[Notification] We're upgrading the JumpCloud Support Center the week of September 16th.

Support Center

Single Sign On (SSO) with StatusDashboard Dashboard

Important: This article contains out-of-date information. For current application information, see Connecting Applications with JumpCloud Using Pre-Built Connectors.



PREREQUISITES: In order to successfully complete the integration between JumpCloud and StatusDashboard, you must have an administrator account in StatusDashboard.

CONFIGURATION NOTES:

Note 1: SAML 2.0 Just-In-Time (JIT) user provisioning is supported by StatusDashboard—Dashboard.

Note 2: The JumpCloud administrator performing the integrations will only configure SSO for the IdP, or JumpCloud. The administrator will send the IdP configuration details to StatusDashboard. StatusDashboard will configure the SAML 2.0 connection and contact the account administrator.

Note 3: We assume the JumpCloud administrator performing the integrations will understand the process of generating private keys in addition to public certificates. As an example for generating signed certificates on Linux, see below. Please refer to other guidance for generating keys on other operating systems.

  • Create a private key
    openssl genrsa -out private.pem 2048

  • Creating a public certificate for that private key:
    openssl req -new -x509 -key private.pem -out cert.pem -days 1095


Step 1 of 3: Provide IdP Configuration Details to StatusDashboard

  1. Send an email to support@statusdashboard.com requesting that Dashboard SAML single sign-on be enabled for your account and include the following information:

    • Issuer: https://YOURDOMAIN.com (replace YOURDOMAIN with your company’s unique domain)
    • Identity Provider Single Sign On Service: https://sso.jumpcloud.com/saml2/statusdashboarddashboard (this is the default IdP URL, but if you plan to change this value in JumpCloud in step 3, part 10 then provide your chosen value)
    • Identity Provider Single Logout Service: https://console.jumpcloud.com/userconsole/
    • x509 Certificate: attach your public certificate (see Note 3 above)

Step 2 of 3: Enable SSO for StatusDashboard—Dashboard

  1. After StatusDashboard has enabled SSO for your account, log in to the StatusDashboard Admin console
  2. Select Security in the sidenav
  3. Select Single Sign-On
  4. In the Dashboard Single Sign-On: SAML section, toggle Enabled
  5. Under Dashboard Single Sign-On Configuration, copy both the Service Provider Entity ID and the Service Provider Assertion Consumer Service
  6. Select Save Changes

Step 3 of 3: Configure JumpCloud SSO for StatusDashboard—Dashboard

  1. Log into the JumpCloud Admin UI at https://console.jumpcloud.com
  2. Select on the Applications link in the sidenav
  3. Select on the green + icon in the upper left corner and find StatusDashboard—Dashboard in the list
  4. Select configure
  5. You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
  6. In the IdP Entity ID field, enter https://YOURDOMAIN.com (this should match the value you provided to StatusDashboard as the Issuer)
  7. Select Upload Private Key and upload your private key (see Note 3 above)
  8. Select Upload IdP Certificate and upload your public certificate (see Note 3 above)
  9. In the SP Entity ID field, paste the Service Provider Entity ID you copied from the StatusDashboard configuration page (ex: SUBDOMAIN.statusdashboard.com)
  10. In the ACS URL field, paste the Service Provider Assertion Consumer Service you copied from the StatusDashboard configuration page (ex: https://SUBDOMAIN.statusdashboard.com/acs)
  11. In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector. The value you enter here is relevant to restricting access to this application within JumpCloud (see Note on Tagging below).
  12. (Optional) In the Display Label field, enter a label that will appear beside the StatusDashboard logo within the JumpCloud console to guide administrators and users to the connection you have configured
  13. Select Activate

To test your single sign-on configuration:

(IdP-Initiated Flow)

  • Log into the JumpCloud User Console
  • Select on the StatusDashboard—Dashboard icon
  • You should automatically be logged in to StatusDashboard

(SP-Initiated Flow)

  • In your Web browser, navigate to your StatusDashboard dashboard domain (ex: https://SUBDOMAIN.statusdashboard.com)
  • If necessary, log into the JumpCloud User Console as the appropriate user
  • You should automatically be logged in to StatusDashboard

Note on Tagging: To restrict access to a smaller group of users:

The value terminating the IdP URL (which the administrator sets during configuration) will also serve as part of the Tag name for this SSO connection. To restrict access, create a new Tag and name it SSO- followed by the value chosen to terminate the IdP URL.

EX: If the entire IdP URL is https://sso.jumpcloud.com/saml2/ServiceProvider1234, then create a Tag named SSO-ServiceProvider1234 to restrict access to this connection.

Add users to this Tag who should be given access to StatusDashboard—Dashboard (through this configuration only) via SSO. Any other users who are not in this tag will be denied access. If a Tag to explicitly grant access does not exist, all users in your organization will be authorized to access StatusDashboard—Dashboard through this connection.​

 

Last Updated: Aug 20, 2019 09:42AM MDT

Related Articles
desk-forwarding@jumpcloud.com
http://assets3.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete