JumpCloud SSO can be enabled by leveraging Addigy's Google SSO (SAML) integation, the steps provide the information needed to successfully set the feature up.
TABLE OF CONTENTS
Configuring Application in JumpCloud
The first part of the process is configuring a new SAML 2.0 application within the JumpCloud platform. To do this follow the steps indicated below:
1. Login to the JumpCloud platform using an Administrator account.
2. Navigate to the Applications page and click on the Green + button to add a new application:
3. On the window that appears after clicking the + button, click on Custom SAML App:
4. Next we will scroll down to the Single Sing-On Configuration section:
5. We will need to Fill out the following sections at this time:
- SP Entity ID
- ACS URL
For the SP Entity ID it is not important what is used however you can use the one found in the Addigy platform under Account > Integrations > Google SSO (SAML) integration.
The same is done for the ACS URL however the ACS URL must match the one found in the Google SSO (SAML) integration:
6. Use this data to fill out the in fields accordingly on the JumpCloud platform
- Addigy Entity ID ---> JumpCloud SP Entity ID
- Addigy Assertion Consumer Service (ACS) URL ---> JumpCloud ACS URL
7. You will notice that the IdP Entity ID field was left empty and is now stating that it is required. To remedy this scroll down to until you see the section titled IDP URL.
Here you will see that you can set the IDP URL to end as you desire (addigytest is used here for the purposes of this article but it can be set to something else):
8. Once you have confirmed how you wish to label your IDP URL, scroll back to the top and use it fill out the IdP Entity ID field:
9. Next scroll down until you see the Attributes section and click add attribute:
10. You will need to fill out a total of 3 attributes under USER ATTRIBUTE MAPPING as follows:
|Service Provider Attribute Name||JumpCloud Attribute Name|
11. Now click on the User Groups tab and be sure to select the user group that will make use of this application (in this case All Users for testing purposes:
12. Additionally please remember to add a Display Label to the application to ensure it activate properly:
13. After Confirming all previous steps have been completed and are correct, click on activate and on the window that appears after, click continue:
14. After successful activation, you should be notified in the platform informing you that the Public Certificate has been created.
This will also allow you to download the certificate at this time by clicking Download Certificate which you will need for the next section of this article:
If you happen to miss the notification you can still download the certificate by clicking on the application, and selecting selecting the IDP Certificate Valid text:
This will conclude the configuration of the JumpCloud SAML application. However do not sign out of the platform as we will need some of the information from for the following section.
Configuring the Google SSO (SAML) Integration In Addigy
For JumpCloud SSO to function properly, we must now configure the Google SSO (SAML) integration in Addigy appropriately. Follow the steps below to complete this requirement:
1. In Addigy, navigate to the Account > Integrations and select Google SSO (SAML):
2. This will bring up the following window which we will fill out with information from the JumpCloud SAML application we completed prior to this:
3. In JumpCloud, navigate to the Applications page and select the SAML application we configured in the previous section:
4. In the window that opens, select the Single Sign-On Configuration section to reveal it's settings and then scroll down until you see the IDP URL title:
5. Copy the text in the IDP URL field and then use it to fill out the following sections in Addigy:
- SSO URL
- Entity ID URL
Additionally upload the .pem certificate that was downloaded in the previous section. If you forgot to download it you can download it by clicking on IDP Certificate Valid and selecting Download certificate.
6. Once the fields in the Google SSO (SAML) integration have been filled out and the .pem certificate is uploaded, it should appear as follows:
7. After this is confirmed, click on on the Update button and then slide the toggle at the top right to enable the integration:
The process should now be complete, however we highly recommend you remain signed in and test the SSO login with another browser so that you can confirm the integration is working properly.
If you face any difficulties please do not hesitate to reach out to Addigy support.