Important: This article contains out-of-date information. For current application information, see Connecting Applications with JumpCloud Using Pre-Built Connectors.
- Generate a public certificate and private key pair.
- In order to successfully complete the integration between JumpCloud and UserEcho, you must use an administrator account in UserEcho.
- How to configure User authorization.
- SAML 2.0 Just-In-Time (JIT) user provisioning is supported by UserEcho.
Configure the Service Provider
- Log in to UserEcho as an administrator.
- Select on your display name in the upper right corner.
- Select Setup from the drop-down menu.
- Select **Integrations in the sidenav.
- Select Website.
- Select Single sign-on (SAML).
- In the SAML SSO URL field, enter
https://sso.jumpcloud.com/saml2/userecho(this is the default IdP URL).
- In the X.509 Certificate field, paste the contents of your public certificate.
- In the Label field, enter
- Select Save.
- Copy the ACS URL and the Metadata URL.
- Select Login settings.
- In the External system buttons list, check the box next to Single sign-on (SAML).
- (Optional) If you want the SAML SSO button to appear before those of other external login systems, use the arrows to move Single sign-on (SAML) to the top of the list.
- Select Save.
Configure the JumpCloud SSO Application
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
- Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
- In the SP Entity ID field, paste the Metadata URL you copied from the UserEcho configuration page (ex:
- In the ACS URL field, paste the ACS URL you copied from the UserEcho configuration page (ex:
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- (Optional) In the Display Label field, enter a label that will appear under the Service Provider logo within the JumpCloud User console.
- Select Activate.
Validate SSO authentication workflows
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
- Navigate to your Service Provider application URL.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.