Important: This article contains out-of-date information. For current application information, see Connecting Applications with JumpCloud Using Pre-Built Connectors.
- How to configure User authorization.
- Service provider instructions: https://www.docebo.com/knowledge-base/saml/
- If any instructions for configuring the service provider conflict with the service provider's documentation, assume the service provider is correct unless otherwise noted.
Configure the JumpCloud SSO Application
- Access the JumpCloud Administrator Console at https://console.jumpcloud.com.
- Select Applications in the main navigation panel.
- Select the + in the upper left, scroll or search for the application in the 'Configure New Application' side panel, the select 'configure'.
- You can upload a service provider application's XML metadata file to populate SAML connector attributes for that application. The attributes populated by the metadata file may vary by the application. To apply a metadata file for the application you're connecting, click Upload Metadata. Navigate to the file you want to upload, then click Open. You'll see a confirmation of a successful upload. Be aware that if you upload more than one metadata file, you'll overwrite the attribute values applied in the previously uploaded file.
- In the IDP Entity ID field, enter
- Select Upload IdP Private Key and upload the private.pem file generated according to the above prerequisites.
- Select Upload IdP Certificate and upload the cert.pem file generated according to the above prerequisites.
- In the SP Entity ID field, enter a unique identifier which will be sent as the Audience in the SAML assertion.
- In the field terminating the IdP URL, either leave the default value or enter a plaintext string unique to this connector.
- (Optional) In the Display Label field, enter a label that will appear under the Service Provider logo within the JumpCloud User console.
- Select Activate.
- Select the connector and select the export metadata button. Open the file in a text editor for use in the below steps.
Configure the Service Provider
- Contact Docebo support to enable the third party SAML 2.0 integration for your organization.
- Open the Admin Menu from the gear icon in the header. Under Apps & Features > SAML Settings, select Settings.
- Select the Active checkbox.
- In the Identity Provider ID field, enter the value used in the IDP Entity ID field when configuring JumpCloud above.
- In the XML Metadata field, paste the contents of the exported metadata obtained from the JumpCloud configuration.
- In the Username Attribute, enter username.
- For Unique Field, select Username.
- SSO Behavior (Optional)
- Leave Logout Behavior unchecked.
- Download the SP Metadata if desired, this will not be used for any further setup with JumpCloud
- User Provisioning (optional), Select Enable (recommended). Add the following Field name to Attribute Statement mappings (Begin typing the field name in the Add fields box and it should autocomplete):
- First name <--> firstname
- Last name <--> lastname
- E-mail <--> email
- Username <--> username
- Select Save Changes.
Validate SSO authentication workflows
- Access the JumpCloud User Portal at https://console.jumpcloud.com.
- Select the Service Provider icon.
- This should automatically launch and login to the application.
- Navigate to your Service Provider application URL.
- Automatic redirection depends on the settings selected during Service Provider setup.
- The browser will be redirected back to the application and be automatically logged in.