Important: This article contains out-of-date information. For current application information, see Connecting Applications with JumpCloud Using Pre-Built Connectors.
Prerequisites:
Notes:
- How to configure User authorization.
Configure the JumpCloud SSO Application
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, then select 'configure'.
- Optionally, enter Threat Stack for the Display Label. This label will appear under the Service Provider logo within the JumpCloud User Portal.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- In the IDP Entity ID field, enter https://YOURDOMAIN.TLD (e.g. https://thebestwidgets.com)
- Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
- Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
- In the SP Entity ID field, enter https://app.threatstack.com.
- In the ACS URL field, enter https://app.threatstack.com/sso/saml/callback.
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- Select Activate.
Configure the Service Provider
Log in to the Threat Stack application then begin the following procedure.
Note: You must be an organization owner to implement SSO for your organization.
- Navigate to the Settings page, then open the Authentication tab to see the SSO form.
- After you configure your IdP to recognize Threat Stack, paste the values into the SSO form fields:
- Identity Provider SAML 2.0 URL (Single Sign-On URL)
- Identity Provider Issuer URL (Entity ID)
- Upload your Public X.509 Certificate file.
- Click the Continue button, a confirmation message is shown.
- Review the confirmation message and click the Proceed and Enable Single Sign-On button.
Important: If you, or any user, uses an email address, such as a personal account, that isn’t recognized by your company, then you will lose access and will no longer be able to log in to Threat Stack after you enable SSO.
- Success! You have enabled SSO for your organization. Click the Log Out button.
- Log back in to Threat Stack. You will be redirected to authenticate through your organization's IdP.
Validate SSO authentication workflows
IdP Initiated
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
SP Initiated
- Navigate to your Service Provider application URL.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.
