Here's a quick tutorial on how to set up Single-Sign-On for JumpCloud:
- Login to the admin portal at console.jumpcloud.com:
- Go to SSO Applications from the navigation tab
- Click on +Add New Application
- Select Custom Application
- Click on Next to proceed
- Select Manage Single Sign-On (SSO) with the option Configure SSO with SAML, then click on Next.
- Name the application under Display Label
- You may customize the SSO Idp URL by typing in the name of the application then click on Save Application
- Once the application has been created, click on Configure Application to proceed
- For the Idp Entity ID, you can come up with any name and input it there.
- This same Idp Entity ID, needs to be input on the SSO configuration page on Controlio under Service provider entity ID.
- To get the ACS URL (Assertion Consumer Service URL), you will need to refer to the SSO configuration page on Controlio https://app.controlio.net/account-settings/sso under Controlio callback url. You can use the copy button to copy it
- Paste the copied URL under ACS URLS - Default URL *
- Make sure that the SAMLSubject NameID: is email, and adjust the SAMLSubject NameID Format: to urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
- Under Sign *, select Assertion
-
Copy the IDP URL from the SSO page. (Simply click on the copy button)
-
Paste this link in the SSO configuration page of the Controlio Dashboard under ID-provider authentication URL
- Add the following attributes from Attributes - User Attributes
- email - email
- firstName - firstname
- lastName - lastname
- The X.509 certificate can be downloaded from the left side menu by clicking on the arrow next to IDP Certificate Valid
- Copy the contents of the downloaded certificate, and paste it into the X.509 certificate textbox in the SSO configuration page of the Controlio Dashboard.
- From User Groups, you can select user who will be able to login with SSO.
- Click on Save to finalize the configuration