCloud. [Read more](/kb/authenticate/directory-sync) about how sync
-works.
-
-## Setup
-
-Setting up the JumpCloud connector is similar to the process of setting up a
-universal OIDC connector. The main difference is omission of the
-`Discovery Document URI` configuration field, as this is the same for all
-JumpCloud tenants.
-
-Follow the steps below to setup the JumpCloud connector.
-
-### Step 1: Start the JumpCloud provider setup in Firezone
-
-In your admin portal, go to `Settings -> Identity Providers` and click
-`Add Identity Provider`. Then, select `JumpCloud` from the list of identity
-providers.
-
-You'll be shown a summary of the steps you need to complete to setup the
-JumpCloud provider. Keep this page open as you'll need to refer to it in the
-following steps.
-
-### Step 2: Create a new SSO application in JumpCloud
-
-[Login to your JumpCloud admin portal](https://console.jumpcloud.com/login),
-click **SSO Applications** and then **+ Add New Application**.
-
-<Link
-  href="/images/kb/authenticate/jumpcloud/1-add-application.png"
-  target="_blank"
->
-  <Image
-    src="/images/kb/authenticate/jumpcloud/1-add-application.png"
-    alt="SSO Applications"
-    width={1200}
-    height={1200}
-  />
-</Link>
-
-Select **Custom Application** and click **Next**.
-
-<Link
-  href="/images/kb/authenticate/jumpcloud/2-custom-application.png"
-  target="_blank"
->
-  <Image
-    src="/images/kb/authenticate/jumpcloud/2-custom-application.png"
-    alt="Custom Application"
-    width={1200}
-    height={1200}
-  />
-</Link>
-
-On the next screen, ensure **Manage Single Sign-On** is selected, and select the
-**Configure SSO with OIDC** option.
-
-Optionally, select **Export users to this app (Identity Management)** if you
-plan to set up directory sync for this connector.
-
-Click **Next**.
-
-<Link
-  href="/images/kb/authenticate/jumpcloud/3-select-options.png"
-  target="_blank"
->
-  <Image
-    src="/images/kb/authenticate/jumpcloud/3-select-options.png"
-    alt="Select options"
-    width={1200}
-    height={1200}
-  />
-</Link>
-
-On the next screen, enter `Firezone` for the **Display Label**.
-
-Choose **Logo** for the User Portal Image and use this link to download an
-appropriate logo to use for the app registration:
-
-- [https://www.firezone.dev/images/kb/authenticate/jumpcloud/jumpcloud-oauth-screen-logo.png](https://www.firezone.dev/images/kb/authenticate/jumpcloud/jumpcloud-oauth-screen-logo.png)
-
-Then click **Next**.
-
-<Link
-  href="/images/kb/authenticate/jumpcloud/4-configure-application.png"
-  target="_blank"
->
-  <Image
-    src="/images/kb/authenticate/jumpcloud/4-configure-application.png"
-    alt="Configure application"
-    width={1200}
-    height={1200}
-  />
-</Link>
-
-On the following screen, select the **User Groups** tab and choose which users
-you'd like to grant access to Firezone.
-
-<Link
-  href="/images/kb/authenticate/jumpcloud/5-select-user-groups.png"
-  target="_blank"
->
-  <Image
-    src="/images/kb/authenticate/jumpcloud/5-select-user-groups.png"
-    alt="Select user groups"
-    width={1200}
-    height={1200}
-  />
-</Link>
-
-Next, go back to the **SSO** tab and copy the two **Redirect URIs** shown in the
-setup page from the Firezone admin portal and paste them here.
-
-Use [https://app.firezone.dev/](https://app.firezone.dev) for the **Login URL**.
-
-Then, under **Attribute Mapping**, make sure **Email** and **Profile** are both
-checked under **Standard Scopes**. Leave the mappings as they are.
-
-Then, click **Activate**.
-
-<Link
-  href="/images/kb/authenticate/jumpcloud/6-enter-redirect-uris.png"
-  target="_blank"
->
-  <Image
-    src="/images/kb/authenticate/jumpcloud/6-enter-redirect-uris.png"
-    alt="Enter redirect URIs"
-    width={1200}
-    height={1200}
-  />
-</Link>
-
-You should now see a screen that says **Application Saved** with the **Client
-ID** and **Client Secret**.
-
-<Link
-  href="/images/kb/authenticate/jumpcloud/7-copy-client-details.png"
-  target="_blank"
->
-  <Image
-    src="/images/kb/authenticate/jumpcloud/7-copy-client-details.png"
-    alt="Enter redirect URIs"
-    width={1200}
-    height={1200}
-  />
-</Link>
-
-**Important**: Make sure to save the `Client ID` and `Client Secret` fields in a
-safe place as they won't be shown again.
-
-### Step 3: Finish setting up the JumpCloud provider in Firezone
-
-Go back to the setup page in the Firezone admin portal and enter the `Client ID`
-and `Client Secret` values you copied from the JumpCloud application in the
-previous step.
-
-Then, click **Connect Identity Provider**.
-
-If you get successfully redirected back to your Firezone admin portal, you're
-done! Your JumpCloud connector is now ready to authenticate users.
-
-If you'd like to enable directory sync, keep reading below.
-
-<PlanBadge plans={["enterprise"]}>
-
-### Step 4: Enable directory sync (optional)
-
-</PlanBadge>
-
-To enable directory sync, go to the JumpCloud provider you just created in the
-Firezone admin portal. Click the **Setup Sync** button in the **Sync Status**
-section of the **Details** pane.
-
-You'll be taken through a detailed step-by-step guide to set up SCIM 2.0 with
-JumpCloud. Make sure to follow the instructions carefully to ensure that the
-sync is set up correctly.
-
-<Alert color="warning">
-  **Note**: Firezone uses [WorkOS](https://workos.com) behind the scenes to
-  connect to JumpCloud's SCIM API. When setting up the SCIM integration, you'll
-  be taken through WorkOS's setup flow hosted from the `setup.workos.com`
-  domain. This is completely normal. You **do not** need to create a WorkOS
-  account for this to function.
-</Alert>
-
-Once directory sync is enabled, users and groups will be synced every few
-minutes to ensure that your Firezone account remains up-to-date with the latest
-identity data from JumpCloud.
-
-<Alert color="info">
-
-Synced users will be assigned the `User` role by default, allowing them access
-to sign in from the Firezone Client only. If you need to grant access to the
-admin portal, you need to manually promote the user to the `Admin` role by
-visiting `Actors -> <actor name> -> Edit User` and updating their role.
-
-</Alert>
-
-<SupportOptions />
diff --git a/website/src/app/kb/authenticate/oidc/readme.mdx b/website/src/app/kb/authenticate/oidc/readme.mdx
index c70650db1..806a66a4c 100644
--- a/website/src/app/kb/authenticate/oidc/readme.mdx
+++ b/website/src/app/kb/authenticate/oidc/readme.mdx
@@ -127,10 +127,9 @@ the [REST API](/kb/reference/rest-api) to create groups programmatically.
 
 <Alert color="info">
   If you're using the [Google Workspace](/kb/authenticate/google), [Microsoft
-  Entra](/kb/authenticate/entra), [Okta](/kb/authenticate/okta) connectors, or
-  [JumpCloud](/kb/authenticate/jumpcloud) connectors, users and groups are
-  automatically synced from your identity provider and do not need to be created
-  manually.
+  Entra](/kb/authenticate/entra), or [Okta](/kb/authenticate/okta) connectors,
+  users and groups are automatically synced from your identity provider and do
+  not need to be created manually.
 </Alert>
 
 <SupportOptions />
diff --git a/website/src/app/kb/authenticate/page.tsx b/website/src/app/kb/authenticate/page.tsx
index 9dd45c641..eadf614df 100644
--- a/website/src/app/kb/authenticate/page.tsx
+++ b/website/src/app/kb/authenticate/page.tsx
@@ -4,7 +4,7 @@ import { Metadata } from "next";
 export const metadata: Metadata = {
   title: "Authentication Overview • Firezone Docs",
   description:
-    "Firezone supports Google Workspace, Okta, Microsoft Entra ID, JumpCloud, OIDC, and email authentication methods.",
+    "Firezone supports Google Workspace, Okta, Microsoft Entra ID, OIDC, and email authentication methods.",
 };
 
 export default function Page() {
diff --git a/website/src/app/kb/authenticate/readme.mdx b/website/src/app/kb/authenticate/readme.mdx
index 01dea61b4..d1d99a416 100644
--- a/website/src/app/kb/authenticate/readme.mdx
+++ b/website/src/app/kb/authenticate/readme.mdx
@@ -15,15 +15,13 @@ below for more in-depth guides for each supported provider:
    optionally sync users and groups with Microsoft Entra ID.
 1. [Okta](/kb/authenticate/okta): Authenticate users and optionally sync users
    and groups with Okta.
-1. [JumpCloud](/kb/authenticate/jumpcloud): Authenticate users and optionally
-   sync users and groups with JumpCloud.
 1. [OpenID Connect (OIDC)](/kb/authenticate/oidc): Authenticate to any OpenID
    Connect provider using a universal OIDC connector.
 
 It's possible to create multiple providers for the Google Workspace, Microsoft
-Entra ID, Okta, JumpCloud, and OIDC connectors. This allows you to authenticate
-users against multiple providers at the same time, each with different Groups
-and Policies applied to them.
+Entra ID, Okta, and OIDC connectors. This allows you to authenticate users
+against multiple providers at the same time, each with different Groups and
+Policies applied to them.
 
 <Alert color="warning">
   Disabling the email provider can lock you out of your account in the event
diff --git a/website/src/app/kb/deploy/groups/readme.mdx b/website/src/app/kb/deploy/groups/readme.mdx
index d56c707a1..e8732736d 100644
--- a/website/src/app/kb/deploy/groups/readme.mdx
+++ b/website/src/app/kb/deploy/groups/readme.mdx
@@ -18,7 +18,7 @@ appropriate name for the group.
 
 <Alert color="info">
   Automatic group sync is available for Google Workspace, Microsoft Entra ID,
-  Okta, and JumpCloud providers with the Enterprise plan. [Read
+  and Okta providers with the Enterprise plan. [Read
   more](/kb/authenticate/directory-sync) about how it works or [contact
   sales](/contact/sales) to upgrade.
 </Alert>
diff --git a/website/src/app/kb/deploy/users/readme.mdx b/website/src/app/kb/deploy/users/readme.mdx
index 8222d38ff..217bad100 100644
--- a/website/src/app/kb/deploy/users/readme.mdx
+++ b/website/src/app/kb/deploy/users/readme.mdx
@@ -13,8 +13,8 @@ Users can be created by going to `Actors -> Add Actor` and then selecting `User`
 as the actor type.
 
 <Alert color="info">
-  Automatic user sync is available for Google Workspace, Microsoft Entra ID,
-  Okta, and JumpCloud providers with the Enterprise plan. [Read
+  Automatic user sync is available for Google Workspace, Microsoft Entra ID, and
+  Okta providers with the Enterprise plan. [Read
   more](/kb/authenticate/directory-sync) about how it works or [contact
   sales](/contact/sales) to upgrade.
 </Alert>
diff --git a/website/src/app/pricing/_page.tsx b/website/src/app/pricing/_page.tsx
index 8bbaea9a0..6d925c332 100644
--- a/website/src/app/pricing/_page.tsx
+++ b/website/src/app/pricing/_page.tsx
@@ -274,7 +274,7 @@ export default function Page() {
               <li className="flex space-x-2.5">
                 <FaCheck className="mt-0.5 flex-shrink-0 text-primary-450 w-4 h-4" />
                 <span className="leading-tight">
-                  Directory sync for Google, Entra ID, Okta, and JumpCloud
+                  Directory sync for Google, Entra ID, and Okta
                 </span>
               </li>
               <li className="flex space-x-2.5">
diff --git a/website/src/app/pricing/plan_table.tsx b/website/src/app/pricing/plan_table.tsx
index 518596750..da85f3d40 100644
--- a/website/src/app/pricing/plan_table.tsx
+++ b/website/src/app/pricing/plan_table.tsx
@@ -369,18 +369,6 @@ export default function PlanTable() {
             <FaCheck className="mx-auto flex-shrink-0 w-5 h-5 text-neutral-900" />
           </td>
         </tr>
-        <tr className="border-b border-1 border-neutral-200">
-          <td className="gmx-1 py-4">
-            <Tooltip content="Automatically sync users and groups from JumpCloud to Firezone">
-              JumpCloud directory sync
-            </Tooltip>
-          </td>
-          <td className="font-semibold gmx-1 py-4 text-center">&#8212;</td>
-          <td className="font-semibold gmx-1 py-4 text-center">&#8212;</td>
-          <td className="gmx-1 py-4">
-            <FaCheck className="mx-auto flex-shrink-0 w-5 h-5 text-neutral-900" />
-          </td>
-        </tr>
         <tr>
           <td
             colSpan={4}
diff --git a/website/src/components/KbSidebar/index.tsx b/website/src/components/KbSidebar/index.tsx
index 6ca460d2a..cfe642ae2 100644
--- a/website/src/components/KbSidebar/index.tsx
+++ b/website/src/components/KbSidebar/index.tsx
@@ -44,9 +44,6 @@ export default function KbSidebar() {
             <SidebarItem href="/kb/authenticate/okta">
               SSO with Okta
             </SidebarItem>
-            <SidebarItem href="/kb/authenticate/jumpcloud">
-              SSO with JumpCloud
-            </SidebarItem>
             <SidebarItem href="/kb/authenticate/oidc">
               SSO with Universal OIDC
             </SidebarItem>