[IMPORTANT] Please note that this site will be disabled on October 31. In it's place, the new JumpCloud Help Center is live! Check it out here!

Support Center

Single Sign On (SSO) with Optimizely

Important: This article contains out-of-date information. For current application information, see Connecting Applications with JumpCloud Using Pre-Built Connectors.


PREREQUISITES: In order to successfully complete the integration between JumpCloud and Optimizely, you must use an administrator account on an Enterprise plan in Optimizely.

CONFIGURATION NOTES:

Note 1: The JumpCloud administrator performing the integrations will only configure SSO for the IdP, or JumpCloud. After JumpCloud is configured, the administrator will send the IdP configuration details to Optimizely. Optimizely will configure the SAML 2.0 connection and contact the account administrator.

Note 2: Optimizely does not support automatic new user provisioning. Prior to attempting SSO, a user must already have Optimizely account that uses the same email as his or her JumpCloud account.

Note 3: We assume the JumpCloud administrator performing the integrations will understand the process of generating private keys in addition to public certificates. As an example for generating signed certificates on Linux, see below. Please refer to other guidance for generating keys on other operating systems.


Create a private key: 

  • openssl genrsa -out private.pem 2048

Creating a public certificate for that private key: 

  • openssl req -new -x509 -key private.pem -out cert.pem -days 1095


Step 1 of 3: Provide IdP Configuration Details to Optimizely

  1. Contact the Optimizely Support Team at support@optimizely.com and request that SSO be enabled for your account
  2. In your email, provide the following information:
    • Single Sign-On URL: https://sso.jumpcloud.com/saml2/optimizely (this is the default IdP URL, but if you plan to change this value in JumpCloud in step 3, part 10 then provide your chosen value)
    • Single Logout URL: https://console.jumpcloud.com/userconsole
    • Attach your public certificate (see Note 3 above)
  3. An Optimizely Support Representative will contact you once SSO has been configured for your account and should provide you with additional information including your ACS URL and Service Provider Entity ID (you may need to request these values specifically if your representative does not provide them)
Step 2 of 3: Enable SSO in your Optimizely Account
  1. Log in to Optimizely as an administrator
  2. Click on your account name in the upper right corner
  3. Select Account Settings from the drop-down menu
  4. Click on the Account Overview tab
  5. In the Single Sign On section, check the box next to Enable SSO if it is not already checked
  6. Click Save (if the box was not previously checked)
Step 3 of 3: Configure JumpCloud SSO for Optimizely
  1. Log into the JumpCloud Admin UI at https://console.jumpcloud.com
  2. Click on the Applications link in the sidenav
  3. Click on the green + icon in the upper left corner and find Optimizely in the list
  4. Click configure
  5. You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
  6. Click Upload Private Key and upload your private key (see Note 3 above)
  7. Click Upload IdP Certificate and upload your public certificate (see Note 3 above)
  8. In the SP Entity ID field, enter the Service Provider Entity ID value provided by your Optimizely Support Representative (ex: urn:auth0:optimizely:testing6089540097)
  9. In the ACS URL field, enter the ACS URL value provided by your Optimizely Support Representative (ex: https://optimizely.auth0.com/login/callback?connection=testing6089540097)
  10. In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector. Take note of the entire IdP URL, as you will need it to configure Optimizely. Additionally, the value you enter here is relevant to restricting access to this application within JumpCloud (see Note on Tagging below).
  11. (Optional) In the Display Label field, enter a label that will appear beside the Optimizely logo within the JumpCloud console to guide administrators and users to the connection you have configured
  12. Click Activate
To test your single sign-on configuration:

(IdP-Initiated Flow)

  • Log into the JumpCloud User Console
  • Click on the Optimizely icon
  • You should automatically be logged in to Optimizely

(SP-Initiated Flow)

  • In your Web browser, navigate to the Optimizely login page located at https://app.optimizely.com/signin
  • Click Log in using SSO
  • Enter the email associated with your SSO-enabled Optimizely account (see Note 2above) and click Log In
  • If necessary, log into the JumpCloud User Console as the appropriate user
  • You should automatically be logged in to Optimizely


Note on Tagging: To restrict access to a smaller group of users:

The value terminating the IdP URL (which the administrator sets during configuration) will also serve as part of the Tag name for this SSO connection. To restrict access, create a new Tag and name it SSO- followed by the value chosen to terminate the IdP URL.

EX: If the entire IdP URL is https://sso.jumpcloud.com/saml2/ServiceProvider1234, then create a Tag named SSO-ServiceProvider1234 to restrict access to this connection.

Add users to this Tag who should be given access to Optimizely (through this configuration only) via SSO. Any other users who are not in this tag will be denied access. If a Tag to explicitly grant access does not exist, all users in your organization will be authorized to access Optimizely through this connection.​

 

Last Updated: Aug 20, 2019 09:36AM MDT

Related Articles
desk-forwarding@jumpcloud.com
http://assets2.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete