Single Sign-On (SSO) with JumpCloud

Single Sign-On (SSO) with JumpCloud streamlines the authentication process, providing a secure and efficient way for users to access Decube without the need for separate login credentials. By integrating JumpCloud SSO, you can enhance security, simplify user management, and improve the overall user experience.

Benefits

• Enhanced Security: Centralised authentication reduces the risk of password-related breaches.

• Simplified User Management: Manage user access and permissions from a single JumpCloud console.

• Improved User Experience: Users can log in to Decube using their existing JumpCloud credentials.

Prerequisites

Before you begin, ensure you have the following:

• A JumpCloud account with administrative privileges.

• Able to login to JumpCloud Admin Portal.

• Decube user with admin privileges.

Steps to Connect JumpCloud to Decube

1. Creating a Custom Application on JumpCloud Admin Portal.

2. Copy Metadata URL from JumpCloud Admin.

3. Upload Service Provider Metadata (Decube) to JumpCloud.

4. Save and Activate JumpCloud SSO on Decube.

Creating a Custom Application On JumpCloud Admin Portal

1. Navigate to JumpCloud Admin Portal and login using your credentials.

2. Under "User Authentication" navigate to "SSO Applications".

3. Select "+ Add New Applications".

4. Upon clicking on "+ Add New Applications", choose "Custom Application" as an application you would like to integrate.

5. Upon selecting on "Custom Application", user will be prompted to the next step, select "Next" to continue.

6. On the list of features you would like to enable , check "Manage Single Sign On (SSO)". Select "Next" to continue the process.

7. Provide your application a Display label, logo (optional) and description, click on "Save Application" to complete the process.

Copy Metadata URL from JumpCloud Admin Portal.

1. To Copy Metadata URL from JumpCloud Admin Portal, navigate to your newly created Applications under the SSO tab.

2. Go to the "SSO" tab, scroll down, and make sure the SAMLSubject NameID Format is set to urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

2. Scroll up and select "Copy Metadata URL".

3. Paste the previously copied Metadata URL into the field in Step 2 to begin importing the JumpCloud Metadata. Then, select "Fetch Metadata" to verify the validity of the copied URL.

Upload Service Provider Metadata (Decube) To Jumpcloud.

1. After fetching the metadata from JumpCloud, download Decube's SP (Service Provider) metadata by clicking on the "Download XML" Option.

2. Once Decube's SP Metadata has been downloaded, return to the JumpCloud Admin Portal. In the Single Sign-On Configuration section, upload Decube's SP Metadata by choosing the "Upload Metadata" option.

Click on "Save" to save your JumpCloud SSO Configuration.

Save and Activate JumpCloud SSO on Decube

1. After all the above steps is completed, navigate back to Decube and you may activate and enable JumpCloud SSO for our organisation by clicking on "Verify and Save".