SSO setup - JumpCloud (SAML2.0)

Splashtop now supports logging in to your Gateway and Splashtop On-Prem app using the credentials created by your SAML 2.0 identity providers. Please follow the below instructions to create an app from JumpCloud (https://jumpcloud.com/).

Create an app on JumpCloud console

1. Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com.

2. On the left sidebar, go to USER AUTHENTICATION -> SSO, then click Get Started or Add New Application to configure a new application.

3. Click Custom SAML App.

4. Under General Info, enter a Display Name (Display Label)

5. Under SSO, enter IdP Entity ID. IdP Entity ID is the unique, case-sensitive identifier used by JumpCloud for Gateway. Please ensure that the value you enter matches the Idp entity ID you configured on your Gateway's SSO configuration page.

6. Under SSO, enter SP Entity ID & ACS URLs manually or upload Service Provider Metadata.

  • SP Entity ID: onpremise.splashtop.com (Copy Entity ID in Add SSO Method from your Gateway).
  • ACS URLs: https://[Gateway Address]/api/saml/acs (Copy Assertion consumer service URL in Add SSO Method from your Gateway).
  • Service Provider Metadata: Download the Service Provider Metadata in Add SSO Method from your Gateway.

7. Add additional User, Constant, or Group attributes if you'd like to. Refer to SAML Attribute Notes for more information.

8. Click activate to save and activate the connector. After the application is activated, a public certificate and private key pair are generated for the application.

9. Open the application, under SSO, then click Export Metadata or Copy Metadata URL under Jumpcloud Metadata. To get the IDP Certificate, click on IDP Certificate Valid to reveal a dropdown, and then click on Download Certificate.

Assign users to the created app

1. Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com.

2. On the left sidebar, go to USER MANAGEMENT -> User Groups

Jumpcloud_Sidebar1_en-us.png

3. Click ( + ) to create a new group

4. Under Details, enter a Name for the group

5. Under Users, select the users you would like to use the service.

6. Under Applications, select the Splashtop application you just created.

7. Click save to save the group.

Apply for an SSO method from your Gateway

1. Go to your Gateway/management/Team Settings/Authentication/Single Sign-On tab to click Add SSO method. Select Jump Cloud as the IDP Type.

2 Check Import an XML file, then click Select to choose the Jumpcloud metadata file you downloaded earlier. 

3. Alternatively, Gateway also supports importing IDP metadata from URL. Check Import from URL, paste the Metadata URL that was copied from Jump Cloud, then click Import.

0 out of 0 found this helpful