- A public certificate and private key pair are required to successfully connect applications with JumpCloud. After you activate an application, we automatically generate a public certificate and private key pair for you. You can use this pair or upload your own.
- Learn how to manage certificates and private keys.
- Learn how to generate a public certificate and private key pair.
- After you connect an application to JumpCloud, you can connect it to user groups. Users in the groups you connect can access the application through SAML SSO. Learn how to connect user groups to applications.
- Meraki Dashboard does not support SP-initiated SSO.
- Users with Meraki administrator accounts cannot use SSO.
Configure the JumpCloud SSO Application
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- In the IDP Entity ID field, enter
- In the ACS URL field, paste the Consumer URL copied from Meraki Dashboard.
- In the Role Attribute field, enter
https://dashboard.meraki.com/saml/attributes/role=<USER_ROLE>(replace USER_ROLE with the name of the role you created/selected in Meraki Dashboard).
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- (Optional) In the Display Label field, enter a label that will appear beside the Meraki logo within the JumpCloud console to guide administrators and users to the connection you have configured.
- Select Activate.
Configure the Service Provider
- Log in to Meraki Dashboard as an administrator.
- Select on the Organization tab.
- In the Configure column, select on Settings.
- In the SAML Configuration section, select SAML SSO Enabled from the drop-down menu.
- Select Add a SAML IdP.
- For the X.509 cert SHA1 fingerprint, enter your SHA1 certificate fingerprint (If you are unfamiliar with this process please reference the link above for generating a public certificate and private key).
- (Optional) If you would like users to be sent back to the JumpCloud User Portal when they log out of Meraki Dashboard, enter the following as the SLO Logout URL:
- Select Save Changes.
- Copy the Consumer URL.
- Select on the Organization tab.
- In the Configure column, select on Administrators.
- In the SAML administrator roles section, select Add SAML Role if no roles have been created, create a role with the appropriate access for auto-provisioned users and select Save changes. If roles have previously been created, decide which role will be designated to all users auto-provisioned via SSO.
Validate SSO authentication workflows
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
- Navigate to your Service Provider application URL.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.