[Notification] We're upgrading the JumpCloud Support Center the week of September 30th.

Support Center

Single Sign On (SSO) with InVision

Important: This article contains out-of-date information. For current application information, see Connecting Applications with JumpCloud Using Pre-Built Connectors.



  • How to configure User authorization.
  • The email address between JumpCloud and InVision must match.
  • Non-existing users logging in with SAML will automatically provision a new InVision member with the first and lastname defined in JumpCloud. Note: If the existing users' name changes in JumpCloud, it does not propagate to an existing user in InVision.
  • The default role for new users must be defined with InVision support.
  • SP Initiated sign can enforce SAML only or allow native login with email/password, contact InVision support to configure this option.

Configure the JumpCloud SSO Application

  1. Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
  2. Select Applications in the main navigation panel.
  3. Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
  4. In the IDP Entity ID field, enter https://YOURDOMAIN.TLD (e.g., https://thebestwidgets.com).
  5. Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
  6. Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
  7. In the SP Entity ID field, enter https://YOURSUBDOMAIN.invisionapp.com.
  8. In the ACS URL field, enter https://YOURSUBDOMAIN.invisionapp.com/soo/auth.
  9. In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
  10. (Optional) In the Display Label field, enter a label that will appear under the Service Provider logo within the JumpCloud User console.
  11. Select Activate.
  12. Reopen the connector and select export metadata

Configure the Service Provider

  1. Open a support case with InVision and provide the metadata exported in the step above. They will confirm when SSO has been enabled for your InVision account.

Validate SSO authentication workflows

IdP Initiated

  • Access the JumpCloud User Console at https://console.jumpcloud.com.
  • Select the Service Provider icon.
  • This should automatically launch and login to the application.

SP Initiated

  • Navigate to your Service Provider application URL.
  • You will be redirected to log in to the JumpCloud User Portal.
  • The browser will be redirected back to the application and be automatically logged in.

Last Updated: Aug 20, 2019 09:48AM MDT

Related Articles
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found