Search here...
Help Center
< All Topics

Setting up a SAML Application in JumpCloud

Posted

Prerequisites

Your Prolaborate site should have a valid SSL Certificate.

If you don’t have a SSL Certificate, you can create a self-signed certificate yourself. Please get in touch with Prolaborate team to know more about it.

Service Provider Configuration

To configure the Service Provider, click on Menu → SAML Settings.

From the top right of the page that open, click on Enable SSO.

sso enable


sso enable
sso enable

Under Service Provider Configuration,

service-provider-config


service-provider-config
service-provider-config

  1. Name and Assertion Consumer URL will be prefilled. These URLs will be used as ‘Entity ID’ and ‘Audience URI (SP Entity ID)’ in JumpCloud configuration respectively.
  2. Choose the .pfx file of your SSL certificate
  3. Enter the Password of the .pfx file

Configuring Prolaborate in JumpCloud

The following sections will elaborate the steps involved in setting up Prolaborate in JumpCloud.

Create a new SAML Application

To create a new SAML application, follow the below steps:

  1. Log in your JumpCloud account
  2. Select SSO and Click on Add Applications button
add-sso


add-sso
add-sso

3. In the Configure New SSO Application window to click on Custom SAML App to create new application

configure-saml


configure-saml
configure-saml

General Info

  1. Display name – Enter your Application Name (say Prolaborate).
  2. Description (Optional) – Enter the application Description
  3. App logo (Optional) – Review the tool tips for details about the type of image you can use for your logo.
display-name


display-name
display-name

Single Sign-On Configuration

  1. IDP Entity ID – Enter your Application Name (say Prolaborate).
  2. Fill ‘SP Entity ID’ and ‘ACS URL’ fields from Prolaborate Service Provider configuration as stated above (In section Service provider Configuration).
    • SP Entity ID – Enter the URL from Service Provider Name/Entity ID field from Prolaborate
    • ACS URL – Enter the URL from Service Provider Assertion Consumer URL (ACU) field from Prolaborate
  3. Upload SP certificate – Browse SSL certificate (.cer file) of Prolaborate instance and click on Upload Certificate
upload-certificate


upload-certificate
upload-certificate

User Attributes mapping

Attribute Statements should be configured as below:

Attribute Name Value
username username
firstname firstname
lastname lastname
email email
attribute


attribute
attribute

Click on Activate.

Download JumpCloud Metadata

Open the Prolaborate application again and expand Single Sign-On Configuration, click on Export Metadata under JumpCloud Metadata to download the file.

metadata


metadata
metadata

Usergroup Configuration

Click on User Groups to configure User/ User groups to the Prolaborate application

Identity Provider Configuration

Go back to Prolaborate, click on Menu → SAML Settings.

idp-config


idp-config
idp-config

Fill the Identity Provider Configuration as per the instructions below:

  1. Select your Identity Provider as Others.
  2. Fill Name/Entity ID using Entity id availed from from JumpCloud Metadata Xml file (Refer to section Download JumpCloud Metedata ).
name-entityID


name-entityID
name-entityID

3. Fill Sign In URL field using Location URL from the JumpCloud Metadata Xml file (Refer to section Download JumpCloud Metedata )

4. Certificate File: Follow the steps to upload JumpCloud Certificate file

  1. Copy the Certificate URL from the JumpCloud Metadata Xml file (Refer to section Download JumpCloud Metedata).
certificate-url


certificate-url
certificate-url

b. Open Notepad application, and paste the certificate URL

c. Save the Certificate as JumpCloud.cer file

d. Choose the JumpCloud.cer file In the Certificate File field

Default Access Control Profile

Click on Manage Profiles to create a new profile.

Click on Create Profile.

create-acp


create-acp
create-acp

Give a Name to the Profile and configure permissions.

This is the permission that will be provided to all the users logging into Prolaborate using their SSO credentials.

You can choose any one of the following options:

  1. Give access to all repositories – Any user logging with their SSO credentials will be given access to all repositories
  2. Specify access – Any user logging with their SSO credentials will be added to the user groups you have specified after selecting the repositories

Click Save.

Now, go back to SAML Settings page.

Select the newly created profile and click Save.

Log in with JumpCloud Credentials

Once the configuration is done, your users will start to see a new button on the login page called Login with SSO.

When they click on Login with SSO,

login-sso


login-sso
login-sso

They will be redirected to the corresponding URL. They can then give their JumpCloud credentials to login to Prolaborate.

login-jumpcloud


login-jumpcloud
login-jumpcloud

You will be redirected to Prolaborate successfully if the configuration is done right as said in the document.

Note the Repositories you see will be based on Default Access Control Profile

repositories


repositories
repositories

Please check the configuration if you are not logged in to Prolaborate.

Logging out from Prolaborate

When a user initiates a logout, the user will be logged out from all applications in the current Identity provider login session.

sparxsystems-logo-inverted

Africa
Asia
Europe
Middle East
North America
Oceania
South America

Follow Us On

Start Here
Solutions
Customers
Resources
© Copyright 2024 | All Rights Reserved
Sparx Systems | EULA | Privacy Policy | Compliance and Trust
Book a Demo