Single Sign-On with JumpCloud

In this tutorial, you will learn how to integrate your Updraft Organization with your JumpCloud Users Directory through SAML. Please follow the next steps.

Step 1 - Obtain the SAML Provider Details from Updraft

Only Owner of an Updraft Organization is able to add an SSO Integration

  1. Open your Account Settings as an Owner

  2. Go to the Security Page

  3. Click Add new SSO

  4. Click CUSTOM SSO

  5. You will see now your SAML configuration

  6. Store them

Step 2 - Add a New App in JumpCloud Identity Provider

  1. Open the Admin Dashboard of JumpCloud: https://console.jumpcloud.com/login/admin

  2. Click on SSO Application.

  3. Click on the circular + button, or, if this is your first application, click Get Started.

  1. At the bottom of the screen, click Select in the Custom Application tile. Then, click Next.

  1. On the Select Options tab, select the following.

    • Manage Single Sign-On (SSO)

    • Configure SSO with SAML

  2. Click Next.

  1. On the Enter General Info tab:

    a. Add a name for the Display Label.

    b. Click Save Application.

  1. After your application is saved, click Configure Application.

  1. On the SSO tab of the configuration modal:

    a. Enter "getupdraft" in the SP Entity ID field.

    b. Copy the Assertion Consumer Service URL from Updraft that you saved earlier and paste it into the ACS URL field. (https://getupdraft.com/saml2_auth/acs/)

c. Leave the SAML Subject NameID set to username.

d. In the SAMLSubject NameID-Format field, select urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified from the dropdown menu.

e. Set the Signature Algorithm to RSA-SHA256.

f. Select Sign Assertion and Response.

g. Select Checkbox Declare Redirect Endpoint

h. Add the following User Attributes:

  • email = email

  • username = email

  • first_name = firstname

  • last_name = lastname

i. Activate Group Attributes and enter "groups"

  1. Download the Metadata XML File

  2. Click Save

  1. On the User Groups tab:

    • Add a user group to the SSO application. If you want to restrict who can access the SSO app, create another user group in your JumpCloud console and assign it to the SSO app.

Step 3 - Upload the .xml metadata to your Updraft Organization

  1. Click Choose File and select your Metadata XML file

  2. Click Save

Step 4 - verify the integration

After following all the above steps, log in to your Updraft account to verify that you are now able to sign in with your Custom SSO (JumpCloud).

If the integration was successful:

  1. If you are opening your subdomain.getupdraft.com/login page you will see the Login with Custom SSO Button

  2. When your assigned Users click on the Login with SSO Button they will be redirected to the JumpCloud login page

  3. upon successful authentication with JumpCloud, your users will be logged into Updraft automatically and redirected to the dashboard page of Updraft

  4. A new account for your uses will be created in Updraft after they logged-in the first time

  5. Now you can assign projects and apps to your users.

If you encounter any issues, please refer back to the previous steps or reach out to the support team for assistance.

Last updated