• Home
• Login with external IDP
• JumpCloud as IDP Setup Guide

Configure JumpCloud as SAML IDP for SSO

---

miniOrange Identity Broker service solution enables cross protocol authentication. You can configure JumpCloud as an IDP for Single Sign-On (SSO) into your applications/websites. Here, JumpCloud will act as an Identity Provider (IDP) and miniOrange will act as a broker.

We offer a pre-built solution for integrating with JumpCloud, making it easier and quick to implement. Our team can also help you set up JumpCloud as SAML IDP to login into your applications.

Prerequisite:

• To get started you need to have an active JumpCloud account with administrator rights for your organization.
• Get the miniOrange SP metadata that you will require in the first step. For this, go to the miniOrange Admin Console >> Identity Providers >> Add Identity provider. Under Choose Identity Provider, select SAML from the dropdown and go to SAML Provider. Then click on the Click here link.



• Click on Show metadata Details under For SP - Initiated SSO. Click on Download Metadata. You will require this in JumpCloud console at Step 1.

Steps to setup JumpCloud as an IDP and miniOrange as SP for SSO login

1. Configure miniOrange as Service Provider (SP) in JumpCloud

• Login to your JumpCloud Administrator Console.
• Click on Administrator Login.



• Login with your JumpCloud administrator Login credentials.



• Navigate to User Authentication >> SSO.



• Select the + in the upper left.



• Scroll down and click on Custom SAML App.



• Under General info tab, enter the following details:

Display Label Name	Enter a label for Service Provider.
Description	Enter description for your application.
Display option:	Upload a logo of your SP or select a color under color indicator.




• Under SSO tab, click on Upload Metadata under the Service Provider Metadata and upload the metadata file which you got from Prerequisites.




Attribute Mapping

• Under SSO tab, scroll down to Attributes section and enter the following entities.

Service Provider Attribute Name	JumpCloud Attribute Name
First Name	firstname
Last Name	lastname

• To add more attributes click on add attributes.
• Then click on save to save your application.





• To get the IDP metadata tick the application check box and click on export metadata.



• You have successfully configured JumpCloud as SAML IdP (Identity Provider) for achieving Single Sign-On.

2. Configure JumpCloud as Identity Provider (IDP) in miniOrange

• Go to miniOrange Admin console and navigate to Identity Providers in the left navigation menu. Then, click on Add Identity Provider button.



• In Choose Identity Provider, select SAML from the dropdown.



• Search for SAML Provider.



• Click on Import IDP metadata.



• Upload the XML metadata file that you downloaded from the JumpCloud in Step 1 using the Import IDP Metadata feature.
• Enter the IDP name as JumpCloud, select File as the IDP Metadata format and upload the XML file.
• Then click on the Import button.



• Your IDP metadata details will be auto-filled.
• Click on Save.

3. Test Connection

• Visit your Login Page URL.
• Go to Identity Providers tab.
• Search for your app, click the three dots in the Actions menu, and select Test Connection against the Identity Provider (IDP) you configured.



• On entering valid JumpCloud credentials (credentials of user assigned to app created in JumpCloud), you will see a pop-up window which is shown in the below screen.



• Hence your configuration of JumpCloud as IDP in miniOrange is successfully completed.

Configure Attribute Mapping

• Go to Identity Providers.
• Click the three dots in the Actions menu, and select Attribute Mapping against the Identity Provider (IDP) you configured.

• Attribute Type - USER
• Attribute Type - EXTERNAL

Maps information, such as email and username, during Just-In-Time (JIT) user creation. Email and Username attributes are necessary to create the user profile.

• Click on the + Add Attribute button to add the attribute fields.



• Check the attributes in the Test Connection window from the previous step. Choose any attribute names you want to send to your application under Attribute Name sent to SP.
• Enter the values of the attributes coming from IdP into the Attribute Name from IdP field on the Xecurify side.

EXTERNAL mappings help alter incoming attribute names before sending them to apps, ensuring that the data is in the correct format.

• Click on the + Add Attribute button to add the attribute fields.



• Check attributes in test connection window from last step. Enter the attribute names (any name) that you want to send to your application under Attribute Name sent to SP.
• Enter the value of attributes that are coming from IdP into the Attribute Name from IdP field on the Xecurify side.

External References

• Know More about Single Sign On
• SP-Initiated v/s IdP-Initiated SSO