- A public certificate and private key pair are required to successfully connect applications with JumpCloud. After you activate an application, we automatically generate a public certificate and private key pair for you. You can use this pair or upload your own.
- Learn how to manage certificates and private keys.
- Learn how to generate a public certificate and private key pair.
- Your domain must be verified with Atlassian. Refer to Atlassian support and documentation for instructions and other restrictions using SAML.
- SAML workflow requires that the email address be the same between Atlassian and JumpCloud.
- After you connect an application to JumpCloud, you can connect it to user groups. Users in the groups you connect can access the application through SAML SSO. Learn how to connect user groups to applications.
- Atlassian is currently allowing SAML for customers as an open BETA trial.
- In order to complete SAML configuration, contact Atlassian support and request "Atlassian Account" be enabled.
- If there are issues after enabling SAML, go to
https://id.atlassian.com/login?saml=falseto log in with Atlassian account credentials and correct any problems.
Configure the JumpCloud SSO Application
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, then select 'configure'.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- In the IDP Entity ID field, enter
- If different from the default values, enter the appropriate settings for SP Entity Id and ACS URL provided by the Service Provider.
- In the Default Relaystate, enter your Atlassian site URL.
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- (Optional) In the Display Label field, enter a label that will appear under the Service Provider logo within the JumpCloud User console.
- Select Activate.
Configure the Service Provider
- In the Identity provider Entity ID field, enter the same IDP Entity ID used in the JumpCloud configuration.
- In the Identity provider SSO URL field, enter the IDP URL used in the JumpCloud configuration.
- In the Public x509 certificate field, paste the contents of the cert.pem file generated according to the above prerequisites.
- Select Save configuration.
Validate SSO authentication workflows
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
- Navigate to your Service Provider application URL.
- Enter your email address.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.