This guide will walk you through the process of integrating JumpCloud with Timus using SAML 2.0 for secure Single Sign-On (SSO). Follow these steps to configure your JumpCloud application and complete the setup within Timus Manager.
1. Creating an JumpCloud Application
-
Navigate to Applications
- Log into
https://console.jumpcloud.com/login/admin
with your credentials. - On the left menu, go to SSO Applications.
- Log into
-
Create a New Application
- If this is your first application, click Get Started. Otherwise, click Add New Application.
- Search for SAML 2.0 in the application search bar and select it.
- Click Next and give your application a name in the Display Label field.
- You can also upload a custom logo for the app if necessary.
- Click Save Application.
2. Configuring SAML Settings
After saving, you will be directed to the configuration screen.
-
IdP Entity ID and SP Entity ID: Paste JumpCloud’s provided IDP URL (visible in the SSO tab).
-
ACS URLs: Default URL:
https://auth.timuscloud.com/user/external/saml
-
Subject NameID: Set NameID to
email
-
NameID Format: Select
urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified
-
Signature Algorithm: Set to
RSA-SHA256
-
Signing Option: Choose “Assertion and Response”.
3. Adding User Attributes
- Click Add Attribute to add required user attributes like
firstname
andlastname
.
4. Assigning User Groups
- Navigate to the User Groups tab and select the user groups that will have access to this SAML application.
- Click Save.
3. Configuring Timus Manager for SAML
-
Access Timus Manager:
- Sign in to Timus Manager.
- Go to Settings -> Integrations.
-
Manage SAML 2.0 Integration:
- Click Manage under SAML 2.0.
- Fill in the fields according to the mapping provided in the table below.
JumpCloud Name Timus Equivalent IDP URL Identifier IDP URL Service URL IDP Certificate X.509 Certificate Note: The IDP Certificate can be downloaded under the SAML Certificate section in JumpCloud. Make sure to use the Hex format certificate.
This completes the SAML configuration for JumpCloud with Timus. Your users can now authenticate securely through JumpCloud to access Timus applications.
4. Test the Application
- Once the configuration is complete, navigate to
console.jumpcloud.com/userconsole
with a test user. - Log in using the assigned user credentials.
- Click on the SAML application you just created.
- Ensure that the user is redirected to Timus, and the sign-in process completes without requiring separate credentials.
- If everything works as expected, the user will be successfully created in Timus, and subsequent logins can be done directly from Timus.
Note: Initial login must happen through JumpCloud’s application to create the user in Timus.
0 comments
Please sign in to leave a comment.