Single Sign-On with JumpCloud

In this tutorial, you will learn how to integrate your Updraft Organization with your JumpCloud Users Directory through SAML. Please follow the next steps.

Step 1 - Obtain the SAML Provider Details from Updraft

Only Owner of an Updraft Organization is able to add an SSO Integration

Open your Account Settings as an Owner
Go to the Security Page
Click Add new SSO
Click CUSTOM SSO
You will see now your SAML configuration
Store them

Step 2 - Add a New App in JumpCloud Identity Provider

Open the Admin Dashboard of JumpCloud: https://console.jumpcloud.com/login/admin
Click on SSO Application.
Click on the circular + button, or, if this is your first application, click Get Started.

At the bottom of the screen, click Select in the Custom Application tile. Then, click Next.

On the Select Options tab, select the following.
- Manage Single Sign-On (SSO)
- Configure SSO with SAML
Click Next.

On the Enter General Info tab:
a. Add a name for the Display Label.
b. Click Save Application.

After your application is saved, click Configure Application.

On the SSO tab of the configuration modal:
a. Enter "getupdraft" in the SP Entity ID field.
b. Copy the Assertion Consumer Service URL from Updraft that you saved earlier and paste it into the ACS URL field. (https://getupdraft.com/saml2_auth/acs/)

c. Leave the SAML Subject NameID set to username.

d. In the SAMLSubject NameID-Format field, select urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified from the dropdown menu.

e. Set the Signature Algorithm to RSA-SHA256.

f. Select Sign Assertion and Response.

g. Select Checkbox Declare Redirect Endpoint

h. Add the following User Attributes:

email = email
username = email
first_name = firstname
last_name = lastname

i. Activate Group Attributes and enter "groups"

Download the Metadata XML File
Click Save

On the User Groups tab:
- Add a user group to the SSO application. If you want to restrict who can access the SSO app, create another user group in your JumpCloud console and assign it to the SSO app.

Step 3 `-` Upload the .xml metadata to your Updraft Organization

Click Choose File and select your Metadata XML file
Click Save

Step 4 - verify the integration

After following all the above steps, log in to your Updraft account to verify that you are now able to sign in with your Custom SSO (JumpCloud).

If the integration was successful:

If you are opening your subdomain.getupdraft.com/login page you will see the Login with Custom SSO Button
When your assigned Users click on the Login with SSO Button they will be redirected to the JumpCloud login page
upon successful authentication with JumpCloud, your users will be logged into Updraft automatically and redirected to the dashboard page of Updraft
A new account for your uses will be created in Updraft after they logged-in the first time
Now you can assign projects and apps to your users.

If you encounter any issues, please refer back to the previous steps or reach out to the support team for assistance.

PreviousSingle Sign-On with Microsoft Entra NextCustom SSO (SAML)

Last updated 1 month ago