Integration
      Back to home
      1. Knowledge Base
      2. Installation and System Setup
      3. Integration

      JumpCloud LDAP Configuration

      Purpose

      This document provides step-by-step instructions for integrating JumpCloud SSO (SAML 2.0) with your custom application.

      Prerequisites

      Before you begin, ensure the following:

      • Admin access to the JumpCloud Admin Console
      • A custom application that supports SAML 2.0 authentication
      • A valid SSL certificate on your application
      • Access to modify the SAML configuration in your application

      Steps Involved

      Step 1: Create a New SSO Application in JumpCloud

      1. Log in to your JumpCloud Admin Console and navigate to SSO → Applications.
      2. Click on Add New Application.
        2

      3. Search SAML and select the SAML2.0 App.
        3
      4. Provide a name for your application (e.g., OvalEdge).
      5. Upload a logo (optional).
        4
      6. After submission, you'll be redirected to the SSO → Identity Management → User Group page.
        5


      Step 2: Configure SAML Settings

      1. Provide the required SAML configuration values:
        • SP Entity ID
        • ACS URL(s)
        • IdP URL
          6
      2. Select SSO and enter the required details as shown below.
        7

      Step 3: Configure Attribute Mapping

      1. Navigate to the User Attributes section in JumpCloud.
      2. Map the following attributes as needed:
        • email →email
        • firstName → firstname
        • lastName → lastname
        • (Optional) group → user.groups
      3. Click Save.
        8

      Step 4: Assign Users to the Application

      User Creation Process

      1. Provide the required user details and click Save.
      2. Navigate to the User Group section to assign the user to the appropriate group.
        9
      3. Provide necessary details and click Save.
        10

      Group Configuration

      1. Go to User Groups.
      2. Click the (+) icon, then provide the OvalEdge defined role in the Group configuration.
        11
      3. Then, go to the users and add a previously created user to this group.
        12-1
      4. Go to the application and add the above-created application as per the screenshot.
        13
      5. Click Save Group & Apply Changes.

      Step 5: Configure SAML in Your Custom Application

      1. Until the above configuration is done, then copy the METADATA URL as per the below navigated screenshot.
        14
      2. Go to oasis.properties and update the below configurations with the URLs configured above.
        15
      3. Once the above configuration is updated, add the parameter in setenv file as below. mentioned parameter -DOVALEDGE_SECURITY_TYPE=ldap
      4. Once it is done, then restart the service and check the logs. 

      Step 6: Test the SSO Integration

      1. Open a new incognito/private browser window.
      2. Navigate to your custom application's login page.
      3. Click Login with SSO.
        16
      4. Enter your JumpCloud credentials.
        17

      Step 7: Troubleshooting Common Issues

      1. Incorrect Credentials / Access Denied
        • Ensure the user is assigned to the application in JumpCloud.
        • Verify attribute mapping matches the required fields.
      2. Signature Validation Failed
        • Ensure the correct IdP Certificate is uploaded in your application.
        • Check that the SP Entity ID matches what is configured in JumpCloud.
      3. Redirect Loop / Infinite Login Attempts
        • Verify the ACS URL is correct.
        • Ensure the application correctly handles SAML authentication responses.

      Conclusion

      This process helps users integrate JumpCloud SSO with their custom application using SAML 2.0. They can now securely log in using their JumpCloud credentials.

                                                       Copyright © 2025, OvalEdge LLC, Peachtree Corners, GA USA